恩山无线论坛

 找回密码
 立即注册

QQ登录

只需一步,快速开始

搜索
查看: 104882|回复: 424

小米路由器 SSH 密码计算工具,开启小米SSH访问

    [复制链接]
发表于 2015-2-19 20:41 | 显示全部楼层 |阅读模式
1.刷开发版rom
到官方页面(http://www.miwifi.com)下载最新开发版
进入小米路由设置界面,路由设置—高级功能—路由器手动升级,选择刚才下载的bin文件,点击“上传并安装固件”


2.用U盘运行脚本开启SSH
ssh_rom.bin文件拷贝到U盘,注意:U盘格式需为FAT32
关闭路由器,然后拔出小米路由器电源,将U盘插入路由器。
用曲别针顶住reset并插入电源,等前面黄灯闪烁时可以松开reset键


3.用PuTTY建立连接
打开PuTTY,在Host Name输入路由IP,点击Open
这时会弹出提示询问是否记录主机密钥,点“是”,以后不再询问。
在login as后面输入“root”回车,password后面输入软件计算出的密码


小米路由器 SSH 密码计算工具
将ssh_rom.bin文件拷贝到U盘,然后长按RESET键进入U盘恢复模式。

QQ截图20150219202255.png
QQ截图20150219202306.png

ssh_rom.rar (459 Bytes, 下载次数: 1155)

评分

参与人数 13恩山币 +11 收起 理由
lzh + 1 赞一个,你是我的呕像!
692881875 + 1 强大的恩山!(以下重复1万次)
SkyTiger + 1 城会玩
枯心上人 + 1 一看就是觉得高端、大气、上档次!
caoyanglin + 1 土豪,我们做朋友吧!
devcang + 1 赞一个,你是我的呕像!
homer + 1 mini能用吗?
z54_007 + 1 泥马,真给力,我要顶!
sunyi5411 + 1 谢谢帖子很实用,十分奏效
hebo780111 + 1 土豪,我们做朋友吧!
jeoshell + 1 一看就是觉得高端、大气、上档次!
stllyd -1 刷了开发版,刷了ssh_rom.bin后用putty连接还是connection refused怎么办?
pokedragon + 1 土豪,我们做朋友吧!

查看全部评分

我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-2-19 21:02 | 显示全部楼层
看懂了教程,但不知道干啥用

点评

小米路由器 SSH 密码小米路由器 SSH 密码 这个说明小米不厚道用开源地东西。 还上锁。(??《》) 懂了吗??  详情 回复 发表于 2015-2-19 21:46
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-2-19 21:46 | 显示全部楼层
youai 发表于 2015-2-19 21:02
看懂了教程,但不知道干啥用

小米路由器 SSH 密码小米路由器 SSH 密码

这个说明小米不厚道用开源地东西。  还上锁。(??《》)

懂了吗??

点评

呵呵 ,它也有他的”合理“理由的啊,它称自己是二次开发,没义务开源的嘛  详情 回复 发表于 2015-11-21 15:25
79元买了小米MINI准备玩了  详情 回复 发表于 2015-2-22 10:33
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-2-20 02:27 | 显示全部楼层
iptvfans有个在线版本
http://www.iptvfans.cn/wiki/index.php/%E5%B0%8F%E7%B1%B3%E8%B7%AF%E7%94%B1%E5%99%A8%E5%AE%98%E6%96%B9SSH

http://www.iptvfans.cn/miwifi/passwd/


substr(md5(SN+"A2E371B0-B34B-48A5-8C40-A7133F3B5D88"), 0, 8)
STRINGLEFT(STRINGTRIMLEFT(STRINGLOWER(_MD5($SN & "A2E371B0-B34B-48A5-8C40-A7133F3B5D88")), 0x00000002), 0x00000008)

