TP-Link: WebMuzzle Hack

R

Ruslan Fedorov2012-10-24 01:31:37

linux

Ruslan Fedorov, 2012-10-24 01:31:37

Given: TP-Link WR1043N home router with a hacked web muzzle. The firmware is original.
Statement of the problem: Get access to the webmord or access to the FS (for writing) saving the password and settings . An exploit

was found that allows you to get any file from the FS. I pulled /etc/shadow and /etc/passwd. I was immediately confused by /etc/shadow: it is exactly the same (at least the hash: I did not check each letter, but they are very suspiciously similar) as in the exploit screenshot from the link above. Through completely non-cunning manipulations, it was obtained that the password for root and Admin is 5up

. But, as expected, it does not fit the webmord. OK. Probably the user data of the web interface is stored somewhere else. Where? Due to my inexperience, I do not see the ability to view the contents of directories.

The router does not respond to telnet, there is no ssh in the standard firmware.

Knowledgeable people, help with advice! :)

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

M

max_rip, 2012-10-24
@max_rip

Try digging around here www.tp-link.com/resources/gpl/150Router.tar

X

xsash, 2012-10-24
@xsash

forum.tp-linkru.ru/viewtopic.php?f=22&t=313&start=60
should help on where to put these passwords