#Zumbi blocks ultimate custom download#
Starting web page for DAP-2310 (requesting credentials page): Attempt to reboot the DWL-2100AP via WGet (direct URL): wget (ANSI_X3.4-1968) -> (UTF-8) Object Not FoundThe requested URL '/html/HomeWizard.html' was not found on the RomPager server.Return to last page Starting web page for DWL-2100AP (after inputing credentials): If I try to download it with curl (whether be it using -u username:password or not): The OvisLink model does not ask for password, but the Buffalo does, and Lynx request it OK as it must.Ĭommands: Use arrow keys to move, '?' for help, 'q' to quit, 'įunction JumpToHmain()tTimeout('JumpToHmain()',1) Authentication should be the first step on both devices, but Lynx does not ask me for it. Lynx does not report of any need to accept cookies when browsing to DWL-2100AP. The WireShark/TCPDump capture for the reboot attempt shows a GET to with the description Authorization: Basic XXXXXXXXXX and just below Credentials: admin:MyEditedPassword. User-Agent: Mozilla/5.0 (X11 Linux armv7l rv:38.0) Gecko/20100101 Firefox/38.0 Iceweasel/38.6.0Īccept: text/html,application/xhtml+xml,application/xml q=0.9,*/* q=0.8Īuthorization: Basic YWRtaWAAAAAhQXBpYQ= This is the capture for the moment of the login: GET /html/HomeWizard.html HTTP/1.1 and then I try WGet with -post-data for RpWebId=3c268b4c and FlagForReboot=&Submit=+Restart+ : ~$ wget 192.168.1.232/Forms/RESET_Switch -post-data='RpWebId=3c268b4c' -post-data='FlagForReboot=&Submit=+Restart+'Ĭonnecting to 192.168.1.232:80. part, ending on Q= (The AAAAA is mine, in order to obscure the real password). This is my attempt (see JigglyNaga answer) to access the reboot device page via CURL without sending the FlagForReboot data: $ IP_ADDRESS=192.168.1.232 If I do echo YWRtaWAAAAAhQXBpYQ= | base64 -decode the shell gives me admin:MyPassword.
Var Msg='Device will reboot and web will be disconnected! Continue?' Īnd this is its TCPDump capture (the part that seems relevant) for that moment, as shown on WireShark: Frame 4: 517 bytes on wire (4136 bits), 517 bytes captured (4136 bits)Įthernet II, Src: 00:00:00_00:09:77 (00:00:00:00:09:77), Dst: D-LinkIn_24:f7:6d (c8:d3:a3:24:f7:6d) alert("Switch is rebooting and Web will be disconnected!") $ curl -b "$COOKIE" -u "admin:MySecretPassword" -data "FlagForReboot=&Submit=+Restart+" $IP_ADDRESS/html/MntRestartSystem.html $ curl -b "$COOKIE" -u "admin:MySecretPassword" $IP_ADDRESS/html/MntRestartSystem.htmlĪnd this one sending the FlagForReboot data (I would swear they are the same): $ IP_ADDRESS=192.168.1.232
0 kommentar(er)
