Follow along with the video below to see how to install our site as a web app on your home screen.
Anmerkung: This feature may not be available in some browsers.
if test -f /nvram/0/sys_setup.sh
then
# Start alternative system start up
source /nvram/0/sys_setup.sh
else
....
# Start up
if test -f /usr/sbin/nvread
then
enable_startup=`nvread 0.0.2 long`
if [ $enable_startup -ne 0 ]; then \
startup_file=`nvread 0.0.1 str`; \
fi
else
startup_file=
fi
libcommon_shared_db.so:00005200 00 00 00 0d 57 8a 95 8e 3d d9 33 fc 53 68 64 62 |....W...=.3.Shdb|
Nope. I think they've downgraded everybody who was operating the modem in bridge mode.you lucky guy
Did you ask KDG to downgrade the firmware?
[{"index":"0","band":"2.4G","wlsOnOff":"OFF","wlsMode":"5","wlsChannel":"0","id":"0","Cid":"0","band":"2.4G","ssidName":"HITRON-3BC0","securityMode":"2"}]
[{"dhcpOnOff":"Enabled", "leasetime":"86400", "dhcpStarIp":"192.168.2.10", "dhcpEndIp":"192.168.2.200", "privateLanIp":"192.168.2.1", "subMask":"255.255.255.0"}]
POST /goform/LocalIp HTTP/1.1
Host: 192.168.2.1
Connection: keep-alive
Content-Length: 228
Accept: application/json, text/javascript, */*; q=0.01
Origin: http://192.168.2.1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36
Content-Type: application/x-www-form-urlencoded
DNT: 1
Referer: http://192.168.2.1/index.html
Accept-Encoding: gzip,deflate
Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4
Cookie: userName=admin; password=; userid=
model: {"dhcpOnOff":"Enabled","privateLanIp":"192.168.2.1","subMask":"255.255.255.0","dhcpv4ModeInfo":"1"}
webcheck:
#!/bin/sh
HOST=192.168.2.1
USER=admin
PASS=password
echo BEGIN
curl --cookie-jar cookies.txt http://$HOST/login.html -s
echo LOGIN
curl --cookie cookies.txt --cookie-jar cookies.txt --data "usernamehaha=$USER&passwordhaha=$PASS" http://$HOST/goform/login -s
#!/bin/sh
HOST=192.168.0.1
USER=admin
PASS=pw
rm cookies.txt
curl --cookie-jar cookies.txt http://$HOST/login.html
curl --cookie cookies.txt --cookie-jar cookies.txt --data "usernamehaha=$USER&passwordhaha=$PASS" http://$HOST/goform/login
echo
USID=`grep -E -o "[0-9]{4,}" cookies.txt`´ # uid aus den cookies ziehen
echo USID: $USID
## ENABLE DHCP
curl "http://$HOST/goform/LocalIp" -H "Cookie: userName=$USER; password=$PASS; userid=$USID" -H "Origin: http://192.168.2.1" -H "Accept-Encoding: gzip,deflate" -H "Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4" -H "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36" -H "Content-Type: application/x-www-form-urlencoded" -H "Accept: application/json, text/javascript, */*;q=0.01" -H "Referer: http://192.168.2.1/index.html" -H "X-Requested-With: XMLHttpRequest" -H "Connection: keep-alive" -H "DNT: 1" --data "model="%"7B"%"22dhcpOnOff"%"22"%"3A"%"22Enabled"%"22"%"2C"%"22privateLanIp"%"22"%"3A"%"22192.168.2.1"%"22"%"2C"%"22subMask"%"22"%"3A"%"22255.255.255.0"%"22"%"2C"%"22dhcpv4ModeInfo"%"22"%"3A"%"221"%"22"%"7D&webcheck=userName"%"3D$USER"%"3B+password"%"3D$PASS"%"3B+userid"%3D"$USID" --compressed
# echo
## ENABLE WIFI
curl "http://$HOST/goform/Wireless" -H "Cookie: userName=$USER; password=$PASS; userid=$USID" -H "Origin: http://192.168.2.1" -H "Accept-Encoding: gzip,deflate" -H "Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4" -H "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36" -H "Content-Type: application/x-www-form-urlencoded" -H "Accept: application/json, text/javascript, */*;q=0.01" -H "Referer: http://192.168.2.1/index.html" -H "X-Requested-With: XMLHttpRequest" -H "Connection: keep-alive" -H "DNT: 1" --data "model=%7B%22index%22%3A%220%22%2C%22band%22%3A%222.4G%22%2CwlsOnOff%3A%22ON%22%2C%22lsMode%22%3A%225%22%2C%22wlsChannel%22%3A%220%22%2C%22id%22%3A%220%22%2C%22Cid%22%3A%220%22%2C%22ssidName%22%3A%22MEIN%20WLAN%22%2C%22securityMode%22%3A%222%22%7D&webcheck=userName"%"3D$USER"%"3B+password"%"3D$PASS"%"3B+userid"%3D"$USID" --compressed
# (geht nicht)
curl --cookie cookies.txt http://$HOST/goform/logout
echo
#!/bin/bash
HOST=${1:-192.168.2.1}
USER=${2:-admin}
PASS=${3:-password}
FORM=${4:-LocalIp}
MODEL=${5:-{"dhcpOnOff":"Disabled","privateLanIp":"192.168.2.1","subMask":"255.255.255.0","dhcpv4ModeInfo":"1"}}
urlencode () {
string=$1; format=; set --
while
literal=${string%%[!-._~0-9A-Za-z]*}