  1. #NoTrayIcon
  2. #Region
  3. #AutoIt3Wrapper_icon=..\..\..\WINDOWS\SYSTEM32\SHELL32.dll|-105
  4. #AutoIt3Wrapper_Outfile=C:\Users\言平\Desktop\新建 AutoIt v3 脚本.exe
  5. #AutoIt3Wrapper_Compression=4
  6. #AutoIt3Wrapper_UseX64=n
  7. #AutoIt3Wrapper_Res_Fileversion=0.0.0.0
  8. #AutoIt3Wrapper_Res_Fileversion_AutoIncrement=p
  9. #EndRegion
  10. #Region ACN预处理程序参数(常用参数)
  11. #PRE_Icon=
  12. #PRE_OutFile=
  13. #PRE_OutFile_Type=exe
  14. #PRE_Compression=4
  15. #PRE_UseUpx=y
  16. #PRE_Res_Comment=
  17. #PRE_Res_Description=
  18. #PRE_Res_Fileversion=
  19. #PRE_Res_FileVersion_AutoIncrement=p
  20. #PRE_Res_LegalCopyright=
  21. #PRE_Change2CUI=N
  22. #PRE_UseX64=n
  23. #EndRegion ACN预处理程序参数设置完成
  24. GLOBAL $_SHA1OPCODE = "0xC86800005356576A006A006A008D459850E829000000FF7514FF750CFF75088D459850E88A0000006A006A008D459850FF7510E8490000005F5E5BC9C210005589E5538B5D08836314008363180083635C00C70301234567C7430489ABCDEFC74308FEDCBA98C7430C76543210C74310F0E1D2C383636000836364005B5DC210005589E55657FF750CE8850200008B7D088B750C6A0559A58A47FF8647FC8847FF8A47FE8647FD8847FEE2EB5F5E5DC210005589E55356578B5D08837D10007502EB59837B60007506837B640074076A018F4364EB468B4D108B7D0CEB3449518A078B735C8844331CFF435C83431408837B1400750EFF4318837B180075056A018F4364837B5C40750653E813000000475985C97406837B640074C25F5E5B5DC21000C84801005356578B5D086A10598D51FF89D7C1E7020FB6443B1CC1E018898495BCFEFFFF0FB6443B1DC1E010098495BCFEFFFF0FB6443B1EC1E008098495BCFEFFFF0FB6443B1F098495BCFEFFFFE2BD6A105A83FA5073288B8495B0FEFFFF3384959CFEFFFF33849584FEFFFF3384957CFEFFFFD1C0898495BCFEFFFF42EBD38B4D088B318B59048B51088B790C8B41108985B8FEFFFF8365FC00837DFC147D3C89D131F921D931F989F0C1C00501C80385B8FEFFFF8B4DFC03848DBCFEFFFF059979825A5089BDB8FEFFFF89D789D8C1C01E89C289F35EFF45FCEBBE6A148F45FC837DFC287D3A89D931D131F989F0C1C00501C80385B8FEFFFF8B4DFC03848DBCFEFFFF05A1EBD96E5089BDB8FEFFFF89D789D8C1C01E89C289F35EFF45FCEBC06A288F45FC837DFC3C7D4689D821F85089D021F889D921D109C15809C189F0C1C00501C80385B8FEFFFF8B4DFC03848DBCFEFFFF05DCBC1B8F5089BDB8FEFFFF89D789D8C1C01E89C289F35EFF45FCEBB46A3C8F45FC837DFC507D3A89D931D131F989F0C1C00501C80385B8FEFFFF8B4DFC03848DBCFEFFFF05D6C162CA5089BDB8FEFFFF89D789D8C1C01E89C289F35EFF45FCEBC08B4D088B0101F089018B410401D88941048B410801D08941088B410C01F889410C8B41100385B8FEFFFF89411083615C005F5E5BC9C204005589E55356578B5D08837B6400740431C0EB14837B6000750B53E80F0000006A018F436031C0405F5E5B5DC204005589E553578B5D088B7B5C83FF37762EC6443B1C8047EB06C6443B1C004783FF4072F5897B5C53E8B6FDFFFF8B7B5CEB06C6443B1C004783FF3872F5EB13C6443B1C8047EB06C6443B1C004783FF3872F5897B5C8B4318C1E81825FF0000008843548B4318C1E81025FF0000008843558B4318C1E80825FF0000008843568B431825FF0000008843578B4314C1E81825FF0000008843588B4314C1E81025FF0000008843598B4314C1E80825FF00000088435A8B431425FF00000088435B53E81EFDFFFF5F5B5DC20400"
  25. GLOBAL $_MD5OPCODE = "0xC85800005356576A006A006A008D45A850E8280000006A00FF750CFF75088D45A850E8440000006A006A008D45A850FF7510E8710700005F5E5BC9C210005589E58B4D0831C0894114894110C70101234567C7410489ABCDEFC74108FEDCBA98C7410C765432105DC21000C80C0000538B5D088B4310C1E80383E03F8945F88B4510C1E0030143103943107303FF43148B4510C1E81D0143146A40582B45F88945F4394510724550FF750C8B45F88D44031850E8A00700008D43185053E84E0000008B45F48945FC8B45FC83C03F39451076138B450C0345FC5053E8300000008345FC40EBE28365F800EB048365FC008B45102B45FC508B450C0345FC508B45F88D44031850E84D0700005BC9C21000C84000005356576A40FF750C8D45C050E8330700008B45088B088B50048B70088B780C89D021F089D3F7D321FB09D801C1034DC081C178A46AD7C1C10701D189C821D089CBF7D321F309D801C7037DC481C756B7C7E8C1C70C01CF89F821C889FBF7D321D309D801C60375C881C6DB702024C1C61101FE89F021F889F3F7D321CB09D801C20355CC81C2EECEBDC