ZTE ZXHN H108N exploit is useless

[minanagehsalalma]

it worked and exploited my ZTE ZXHN H108N router through telnet but then what how can i get the admin password ? here is the available options from telnet i have tried all of them but non give the admin password

[0BuRner]

No getting the admin password doesn't mean the exploit is useless...

[AlexHilgertBRA]

When you're in telnet, you're limited to its options. In devices I've got for example, I haven't seen an option to "dump" the password, however, I can always change it. Additionally, I don't know what exploit you've used, but reinforcing what was said, if you can "break into it", I think it does mean that that exploit was successful for its purpose.

[minanagehsalalma]

@AlexHilgertBRA i agree with you. but what can i do with it . even there no option to change the admin password

[AlexHilgertBRA]

@minanagehsalalma I think you'll need to go into all options to see if you can find it, generally I found it in "sys" or "set", so I recommend you to just enter this commands without parameters to see all options available.

PS.: If there's no option to change it, so I think I couldn't help about it.

[minanagehsalalma]

@AlexHilgertBRA thanks. There no option to change it . thank you for your time 😊😊

On Nov 12, 2017 10:11 PM, "Alex Hilgert" notifications@github.com wrote:

@minanagehsalalma https://github.com/minanagehsalalma I think you'll need to go into all options to see if you can find it, generally I found it in "sys" or "set", so I recommend you to just enter this commands without parameters to see all options available.

— You are receiving this because you were mentioned.

Reply to this email directly, view it on GitHub https://github.com/reverse-shell/routersploit/issues/347#issuecomment-343763673, or mute the thread https://github.com/notifications/unsubscribe-auth/ATmETrCsKZUH9Ny62ObsbaTARt2l3rqpks5s11DdgaJpZM4QaqX_ .

[AlexHilgertBRA]

@minanagehsalalma No problem.

[minanagehsalalma]

😘

On Nov 12, 2017 11:07 PM, "Alex Hilgert" notifications@github.com wrote:

No problem.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/reverse-shell/routersploit/issues/347#issuecomment-343767778, or mute the thread https://github.com/notifications/unsubscribe-auth/ATmETseWoAejV44_VBILCbJaDW3rcac9ks5s114MgaJpZM4QaqX_ .

[lucyoa]

You can try to escape this limited environment. What you get after authentication via telnet service is interface provided by custom made binary than almost always use other tools to configure device. You try to inject payloads like ;/bin/sh into commands parameters etc.

[minanagehsalalma]

@lucyoa didn't work .is there any tutorial video

[Ahmed1262005]

hey you can change the wifi password

[minanagehsalalma]

hey you can change the wifi password

Yup ... type the password after wpapsk in your commend .... and don't forget to save ... but it's a lot better and easier to do it using the router page .

[mouaiz123]

hello bro. i cant use this exploit with my router

[Ahmed1262005]

hello bro. i cant use this exploit with my router what is your router model?

[hh55gg]

cat /var/tmp/db_backup_cfg.xml وبعدين sendcmd 1 DB p DevAuthInfo