case "$literal" in
?*)
format=$format%s
set -- "$@" "$literal"
string=${string#$literal};;
esac
case "$string" in
"") false;;
esac
do
tail=${string#?}
head=${string%$tail}
format=$format%%%02x
set -- "$@" "'$head"
string=$tail
done
printf "$format\\n" "$@"
}
rm cookies.txt 2>/dev/null
# startseite laden
curl --cookie-jar cookies.txt http://$HOST/login.html >/dev/null # ref
echo && echo "[1/4] login page"
# einloggen
curl --cookie cookies.txt --cookie-jar cookies.txt --data "usernamehaha=$USER&passwordhaha=$PASS" http://$HOST/goform/login >/dev/null # login
echo && echo "[2/4] logged in"
# uid aus den cookies ziehen
USID=`grep -E -o "[0-9]{4,}" cookies.txt`
echo "[3/4] extracted cookies"
# Beispiel: DHCP ein/ausschalten
# model=`urlencode '{"dhcpOnOff":"'"$MODE"'","privateLanIp":"192.168.2.1","subMask":"255.255.255.0","dhcpv4ModeInfo":"1"}'`
# curl "http://$HOST/goform/LocalIp" -H "Cookie: userName=$USER; password=$PASS; userid=$USID" -H "Origin: http://192.168.2.1" -H "Accept-Encoding: gzip,deflate" -H "Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4" -H "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36" -H "Content-Type: application/x-www-form-urlencoded" -H "Accept: application/json, text/javascript, */*;q=0.01" -H "Referer: http://192.168.2.1/index.html" -H "X-Requested-With: XMLHttpRequest" -H "Connection: keep-alive" -H "DNT: 1" --data "model=$model&webcheck=userName"%"3D$USER"%"3B+password"%"3D$PASS"%"3B+userid"%3D"$USID" --compressed
# Versuch: WIFI ein
# model=`urlencode '{"index":"0","band":"2.4G","wlsOnOff":"ON","wlsKey":"testkeytest","wlsPass":"testkeytest","wlsPassword":"testkeytest","password":"testkeytest",wlsMode":"5","wlsChannel":"0","id":"0","Cid":"0","band":"2.4G","ssidName":"HITRON-3BC0","securityMode":"2"}'`
# curl "http://$HOST/goform/Wireless" -H "Cookie: userName=$USER; password=$PASS; userid=$USID" -H "Origin: http://192.168.2.1" -H "Accept-Encoding: gzip,deflate" -H "Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4" -H "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36" -H "Content-Type: application/x-www-form-urlencoded" -H "Accept: application/json, text/javascript, */*;q=0.01" -H "Referer: http://192.168.2.1/index.html" -H "X-Requested-With: XMLHttpRequest" -H "Connection: keep-alive" -H "DNT: 1" --data "model=$model&webcheck=userName"%"3D$USER"%"3B+password"%"3D$PASS"%"3B+userid"%3D"$USID" --compressed
# model2=`urlencode '{"index":"0","band":"2.4G","wlsOnOff":"Enabled","wlsKey":"testkeytest","wlsPass":"testkeytest","wlsPassword":"testkeytest","password":"testkeytest","wlsMode":"5","wlsChannel":"0","id":"0","Cid":"0","band":"2.4G","ssidName":"HITRON-3BC0","securityMode":"2"}'`
# curl "http://$HOST/goform/Wireless" -H "Cookie: userName=$USER; password=$PASS; userid=$USID" -H "Origin: http://192.168.2.1" -H "Accept-Encoding: gzip,deflate" -H "Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4" -H "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36" -H "Content-Type: application/x-www-form-urlencoded" -H "Accept: application/json, text/javascript, */*;q=0.01" -H "Referer: http://192.168.2.1/index.html" -H "X-Requested-With: XMLHttpRequest" -H "Connection: keep-alive" -H "DNT: 1" --data "model=$model&webcheck=userName"%"3D$USER"%"3B+password"%"3D$PASS"%"3B+userid"%3D"$USID" --compressed
# (geht nicht)
# echo && echo "[4/4] enabled WiFi"
model=`urlencode $MODEL`
curl "http://$HOST/goform/$FORM" -H "Cookie: userName=$USER; password=$PASS; userid=$USID" -H "Origin: http://192.168.2.1" -H "Accept-Encoding: gzip,deflate" -H "Accept-Language: de-DE,de;q=0.8,en-US;q=0.6,en;q=0.4" -H "User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36" -H "Content-Type: application/x-www-form-urlencoded" -H "Accept: application/json, text/javascript, */*;q=0.01" -H "Referer: http://192.168.2.1/index.html" -H "X-Requested-With: XMLHttpRequest" -H "Connection: keep-alive" -H "DNT: 1" --data "model=$model&webcheck=userName"%"3D$USER"%"3B+password"%"3D$PASS"%"3B+userid"%3D"$USID" --compressed
curl --cookie cookies.txt http://$HOST/goform/logout # logout
echo
0000 80 28 14 18 01 00 01 00 00 00 [u][b]b9[/b][/u] 00 57 77 73 77 .(..........Wwsw
0010 57 11 2b f3 5b 75 f3 33 57 7e 77 75 1b 73 34 d1 W.+.[u.3W~wu.s4.