1C1C21601F289D021F089D3F7D321FB09D801C1034DD081C1AF0F7CF5C1C10701D189C821D089CBF7D321F309D801C7037DD481C72AC68747C1C70C01CF89F821C889FBF7D321D309D801C60375D881C6134630A8C1C61101FE89F021F889F3F7D321CB09D801C20355DC81C2019546FDC1C21601F289D021F089D3F7D321FB09D801C1034DE081C1D8988069C1C10701D189C821D089CBF7D321F309D801C7037DE481C7AFF7448BC1C70C01CF89F821C889FBF7D321D309D801C60375E881C6B15BFFFFC1C61101FE89F021F889F3F7D321CB09D801C20355EC81C2BED75C89C1C21601F289D021F089D3F7D321FB09D801C1034DF081C12211906BC1C10701D189C821D089CBF7D321F309D801C7037DF481C7937198FDC1C70C01CF89F821C889FBF7D321D309D801C60375F881C68E4379A6C1C61101FE89F021F889F3F7D321CB09D801C20355FC81C22108B449C1C21601F289D021F889FBF7D321F309D801C1034DC481C162251EF6C1C10501D189C821F089F3F7D321D309D801C7037DD881C740B340C0C1C70901CF89F821D089D3F7D321CB09D801C60375EC81C6515A5E26C1C60E01FE89F021C889CBF7D321FB09D801C20355C081C2AAC7B6E9C1C21401F289D021F889FBF7D321F309D801C1034DD481C15D102FD6C1C10501D189C821F089F3F7D321D309D801C7037DE881C753144402C1C70901CF89F821D089D3F7D321CB09D801C60375FC81C681E6A1D8C1C60E01FE89F021C889CBF7D321FB09D801C20355D081C2C8FBD3E7C1C21401F289D021F889FBF7D321F309D801C1034DE481C1E6CDE121C1C10501D189C821F089F3F7D321D309D801C7037D"
  26. $_MD5OPCODE &= "F881C7D60737C3C1C70901CF89F821D089D3F7D321CB09D801C60375CC81C6870DD5F4C1C60E01FE89F021C889CBF7D321FB09D801C20355E081C2ED145A45C1C21401F289D021F889FBF7D321F309D801C1034DF481C105E9E3A9C1C10501D189C821F089F3F7D321D309D801C7037DC881C7F8A3EFFCC1C70901CF89F821D089D3F7D321CB09D801C60375DC81C6D9026F67C1C60E01FE89F021C889CBF7D321FB09D801C20355F081C28A4C2A8DC1C21401F289D031F031F801C1034DD481C14239FAFFC1C10401D189C831D031F001C7037DE081C781F67187C1C70B01CF89F831C831D001C60375EC81C622619D6DC1C61001FE89F031F831C801C20355F881C20C38E5FDC1C21701F289D031F031F801C1034DC481C144EABEA4C1C10401D189C831D031F001C7037DD081C7A9CFDE4BC1C70B01CF89F831C831D001C60375DC81C6604BBBF6C1C61001FE89F031F831C801C20355E881C270BCBFBEC1C21701F289D031F031F801C1034DF481C1C67E9B28C1C10401D189C831D031F001C7037DC081C7FA27A1EAC1C70B01CF89F831C831D001C60375CC81C68530EFD4C1C61001FE89F031F831C801C20355D881C2051D8804C1C21701F289D031F031F801C1034DE481C139D0D4D9C1C10401D189C831D031F001C7037DF081C7E599DBE6C1C70B01CF89F831C831D001C60375FC81C6F87CA21FC1C61001FE89F031F831C801C20355C881C26556ACC4C1C21701F289F8F7D009D031F001C1034DC081C1442229F4C1C10601D189F0F7D009C831D001C7037DDC81C797FF2A43C1C70A01CF89D0F7D009F831C801C60375F881C6A72394ABC1C60F01FE89C8F7D009F031F801C20355D481C239A093FCC1C21501F289F8F7D009D031F001C1034DF081C1C3595B65C1C10601D189F0F7D009C831D001C7037DCC81C792CC0C8FC1C70A01CF89D0F7D009F831C801C60375E881C67DF4EFFFC1C60F01FE89C8F7D009F031F801C20355C481C2D15D8485C1C21501F289F8F7D009D031F001C1034DE081C14F7EA86FC1C10601D189F0F7D009C831D001C7037DFC81C7E0E62CFEC1C70A01CF89D0F7D009F831C801C60375D881C6144301A3C1C60F01FE89C8F7D009F031F801C20355F481C2A111084EC1C21501F289F8F7D009D031F001C1034DD081C1827E53F7C1C10601D189F0F7D009C831D001C7037DEC81C735F23ABDC1C70A01CF89D0F7D009F831C801C60375C881C6BBD2D72AC1C60F01FE89C8F7D009F031F801C20355E481C291D386EBC1C21501F28B4508010801500401700801780C5F5E5BC9C20800C814000053E840000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008F45EC8B5D0C6A088D4310508D"
  27. $_MD5OPCODE &= "45F850E8510000008B4310C1E80383E03F8945F483F838730B6A38582B45F48945F0EB096A78582B45F48945F0FF75F0FF75ECFF750CE831F8FFFF6A088D45F850FF750CE823F8FFFF6A1053FF7508E8050000005BC9C210005589E55156578B7D088B750C8B4D10FCF3A45F5E595DC20C00"
  28. GLOBAL $_MD5CODEBUFFER = "", $_SHA1CODEBUFFER = "", $CODEBUFFER
  29. IF @AUTOITX64 THEN
  30. MSGBOX(0x00000020, "ACN_HASH", "此加密函数不能用于64位AutoIt版本,请编译为32位版本.", 0x00000005)
  31. EXIT
  32. ENDIF
