Tuesday, August 13, 2013

Huawei hg8247 hack

I was playing with my router and here I'll give nice howtos if you are newbie

So we've got huawei hg8247 router. I got it from totalplay company in Mexico. Login pair is root/admin

There's one more user - admin, is another web interface user with extended permissions . To get its password we need to connect by telnet to the router.

Usually Telnet is disabled for LAN or WLAN . So an easear way I found is: 
- go with root/ admin username to web interface, in wan status I got my nat ip and connected by nat ip from my friend who has same ISP using root/admin or admin/root telnet credentials.

You need to get plain text password from one of XML configs. Now they encrypt it,
But there's a way to get plain text XML

Go to web interface , management and click config backup button. Don't even try to download config - is restricted. Backup will make a copy of XML file in /mnt/jssf2 dir on router

So open telnet, connect by nat . Use windows! I got trouble using shell with Mac . They say router has buggy busybox version installed.

Type : shell and than watch config with vi or cat. Last lines of file.

IMPORTANT: if VI doesn't work use "show text /mnt/jssf2/whatever"

Changing macs: ifconfig wan0 hw 00:00:00:00:00 or whatever

When you got the password simply login to your web interface, than you can go and find in settings of security OLT management and turn on telnet from LAN and disable it from wan

Don't forget to disable TR069 otherwise config will be overwritten :)

Playing with your GPON can break your config :) so take care


Mitotalplay

Have no idea how they develop web pages here in Mexico . There's a bug over bug. Login to your account, click My account button , open firebug and change account number in a hidden field. Set new password and capcha. Save

We've just changed password of other account

Lol

Friday, August 9, 2013