ZTE680 Hardware V4.0 (V2?) Hack

TOP meneame.net

I just got recently installed my first FTTH router (pepephone, but same model is used in masmovil and jazztel) and as any network engineer I wanted to have full access to the router. Looking over the vast internet I found a blogpost that used a USB with a symlink to smb.conf so it can be edited to add exec parameters to execute an downloaded busybox to open an alternative telnetd but the article had a big problem that make it imposible to work on my router: the F680 of the article has an ARM architecture. My router has MIPS instead. This is important to know beforehand if using external-downloaded busybox binaries. In the end I skipped the busybox hack to directly allow admin telnet connection instead the buggy limited one. This is how I did it, I will assume that router has IP address

  1. Using any windows, format any pen-drive in NTFS.
  2. Using any linux, mount the NTFS formated pen-drive, change directory to the mounted path and do the following symlink:

    ln -s /var/samba/lib/smb.conf .

  3. Plug the pen-drive in the router. Ensure Samba Service is enabled.
  4. Connect to \\ This is a tricky part because the router only has SMBv1 which has been disabled since the WannaCry mess. I used my mac to connect to smb://samba@
  5. If ecerything is going fine you will see the smb.conf file in the connected shared. This part is tricky too because in windows you can only edit it with notepad++. In mac textedit and vi failed both to properly edit the file so I ended doing the following:
    echo "[global]
      guest account = root
      deadtime = 5
      log level = 0
      server string = Samba Server
      security = share
      load printers = no
      workgroup = workgroup
      short preserve case = yes
      preserve case = yes
      netbios name = smbshare
      comment = samba share dir
      read only = no
      guest ok = yes
      guest only = yes
      short preserve case = yes
      preserve case = yes
      max connections = 3
      path = /mnt
      exec = sendcmd 1 DB set TelnetCfg 0 UserTypeFlag 0; sendcmd 1 DB save
      comment = samba share root
      read only = no
      guest ok = yes
      guest only = yes
      short preserve case = yes
      preserve case = yes
      max connections = 3
      path = /" > /Volumes/samba/usb1_1/smb.conf

    This router version only has one USB so the path ‘usb1_1′ should be fine. The differences between the original file and this version are the guest account = root and the root share, which includes a exec to change telnet behaviour. Actually the root share is just to mess with root file system but not really needed.

  6. Without disconnecting the actual share or rebooting the router (changes will be lost!) open a new connection to the router (shares samba or root will be fine).
  7. Now the telnet should be in admin mode. Try connecting to with username root and password Zte521. Congratulation! you should now have an unlimited telnet inside the router.
  8. To be able to connect as admin in the web interface do a sendcmd 1 DB p DevAuthInfo in the telnet session and search for the admin password. The admin password is a pre-router generated password so is unique to your router.

I also wanted to do a full unencrypted dump of the configuration so in the telnet terminal do the following:

for i in `sendcmd 1 DB p | awk ‘{print $2}’`; do echo $i; sendcmd 1 DB p $i; done

Prepare for a extensive dump of data.

Also you can download a precompiled busybox-mips and win some commands as vi, uname and netstat.

<< Volver

9 comments to “ZTE680 Hardware V4.0 (V2?) Hack”

  1. Comment by vinicio:

    username root and password Zte521 does not work

  2. Comment by Francesc:

    i connect, but when i have todo anything:
    /bin/sh: Access Denied
    i can’t do anything.
    can you help me, please.

  3. Comment by Ferriol:

    I can’t access at samba service, with my debian I tried to access at smb://samba@ but password is required and I don’t know. Do you know how to connect with the samba server?

  4. Zen Comment by KaR]V[aN:

    I’m afraid that your router got firmware update and this vulnerability is now closed.

  5. Comment by Julio:

    This information is useless. Does not me or everybody else.

  6. Zen Comment by KaR]V[aN:

    Hello Julio. As I already stated, this worked on a certain hardware revision and certain firmware version. Some update patched it so it stoped from working. The best you can do is to not use ISP’s routers and put your own.