  33. FUNC _BASE64DECODE($DATA)
  34. LOCAL $OPCODE = "0xC81000005356578365F800E8500000003EFFFFFF3F3435363738393A3B3C3DFFFFFF00FFFFFF000102030405060708090A0B0C0D0E0F10111213141516171819FFFFFFFFFFFF1A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132338F45F08B7D0C8B5D0831D2E9910000008365FC00837DFC047D548A034384C0750383EA033C3D75094A803B3D75014AB00084C0751A837DFC047D0D8B75FCC64435F400FF45FCEBED6A018F45F8EB1F3C2B72193C7A77150FB6F083EE2B0375F08A068B75FC884435F4FF45FCEBA68D75F4668B06C0E002C0EC0408E08807668B4601C0E004C0EC0208E08847018A4602C0E00624C00A46038847028D7F038D5203837DF8000F8465FFFFFF89D05F5E5BC9C21000"
  35. LOCAL $CODEBUFFER = DLLSTRUCTCREATE("byte["& BINARYLEN($OPCODE) & "]")
  36. DLLSTRUCTSETDATA($CODEBUFFER, 0x00000001, $OPCODE)
  37. LOCAL $OUPUT = DLLSTRUCTCREATE("byte["& BINARYLEN($DATA) & "]")
  38. LOCAL $RET = DLLCALL("user32.dll", "int", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($CODEBUFFER), "str", $DATA, "ptr", DLLSTRUCTGETPTR($OUPUT), "int", 0x00000000, "int", 0x00000000)
  39. RETURN BINARYMID(DLLSTRUCTGETDATA($OUPUT, 0x00000001), 0x00000001, $RET [0x00000000 ])
  40. ENDFUNC
  41. FUNC _BASE64ENCODE($DATA, $LINEBREAK = 0x0000004C)
  42. LOCAL $OPCODE = "0x5589E5FF7514535657E8410000004142434445464748494A4B4C4D4E4F505152535455565758595A6162636465666768696A6B6C6D6E6F707172737475767778797A303132333435363738392B2F005A8B5D088B7D108B4D0CE98F0000000FB633C1EE0201D68A06880731C083F901760C0FB6430125F0000000C1E8040FB63383E603C1E60409C601D68A0688470183F90176210FB6430225C0000000C1E8060FB6730183E60FC1E60209C601D68A06884702EB04C647023D83F90276100FB6730283E63F01D68A06884703EB04C647033D8D5B038D7F0483E903836DFC04750C8B45148945FC66B80D0A66AB85C90F8F69FFFFFFC607005F5E5BC9C21000"
  43. LOCAL $CODEBUFFER = DLLSTRUCTCREATE("byte["& BINARYLEN($OPCODE) & "]")
  44. DLLSTRUCTSETDATA($CODEBUFFER, 0x00000001, $OPCODE)
  45. $DATA = BINARY($DATA)
  46. LOCAL $INPUT = DLLSTRUCTCREATE("byte["& BINARYLEN($DATA) & "]")
  47. DLLSTRUCTSETDATA($INPUT, 0x00000001, $DATA)
  48. $LINEBREAK = FLOOR($LINEBREAK / 0x00000004) * 0x00000004
  49. LOCAL $OPUTPUTSIZE = CEILING(BINARYLEN($DATA) * 0x00000004 / 0x00000003)
  50. $OPUTPUTSIZE = $OPUTPUTSIZE + CEILING($OPUTPUTSIZE / $LINEBREAK) * 0x00000002 + 0x00000004
  51. LOCAL $OUPUT = DLLSTRUCTCREATE("char["& $OPUTPUTSIZE & "]")
  52. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($CODEBUFFER), "ptr", DLLSTRUCTGETPTR($INPUT), "int", BINARYLEN($DATA), "ptr", DLLSTRUCTGETPTR($OUPUT), "uint", $LINEBREAK)
  53. RETURN DLLSTRUCTGETDATA($OUPUT, 0x00000001)
  54. ENDFUNC
  55. FUNC _CRC32($DATA, $CRC32 = -0x00000001)
  56. IF @AUTOITX64 THEN
  57. LOCAL $OPCODE = "0x554889E54881EC2004000048894D10488955184489452044894D28C745F800000000EB468B45F88945ECC745FC08000000EB1E8B45EC83E00184C0740D8B45ECD1E83345288945ECEB03D16DEC836DFC01837DFC007FDC8B45F848988B55EC899485E0FBFFFF8345F801817DF8FF0000007EB1488B4510488945F0C745F800000000EB318B452089C2C1EA088B45F84898480345F00FB6000FB6C033452025FF00000089C08B8485E0FBFFFF31D08945208345F8018B45F84898483B451872C48B4520F7D0C9C3"
  58. ELSE
  59. LOCAL $OPCODE = "0xC8000400538B5514B9000100008D41FF516A0859D1E8730231D0E2F85989848DFCFBFFFFE2E78B5D088B4D0C8B451085DB7416E3148A1330C20FB6D2C1E80833849500FCFFFF43E2ECF7D05BC9C21000"
  60. ENDIF
  61. LOCAL $CODEBUFFER = DLLSTRUCTCREATE("byte["& BINARYLEN($OPCODE) & "]")
  62. DLLSTRUCTSETDATA($CODEBUFFER, 0x00000001, $OPCODE)
  63. LOCAL $INPUT = DLLSTRUCTCREATE("byte["& BINARYLEN($DATA) & "]")
  64. DLLSTRUCTSETDATA($INPUT, 0x00000001, $DATA)
  65. LOCAL $RET = DLLCALL("user32.dll", "uint", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($CODEBUFFER), "ptr", DLLSTRUCTGETPTR($INPUT), "int", BINARYLEN($DATA), "uint", $CRC32, "int", 0x00000000)