0020 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0030 00 00 ..
/*
$ gcc -o hc -s -O3 hc.c -lcrypto
$ hc cmconfig.cfg cmconfig_plain.txt d # decrypting
$ hc cmconfig_plain.txt cmconfig.cfg e # encrypting
*/
#include <stdlib.h>
#include <stdio.h>
#include <openssl/des.h>
#define BUFFER_SIZE (8 * 1024)
#define RET_GOTO(code, marker) \
ret = code; \
goto marker;
// libhtx_db.so:00059B14
static DES_cblock hitron_key = {
0x57, 0x8A, 0x95, 0x8E, 0x3D, 0xD9, 0x33, 0xFC
};
void hitron_crypt(FILE *out, FILE *in, int enc)
{
size_t i, n = -1;
DES_cblock buffer[BUFFER_SIZE];
DES_key_schedule schedule;
DES_set_key_unchecked(&hitron_key, &schedule);
while((n = fread((void *)&buffer, sizeof(DES_cblock), BUFFER_SIZE, in)) > 0) {
for(i = 0; i < n; i++) {
DES_ecb_encrypt(&buffer[i], &buffer[i], &schedule, enc);
}
fwrite((void *)&buffer, sizeof(DES_cblock), n, out);
}
}
int main(int argc, char **argv)
{
int ret = EXIT_SUCCESS;
FILE *in = NULL, *out = NULL;
if(argc != 4) {
printf("Usage: hc in out d|e");
return EXIT_FAILURE;
}
in = fopen(argv[1], "rb");
if(in == NULL) {
printf("could not open file\n");
return EXIT_FAILURE;
}
out = fopen(argv[2], "wb");
if(out == NULL) {
printf("could not open file\n");
RET_GOTO(EXIT_FAILURE, close_in);
}
hitron_crypt(out, in, argv[3][0] == 'e');
fclose(out);
close_in:
fclose(in);
end:
return ret;
}
#!/bin/bash
DIR="/opt/hitron"
CFG="config"
HOST=192.168.0.1
LOGIN=admin
PASS=password
LOGIN_FORM=$(curl --cookie-jar $DIR/cookies.txt http://$HOST/login.html -s)
USER_FIELD=$(echo $LOGIN_FORM | perl -n -e '/\"(\w+)\":\$\(.#user_login.\)\.val\(\).*/ && print $1')
PASS_FIELD=$(echo $LOGIN_FORM | perl -n -e '/\"(\w+)\":\$\(.#user_password.\)\.val\(\).*/ && print $1')
LOGIN_STATUS=$(curl --cookie $DIR/cookies.txt --cookie-jar $DIR/cookies.txt --data "$USER_FIELD=$LOGIN&$PASS_FIELD=$PASS" http://$HOST/goform/login -s)
if [ "$LOGIN_STATUS" == "success" ]; then
curl --cookie $DIR/cookies.txt --cookie-jar $DIR/cookies.txt "http://$HOST/goform/Backup" -s -o $DIR/$CFG.enc
$DIR/hc $DIR/$CFG.enc $DIR/$CFG.cfg d
perl -p -i -e "s/wireless false/wireless true/g" $DIR/$CFG.cfg
$DIR/hc $DIR/$CFG.cfg $DIR/$CFG.enc e
curl --cookie $DIR/cookies.txt --cookie-jar $DIR/cookies.txt -F "filename=restore" -F "name=filename" -F "filename=@$DIR/$CFG.enc" "http://$HOST/goform/Restore" -s -o /dev/null
fi
Hi, deine dekodier Versuche der config datei wurden doch bereits hier gelöst.
Ich weiß nicht von wem das Programm stammt aber die Tribute gehören ihm/ihr:
Code:/*
Die anderen Parameter sollten sich aber auch in der entschlüsselten Config einstellen lassen.
remote_management_https false
remote_management_https_port 8181
remote_management_telnet false
remote_management_telnet_port 2323
remote_management_ssh false
remote_management_ssh_port 2222
remote_management_snmp false
remote_management_snmp_port 161
[B]wan1_remote_management_acl 0.0.0.0 255.255.255.255 00 true
fw_remote_management_allow_all true[/B]
fw_local_management_enable true
fw_local_management_rule http true
fw_local_management_rule https true
fw_local_management_rule telnet false
fw_local_management_rule ssh false
snmp_enable_lan false[B]
snmp_enable_wan true[/B]
webs_enable true
whoops, war ein ZahlendreherPS: 4.2.9.8 ist mir neu... ich habe 4.2.8.9-IMS-KDG