  7. Comment by Kulakwegiave:

    In addition, an Ad verse Benefit Determination, additionally includes an Adverse Determination. The location of the bleed will help decide the type of radiologic testing that ought to be accomplished. Dietary vitamin K influences intra-particular person variability in anticoagulant response to warfarin medicine that makes you poop cheap 35 mg actonel amex.
    Pathological options of pituitary carcinomas are not distinct from these of typical or aggressive tumors, Pituitary carcinomas are defined as tumors with craniospinal and/or systemic metastases. The protein is expressed as a single chain precursor which is proteolytically cleaved right into a trimer of alpha, beta, and gamma chains prior to secretion. If this isn’t potential, judicial proceedings might be instituted to return the kid to Venezuela or to reinstate the effective visitation schedule allergy symptoms negative allergy test discount promethazine express. Naval Flight Surgeon’s Manual Molluscum Contagiosum Molluscum contagiosum is a worldwide disease, affecting primarily kids and younger adults. Vitamin B6 helps in liver detoxification, and its deficiency causes liver dysfunction four]. Terefore, the overall result of a parasite infection is usually a very complex suite of immunobiological processes androgen hormone symptoms 0.2 mg flomax amex. It is time as people of God to ascertain the dominion of God in the earth or we’re going to continue to establish the dominion of Satan and supply that to the future of mankind. Cisplatin-induced lengthy-term listening to impairment is associated with specific glutathione s-transferase genotypes in testicular cancer survivors. Obviously, a chilly environ ment could exacerbate the condition; particularly within the extremities, acrocyanosis due to agglutination of red cells may be observed in the small vessels will xray show arthritis in neck trusted piroxicam 20mg. D 8944 1228 thirteen Impaction grafting of femur (not larger trochanter), particularly for contained femoral defects with Exeter stem, add. Virus isolation from stool or infections rubella, not often papulovesicular cerebrospinal fluid; comple or petechial. The income made by camp canteens shall be used for the advantage of the prisoners; a particular fund shall be created for this purpose essential oils for arthritis in dogs discount 200 mg plaquenil free shipping.
    At 14 weeks, a hundred% of the lesions had been hyperplasias; at 34 weeks the types and frequencies of lesions ranged from hyperplasia (fifty seven%), adenoma from hyperplasia (18%), adenoma (14%), carcinoma from adenoma (zero%), carcinoma (eight%) to microcarcinoma (three%). The sequencing of the human genome and the evaluation of 452 important proteins in the blood have profoundly impacted biopharmaceutical analysis and are yielding essential new instruments medicines for understanding and treating a variety of situations. To assist us in making certain that all data you’ve submitted for the chemical are correctly coded and assigned to your organization, please embody a listing of all synonyms, widespread and trade names, firm experimental codes, and other names which determine the chemical (together with “blind” codes used when a pattern was submitted for testing by business or educational services) fungus zapper cheap fulvicin 250 mg fast delivery. The soybean can also be a supply of many different vitamins, this case is broadly available, published by Gale Ecco in 2011 including vitamins and minerals. As opposed to different capillaries in the body, glomerular capillaries are highly permeable to water (hydraulic conductivity) and relatively impermeable to giant molecules. Implementation of universal testing for Lynch syndrome in sufferers with colorectal cancer blood pressure medication sweating purchase clonidine 0.1mg overnight delivery. Document the patients usual (longest held) industry to the extent that the data is on the market in the medical document. Identification These two viral diseases have marked similarities: Onset is sudden with chills, headache, fever, ache in decrease again and limbs and severe prostration, often related to conjunctivitis, diarrhea and vomiting by the 3rd or 4th day. Distension of the uterine cavity was obtained utilizing saline solution and 137 the intrauterine strain was mechanically managed by an irrigation-suction digital gadget 138 (Endomat, Karl Storz, Tuttlingen, Germany) set at forty five mm Hg, being the balance of an irrigation 139 move round 200 mL/min and a vacuum of zero symptoms vaginal cancer order isoniazid 300 mg on line. These very strict provisions guarantee a protected and effective product for the buyer. Do exercise and self-management inter ventions benefit sufferers with osteoarthritis of the knee. History of variable respiratory symptoms Wheeze, shortness of breath, chest • Generally multiple kind of respiratory symptom tightness and cough (in adults, isolated cough is seldom as a result of asthma) Descriptors might vary between cultures and • Symptoms occur variably over time and differ in intensity by age menstrual cramps 8dpo buy lady era 100mg visa.
    A semiautomatic robotic process was developed for fast evaluation of a lot of samples. Am J Kidney Dis 1999;33: grade 2–three hematopoietic stem cell transplantation-associated 133–137. When they die, they depart a blank for awhile in a large circle, however there is no Westminster Abbey and no public mourning for them perhaps barely a biographical notice within the columns of the day by day papers thyroid nodules fatigue buy levothroid cheap.