  66. $INPUT = 0x00000000
  67. $CODEBUFFER = 0x00000000
  68. RETURN $RET [0x00000000 ]
  69. ENDFUNC
  70. FUNC _MD5INIT()
  71. IF NOT ISDECLARED("_MD5CodeBuffer") OR NOT ISDLLSTRUCT($_MD5CODEBUFFER) THEN
  72. GLOBAL $_MD5CODEBUFFER = DLLSTRUCTCREATE("byte["& BINARYLEN($_MD5OPCODE) & "]")
  73. DLLSTRUCTSETDATA($_MD5CODEBUFFER, 0x00000001, $_MD5OPCODE)
  74. ENDIF
  75. LOCAL $OPCODESTART = 0x0000003E
  76. LOCAL $MD5CTX = DLLSTRUCTCREATE("dword[22]")
  77. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($_MD5CODEBUFFER) + $OPCODESTART, "ptr", DLLSTRUCTGETPTR($MD5CTX), "int", 0x00000000, "int", 0x00000000, "int", 0x00000000)
  78. $CODEBUFFER = 0x00000000
  79. RETURN $MD5CTX
  80. ENDFUNC
  81. FUNC _MD5INPUT(BYREF $MD5CTX, $DATA)
  82. IF NOT ISDECLARED("_MD5CodeBuffer") OR NOT ISDLLSTRUCT($_MD5CODEBUFFER) THEN RETURN
  83. LOCAL $OPCODESTART = 0x0000006B
  84. LOCAL $INPUT = DLLSTRUCTCREATE("byte["& BINARYLEN($DATA) & "]")
  85. DLLSTRUCTSETDATA($INPUT, 0x00000001, $DATA)
  86. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($_MD5CODEBUFFER) + $OPCODESTART, "ptr", DLLSTRUCTGETPTR($MD5CTX), "ptr", DLLSTRUCTGETPTR($INPUT), "int", BINARYLEN($DATA), "int", 0x00000000)
  87. $INPUT = 0x00000000
  88. ENDFUNC
  89. FUNC _MD5RESULT(BYREF $MD5CTX)
  90. IF NOT ISDECLARED("_MD5CodeBuffer") OR NOT ISDLLSTRUCT($_MD5CODEBUFFER) THEN RETURN BINARY(0x00000000)
  91. LOCAL $OPCODESTART = 0x000007A8
  92. LOCAL $DIGEST = DLLSTRUCTCREATE("byte[16]")
  93. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($_MD5CODEBUFFER) + $OPCODESTART, "ptr", DLLSTRUCTGETPTR($DIGEST), "ptr", DLLSTRUCTGETPTR($MD5CTX), "int", 0x00000000, "int", 0x00000000)
  94. LOCAL $RET = DLLSTRUCTGETDATA($DIGEST, 0x00000001)
  95. $CODEBUFFER = 0x00000000
  96. $DIGEST = 0x00000000
  97. $MD5CTX = 0x00000000
  98. $_MD5CODEBUFFER = 0x00000000
  99. RETURN $RET
  100. ENDFUNC
  101. FUNC _MD5($DATA)
  102. LOCAL $CODEBUFFER = DLLSTRUCTCREATE("byte["& BINARYLEN($_MD5OPCODE) & "]")
  103. DLLSTRUCTSETDATA($CODEBUFFER, 0x00000001, $_MD5OPCODE)
  104. LOCAL $INPUT = DLLSTRUCTCREATE("byte["& BINARYLEN($DATA) & "]")
  105. DLLSTRUCTSETDATA($INPUT, 0x00000001, $DATA)
  106. LOCAL $DIGEST = DLLSTRUCTCREATE("byte[16]")
  107. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($CODEBUFFER), "ptr", DLLSTRUCTGETPTR($INPUT), "int", BINARYLEN($DATA), "ptr", DLLSTRUCTGETPTR($DIGEST), "int", 0x00000000)
  108. LOCAL $RET = DLLSTRUCTGETDATA($DIGEST, 0x00000001)
  109. $INPUT = 0x00000000
  110. $DIGEST = 0x00000000
  111. $CODEBUFFER = 0x00000000
  112. RETURN $RET
  113. ENDFUNC
  114. FUNC _RC4($DATA, $KEY)
  115. LOCAL $OPCODE = "0xC81001006A006A005356578B551031C989C84989D7F2AE484829C88945F085C00F84DC000000B90001000088C82C0188840DEFFEFFFFE2F38365F4008365FC00817DFC000100007D478B45FC31D2F775F0920345100FB6008B4DFC0FB68C0DF0FEFFFF01C80345F425FF0000008945F48B75FC8A8435F0FEFFFF8B7DF486843DF0FEFFFF888435F0FEFFFFFF45FCEBB08D9DF0FEFFFF31FF89FA39550C76638B85ECFEFFFF4025FF0000008985ECFEFFFF89D80385ECFEFFFF0FB6000385E8FEFFFF25FF0000008985E8FEFFFF89DE03B5ECFEFFFF8A0689DF03BDE8FEFFFF860788060FB60E0FB60701C181E1FF0000008A840DF0FEFFFF8B750801D6300642EB985F5E5BC9C21000"
  116. LOCAL $CODEBUFFER = DLLSTRUCTCREATE("byte["& BINARYLEN($OPCODE) & "]")
  117. DLLSTRUCTSETDATA($CODEBUFFER, 0x00000001, $OPCODE)
  118. IF NOT ISBINARY($DATA) THEN $DATA = STRINGTOBINARY($DATA, 0x00000001)
  119. LOCAL $BUFFER = DLLSTRUCTCREATE("byte["& BINARYLEN($DATA) & "]")
  120. DLLSTRUCTSETDATA($BUFFER, 0x00000001, $DATA)
  121. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($CODEBUFFER), "ptr", DLLSTRUCTGETPTR($BUFFER), "int", BINARYLEN($DATA), "str", $KEY, "int", 0x00000000)
