Category Archives: Gadget

blog2SMS – Aplicatie de trimis SMS’uri din blogul tau

Cu chiu, cu vai, am lansat varianta beta a aplicatiei blog2SMS. In momentul de fata inscrierea este gratuita si contul este incarcat cu 12 mesaje internationale gratuite. In curand o sa vin si cu un tutorial ceva mai consistent, si, de ce nu, poate cu o oferta pe masura.

Pana atunci, spread the word!!!

PS: Ca sa beneficieze cat mai multa lume de serviciul acesta, m-am simtit obligat sa limitez crearea conturilor duplicat prin asocierea lor cu un numar de telefon.

PS: Stay tooned, more cool stuff to come!

To dos:
-add disclaimer
-change interface
-create API
-add translations

Easy Belkin F5D7234-4 v5 hack (FW: 5.00.12 )

After digging a little into my wireless router (the above mentioned), I noticed a tiny flaw that could easily be used to bypass the authentication and get access to system administration.

The router actually stores the md5 hash of the password in a variable which, in some situations, can be seen in the source code of the pages that we’re fed. One of the best example would be this one: http://192.168.2.1/login.stm (change 192.168.2.1 with your router’s ip). When you enter your password the script inside will md5 hash it and send it to your router for approval. All we have to do is exchange the hashes and send the real one to be compared to.. guess what, itself :D . I did this using Opera this way (it handles on-the-fly modifications of pages very well):

1. opened the following page: http://192.168.2.1/login.stm, right clicked on it and then chose Source from the drop-down menu.

2. now take a look at the code; you’ll see a lot of interesting stuff over there (even more interesting if you were looking at http://192.168.2.1/status.stm), but what really matters is the following code:

var password = “c46335eb267e2e1cde5b017acb4cd799″;

&

//Encrypt password
if(typeof(bEncPassword) != ‘undefined’)
{
document.tF.pws.maxLength = 32;
document.tF.pws.value = hex_md5(document.tF.pws.value);
}
//document.tF.submit();
return true;

We now have all we need to proceed; just replace “hex_md5(document.tF.pws.value)” with  “password” (without quotes) and apply the changes made in the source (upper left corner); we’re now ready for the next step:

3. return to your starting page and simply click Submit. You’ve bypassed the security password and got access to the router.

 

This is useless if you have direct access to the router and you don’t mind resetting it.

The question are:

  1. Why would you still do it?
  2. How would you automate the process?

 

 

Disclaimer:

The information provided here should only be used for educational and social purposes. The author cannot be held responsible under any circumstances. Do not try this on someone else’s hardware. Actually.. don’t try it at all! :D