Closed mcohrs closed 3 years ago
Log:
Connect attempt 1
<Response [200]>
Modem up
Authenticating
Splitting command up using semicolons
Sending command: sed -i 's#/root:.$#/root:/bin/ash#' /etc/passwd
Sleeping...
Sending command: echo root:root | chpasswd
Sleeping...
Sending command: sed -i -e 's/#//' -e 's#askconsole:.\$#askconsole:/bin/ash#' /etc/inittab
Sleeping...
Sending command: uci -q delete dropbear.afg
Sleeping...
Sending command: uci add dropbear dropbear
Sleeping...
Sending command: uci rename dropbear.@dropbear[-1]=afg
Sleeping...
Sending command: uci set dropbear.afg.enable='1'
Sleeping...
Sending command: uci set dropbear.afg.Interface='lan'
Sleeping...
Sending command: uci set dropbear.afg.Port='22'
Sleeping...
Sending command: uci set dropbear.afg.IdleTimeout='600'
Sleeping...
Sending command: uci set dropbear.afg.PasswordAuth='on'
Sleeping...
Sending command: uci set dropbear.afg.RootPasswordAuth='on'
Sleeping...
Sending command: uci set dropbear.afg.RootLogin='1'
Sleeping...
Sending command: uci -q set dropbear.lan.enable='0'
Sleeping...
Sending command: uci commit dropbear
Sleeping...
Sending command: /etc/init.d/dropbear enable
Sleeping...
Sending command: /etc/init.d/dropbear restart
Sleeping...
Sending command: uci set $(uci show|grep -m 1 fw3 -q print|egrep 'es -t filter -A zone_lan_input -p tcp -m tcp --dport 22 -m comment --comment "!fw3: .+" -j DROP'|sed -n's/^iptables.\+fw3: \(.\+\)".\+/\1/p'
|sed -n"s/(.+).name='.+'$/\1/p").target=ACCEPT
Sleeping...
Sending command: uci commit
Sleeping...
Sending command: /etc/init.d/firewall reload
Sleeping...
Please try a ssh connection now to 192.168.1.1 with username root and password root (change password immediately with passwd!) Rebooting your modem now is recommended to stop any services that have been disabled.
OK figured it out.
I didnt load the default config for the router ...
Im in now.
Thanks again heaps for this amazing tool!!!
Product Name MediaAccess TG789MYRvac v2 HP
Software Version 16.3
Firmware Version 16.3.7190-2761003-20170907085601
Firmware OID 59b0ed8197956f5626e64b9a
Bootloader Version 2.0.89
Bootloader OID unknown
Hardware Version VBNT-L
OS: Windows 10
Hi there, Thanks a lot for this tool. I believe that I have followed the steps correctly, however at the end of running the pyhton script without errors Im unable to login with root:root.
Ive tried it several times, also restored the router a few times without any luck.
Any input would be greatfully appreciated.
Thanks a lot in advance!