  122. LOCAL $RET = DLLSTRUCTGETDATA($BUFFER, 0x00000001)
  123. $BUFFER = 0x00000000
  124. $CODEBUFFER = 0x00000000
  125. RETURN $RET
  126. ENDFUNC
  127. FUNC _SHA1INIT()
  128. IF NOT ISDECLARED("_SHA1CodeBuffer") OR NOT ISDLLSTRUCT($_SHA1CODEBUFFER) THEN
  129. GLOBAL $_SHA1CODEBUFFER = DLLSTRUCTCREATE("byte["& BINARYLEN($_SHA1OPCODE) & "]")
  130. DLLSTRUCTSETDATA($_SHA1CODEBUFFER, 0x00000001, $_SHA1OPCODE)
  131. ENDIF
  132. LOCAL $OPCODESTART = (STRINGINSTR($_SHA1OPCODE, "5589E5538B5D08") - 0x00000001) / 0x00000002 - 0x00000001
  133. LOCAL $SHA1CTX = DLLSTRUCTCREATE("dword[26]")
  134. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($_SHA1CODEBUFFER) + $OPCODESTART, "ptr", DLLSTRUCTGETPTR($SHA1CTX), "int", 0x00000000, "int", 0x00000000, "int", 0x00000000)
  135. $CODEBUFFER = 0x00000000
  136. RETURN $SHA1CTX
  137. ENDFUNC
  138. FUNC _SHA1INPUT(BYREF $SHA1CTX, $DATA)
  139. IF NOT ISDECLARED("_SHA1CodeBuffer") OR NOT ISDLLSTRUCT($_SHA1CODEBUFFER) THEN RETURN
  140. LOCAL $OPCODESTART = (STRINGINSTR($_SHA1OPCODE, "5589E55356578B5D08837D1000") - 0x00000001) / 0x00000002 - 0x00000001
  141. LOCAL $INPUT = DLLSTRUCTCREATE("byte["& BINARYLEN($DATA) & "]")
  142. DLLSTRUCTSETDATA($INPUT, 0x00000001, $DATA)
  143. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($_SHA1CODEBUFFER) + $OPCODESTART, "ptr", DLLSTRUCTGETPTR($SHA1CTX), "ptr", DLLSTRUCTGETPTR($INPUT), "int", BINARYLEN($DATA), "int", 0x00000000)
  144. $INPUT = 0x00000000
  145. ENDFUNC
  146. FUNC _SHA1RESULT(BYREF $SHA1CTX)
  147. IF NOT ISDECLARED("_SHA1CodeBuffer") OR NOT ISDLLSTRUCT($_SHA1CODEBUFFER) THEN RETURN BINARY(0x00000000)
  148. LOCAL $OPCODESTART = (STRINGINSTR($_SHA1OPCODE, "5589E55657FF750C") - 0x00000001) / 0x00000002 - 0x00000001
  149. LOCAL $DIGEST = DLLSTRUCTCREATE("byte[20]")
  150. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($_SHA1CODEBUFFER) + $OPCODESTART, "ptr", DLLSTRUCTGETPTR($DIGEST), "ptr", DLLSTRUCTGETPTR($SHA1CTX), "int", 0x00000000, "int", 0x00000000)
  151. LOCAL $RET = DLLSTRUCTGETDATA($DIGEST, 0x00000001)
  152. $CODEBUFFER = 0x00000000
  153. $DIGEST = 0x00000000
  154. $SHA1CTX = 0x00000000
  155. $_SHA1CODEBUFFER = 0x00000000
  156. RETURN $RET
  157. ENDFUNC
  158. FUNC _SHA1($DATA)
  159. LOCAL $CODEBUFFER = DLLSTRUCTCREATE("byte["& BINARYLEN($_SHA1OPCODE) & "]")
  160. DLLSTRUCTSETDATA($CODEBUFFER, 0x00000001, $_SHA1OPCODE)
  161. LOCAL $INPUT = DLLSTRUCTCREATE("byte["& BINARYLEN($DATA) & "]")
  162. DLLSTRUCTSETDATA($INPUT, 0x00000001, $DATA)
  163. LOCAL $DIGEST = DLLSTRUCTCREATE("byte[20]")
  164. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($CODEBUFFER), "ptr", DLLSTRUCTGETPTR($INPUT), "int", BINARYLEN($DATA), "ptr", DLLSTRUCTGETPTR($DIGEST), "int", 0x00000000)
  165. LOCAL $RET = DLLSTRUCTGETDATA($DIGEST, 0x00000001)
  166. $INPUT = 0x00000000
  167. $DIGEST = 0x00000000
  168. $CODEBUFFER = 0x00000000
  169. RETURN $RET
  170. ENDFUNC
  171. FUNC _XXTEA_ENCRYPT($DATA, $KEY)
  172. $DATA = BINARY($DATA)
  173. LOCAL $DATALEN = BINARYLEN($DATA)
  174. IF $DATALEN = 0x00000000 THEN
  175. RETURN ""
  176. ELSEIF $DATALEN < 0x00000008 THEN
  177. $DATALEN = 0x00000008
  178. ENDIF
  179. LOCAL $OPCODE = "0x83EC14B83400000099538B5C2420558B6C242056578B7C9DFCF7FB89C683C606C74424180000000085F68D76FF0F8EEA000000896C24288D4BFF8D549D00894C2410895424148974242081442418B979379E8B4C2418C1E90281E103000000894C241C31F6397424107E568B5424288BCF8B6CB204C1E9058D14AD0000000033CA8BD58BC7C1EA03C1E00433D003CA8B5424188BDE81E303000000335C241C8B4424308B1C9833D533DF03D333CA8B542428010CB28B0CB2463974241089CF7FAA8B5424288BCF8B2AC1E9058D14AD0000000033CA8BD58BC7C1EA03C1E00433D003CA8B5424188BDE81E303000000335C241C8B4424308B1C9833D533DF03D3FF4C242033CA8B542414014AFC8B4AFC8B54242089CF420F8F2DFFFFFF5F31C05E5D5B83C414C21000"
