Hacking ZXHN H108N router and accessing the shell as root through Telnet, how to use Python to build your own tool and perform a brute-force attack. Part One: Shell over Telnet Hello good people. I was playing around with the ZXHN H108N (ZTE) for quite a while now, and to be honest, I have a lot to talk about here, but in this article, the topic is hacking ZXHN H108N router to access the shell, using the Telnet connection. Note: part two can be found here:.

ZTE ZXHN H108N R1A prior ZTE.bhs.ZXHNH108NR1A.k_PE Telnet Service Default Admin Password weak authentication. ZTE ZXHN H108N R1A router, version ZTE. And other sensitive details about the ZXHN H108N R1A. User names and password hashes can be. ZXHN H108N R1A, the Telnet. How about of hacking getting access into a ZTE ZXHN H108N router though web/telnet? Well thats not hacking, all password are default supplied by I S P (pointless to.

Note: Telnet port must be open for this scenario to work, usually port 23 is open for LAN connections, and filtered/close for WAN connection, also it is worth to mention that all the scripts below can run on both Linux/Unix, and Windows machines. Access Points (Wireless Home Routers) as you may already know provide lots of services, such as DHCP, DNS, Wireless connection, Firewall, and so on, these services must run on top of an OS, which is usually Linux, in fact I don’t know of an AP that runs on something different (if you disagree, please comment it down), the scenario here will describe my story step-by-step on how I managed to get root access to the OS, so this is not a tutorial, this is my story, my personal experience. Please note that I am by no means a ZTE tech. Guru, and as I mentioned before, I was just “curious”. Disclaimer: I shall not be held liable to and shall not accept any liability, obligation or responsibility whatsoever for any loss or damage may be caused by applying or implementing the attacks and/or commands describe hereunder. The information provided here is for educational purpose only, and you are not allowed to use any of these techniques to attack or even probe others, which if done, by-low this can be considered a crime.

This tutorial was written in June 2014, and posted somewhere else (including on my old blog), I reviewed everything and fixed some errors, I also created new scripts and hosted them online for public use. Scanning for Open Ports So, first thing to do is to scan the ports, detect the OS and get any other information available, for that I usually use nmap, but first let us see my connection information (as proper information gathering should be), please note that I am on a Linux machine, nevertheless I will explain how to get the same results on Windows machine when applicable. Getting my IP address using ifconfig command. Port Scanning Using nmap tool. International Financial Management Eun 7th Edition Pdf.

I used a fast scan (-F option) for no reason really well maybe just to make it faster, but a proper information gathering should check all ports (TCP and UDP). The -O flag is for OS detection (for more information about nmap command, please visit: ) As we can see in the results above, the OS is Linux 2.6.9-30 and there are three ports opened, one of them is port 23/tcp telnet, whenever I see telnet available I think to myself “This should be fun!” and it was! Gaining Access The next thing is to try and connect to the router using a Telnet client (if you are on Windows you should install it first by going to Control Panel >Programs and Features >Turn Windows feature on or off, anyway, here is the result from my first attempt to connect. Preparing the Dictionary. Crysis 2 Mod Sdk there. The Code The following code is a sample script of what I did (I will publish the tool later, which is way much faster than the script in this article). Access to the CLI.