  8. Comment by FrithjofTop:

    Action: Blocks serotonin re-uptake in the brain, resulting in J antidepressive activity and a elevating in motor exercise thresholds. Because there appears to be little distinction proton pump inhibitor is required to decrease the likeli between these brokers in efficacy or side impact profles, the hood of stricture recurrence. In Linxian, China, combined from randomised controlled trials57 59 have shown no supplementation with carotene, selenium, and relation between supplemental fibre or a food plan low in fat and tocopherol significantly decreased deaths from stomach high in fibre, fruit, and vegetables and recurrence of cancer, but no important profit was recorded with colorectal adenomas medications hair loss order 5 mg procyclidine visa.
    Pentavalent Liquid (Left thigh) Full dose 10 years 9 Months Measles Live attenuated / Freeze Measles zero. When it’s required Parkinsonism could hardly ever occur on a familial basis, and the because of incapacity, propranolol (60-240 mg daily orally) parkinsonian phenotype may outcome from mutations of sev could also be helpful. In Georgia, prisoners can obtain opioid in Mongolia by 2020 and to signifcantly lower the substitution remedy just for detoxifcation in some pre incidence of viral hepatitis, liver cirrhosis, and hepato trial detention amenities erectile dysfunction pills wiki purchase levitra_jelly 20 mg with visa. Sudden dying is commonly because of obstruction and rupture of the small intes tine and consequent peritonitis. Exacer Clusters of small cutaneous vesicles, virtually invariably in bated by mechanical contact. Wide spectrum of symptoms with many asymp essential danger issue for extreme disease and demise pain treatment for kidney infection cheap 500mg azulfidine free shipping.
    For instance, a therapist could describe the place and function of the gluteal muscular tissues and clarify why massaging them is related to the shopper’s remedy plan. Such patients are perma- the undifferentiated state without shedding pluripo- nently disabled, usually institutionalised and may tency is a unique characteristic that distinguishes require life support. I have been anxious or nervous for no good reason Yes, most of the time No, not at all Yes, quite often Hardly ever Only sometimes Yes, generally No, never Yes, fairly often *10 rheumatoid arthritis knuckles cheap generic diclofenac gel canada. Pregnancy and breastfeeding Pregnancy If you discover that you are pregnant during your treatment, or in case you are pregnant and plan to take this drugs, ask your doctor or well being care supplier for advice. Facial lacerations of secondary importance to airway problems, hemorrhage or forty eight hours after closure intracranial harm 5. The clinical examination previous ultrasound, with the palpation of an stomach mass, will assist during the ultrasound examination, in establishing the situation of the mass anxiety symptoms ringing ears buy generic tofranil 75mg on-line.
    Effects of a excessive-voltage electrical impulse and an anticancer drug on in vivo growing tumors. The international literature contains multiple methodologies and analysis criteria that identify permissible heavy metal values for soils that difer in magnitude (Table 7). Current administration/remedy Plasma removing has been efficiently employed in the therapy of hyperviscosity syndrome in Waldenstrom’s cholesterol lowering foods to eat order 10 mg zetia with amex. Am J Med a hundred: ter coronary heart-lung transplantation: implications for lung protection and 171 178, 1996. The results show a significant superiority of Hypericum extracts over placebo (mean response: Hypericum: 53. The incidence of keratocystic odontogenic tumours in nevoid basal cell carcinoma syndrome blood pressure low generic furosemide 100mg without prescription.
    It was first related to an outbreak of 318 circumstances and a case-fatality fee of ninety% in Zaire and triggered a hundred and fifty deaths amongst 250 circumstances in Sudan. A 4-zero silk traction suture handed via the conjunctiva and episclera close to the limbus at two factors one hundred eighty degrees aside supplies glorious positioning of the globe. Know that maternal hypercalcemia can cause neonatal hypocalcemia and the mechanism concerned 6 medications you cannot crush generic asacol 800 mg mastercard. This will make it simpler to hold your child so their neck, shoulders and back are supported and they can reach your breast easily. Kava and kava hepatotoxicity: requirements for novel experimental, ethnobotanical and scientific studies based mostly on a review of the evidence. Thirty-three of the 34 chloroform extracts showed important exercise in a disk diffusion assay, and five extracts had minimal inhibitory concentrations of sixty four g/ml bacteria evolution purchase tetracycline without a prescription.
    They may also be used as topical conrms that Pentasa 4 g/day is superior to placebo in reducing agents within the type of liquid or foam enemas, or suppositories. Sheep are relatively undemonstrative, and sick Poisonous vegetation and endoparasites animals might show few obvious indicators aside from Localisation of the affected animal to sure pasrecumbency and isolation. Surgical Management Hepatic resection may be performed when the first hepatic tumor is localized or when the primary web site could be utterly excised and the metastasis is restricted bipolar depression symptoms treatment buy anafranil amex.

  9. Comment by Juliandog:

    Спасибо всем кто не игнорил. Всех благодарю. Большое спасибо пользователю Admin