  180. LOCAL $CODEBUFFER = DLLSTRUCTCREATE("byte["& BINARYLEN($OPCODE) & "]")
  181. DLLSTRUCTSETDATA($CODEBUFFER, 0x00000001, $OPCODE)
  182. LOCAL $V = DLLSTRUCTCREATE("byte["& CEILING($DATALEN / 0x00000004) * 0x00000004 & "]")
  183. DLLSTRUCTSETDATA($V, 0x00000001, $DATA)
  184. LOCAL $K = DLLSTRUCTCREATE("byte[16]")
  185. DLLSTRUCTSETDATA($K, 0x00000001, $KEY)
  186. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($CODEBUFFER), "ptr", DLLSTRUCTGETPTR($V), "int", CEILING($DATALEN / 0x00000004), "ptr", DLLSTRUCTGETPTR($K), "int", 0x00000000)
  187. LOCAL $RET = DLLSTRUCTGETDATA($V, 0x00000001)
  188. $CODEBUFFER = 0x00000000
  189. $V = 0x00000000
  190. $K = 0x00000000
  191. RETURN $RET
  192. ENDFUNC
  193. FUNC _XXTEA_DECRYPT($DATA, $KEY)
  194. $DATA = BINARY($DATA)
  195. LOCAL $DATALEN = BINARYLEN($DATA)
  196. IF $DATALEN = 0x00000000 THEN RETURN ""
  197. LOCAL $OPCODE = "0x83EC10B83400000099538B5C241C55568B742420578B3EF7FB69D0B979379E81C256DA4CB5895424180F84DD000000897424248D4BFF8D149E894C2410895424148B4C2418C1E90281E103000000894C241C8B742410837C2410007E528B5424248B6CB2FC8BCD8BD7C1E905C1E20233CA8BD78BC5C1EA03C1E00433D003CA8B5424188BDE81E3030000008B44242C33D7335C241C8B1C9833DD03D333CA8B542424290CB28B0CB24E89CF85F67FAE8B5424148B6AFC8BCD8BD7C1E905C1E20233CA8BD78BC5C1EA03C1E00433D003CA8B5424188BDE81E3030000008B44242C33D7335C241C8B1C9833DD03D333CA8B542424290A8B0A89CF814424184786C861837C2418000F8535FFFFFF5F31C05E5D5B83C410C21000"
  198. LOCAL $CODEBUFFER = DLLSTRUCTCREATE("byte["& BINARYLEN($OPCODE) & "]")
  199. DLLSTRUCTSETDATA($CODEBUFFER, 0x00000001, $OPCODE)
  200. LOCAL $V = DLLSTRUCTCREATE("byte["& CEILING($DATALEN / 0x00000004) * 0x00000004 & "]")
  201. DLLSTRUCTSETDATA($V, 0x00000001, $DATA)
  202. LOCAL $K = DLLSTRUCTCREATE("byte[16]")
  203. DLLSTRUCTSETDATA($K, 0x00000001, $KEY)
  204. DLLCALL("user32.dll", "none", "CallWindowProc", "ptr", DLLSTRUCTGETPTR($CODEBUFFER), "ptr", DLLSTRUCTGETPTR($V), "int", CEILING($DATALEN / 0x00000004), "ptr", DLLSTRUCTGETPTR($K), "int", 0x00000000)
  205. LOCAL $RET = DLLSTRUCTGETDATA($V, 0x00000001)
  206. $CODEBUFFER = 0x00000000
  207. $V = 0x00000000
  208. $K = 0x00000000
  209. RETURN $RET
  210. ENDFUNC
  211. FUNC _XXTEA_ENCRYPT_PAD($DATA, $KEY)
  212. $DATA = BINARY($DATA)
  213. LOCAL $DATALEN = BINARYLEN($DATA), $DATAPAD
  214. SWITCH (MOD($DATALEN, 0x00000004))
  215. CASE 0x00000000
  216. $DATAPAD = BINARY("0x80000000")
  217. CASE 0x00000001
  218. $DATAPAD = BINARY("0x800000")
  219. CASE 0x00000002
  220. $DATAPAD = BINARY("0x8000")
  221. CASE 0x00000003
  222. $DATAPAD = BINARY("0x80")
  223. ENDSWITCH
  224. RETURN _XXTEA_ENCRYPT($DATA & $DATAPAD, $KEY)
  225. ENDFUNC
  226. FUNC _XXTEA_DECRYPT_PAD($DATA, $KEY)
  227. $DATA = _XXTEA_DECRYPT($DATA, $KEY)
  228. LOCAL $DATALEN = BINARYLEN($DATA), $I
  229. FOR $I = $DATALEN TO $DATALEN - 0x00000008 STEP - 0x00000001
  230. IF BINARYMID($DATA, $I, 0x00000001) = BINARY("0x80") THEN
  231. $DATA = BINARYMID($DATA, 0x00000001, $I - 0x00000001)
  232. EXITLOOP
  233. ENDIF
  234. NEXT
  235. RETURN $DATA
  236. ENDFUNC
  237. $TEXT = "请您输入12位SN"
  238. DO
  239. $SN = INPUTBOX("小米路由器SN算SSH密码", $TEXT, "", " M12")
  240. IF @ERROR = 0x00000001 THEN EXIT
  241. $TEXT = "请您输入足够长度的SN"
  242. UNTIL STRINGLEN($SN) = 0x0000000C
  243. $KEY = STRINGLEFT(STRINGTRIMLEFT(STRINGLOWER(_MD5($SN & "A2E371B0-B34B-48A5-8C40-A7133F3B5D88")), 0x00000002), 0x00000008)
  244. MSGBOX(0x00001000, "小米路由器SN算SSH密码", "小米路由器SN:"& $SN & @CRLF & "路由SSH 密码:"& $KEY)
复制代码



点评

JAVA 自带MD5支持,写一个不复杂 谢谢提示  详情 回复 发表于 2015-8-16 22:48
必 须 支 持 大 神 。 膜 拜 下 。  详情 回复 发表于 2015-4-18 03:46
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-2-20 10:02 | 显示全部楼层
感谢分享。
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-2-20 10:12 | 显示全部楼层
感谢楼主分享。
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-2-22 10:33 | 显示全部楼层
老子本姓天 发表于 2015-2-19 21:46
小米路由器 SSH 密码小米路由器 SSH 密码

这个说明小米不厚道用开源地东西。  还上锁。(??《》)

79元买了小米MINI准备玩了

点评

有好经验记得分享喔1  详情 回复 发表于 2015-8-18 19:54
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-2-24 00:41 | 显示全部楼层
学习了,在此留个脚印
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-2-24 09:58 | 显示全部楼层
这牛逼多了。。。方便了。。
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-2-24 13:45 | 显示全部楼层
这玩意牛b
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-2-28 14:27 | 显示全部楼层
niu x le, thanks...
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-2-28 19:39 | 显示全部楼层
o(︶︿︶)o 唉,晚了,已经用官方的方法开启SSH了,不能保修了。
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-3-1 11:08 | 显示全部楼层
这个棒 不过以前已经开启了
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-3-1 11:46 | 显示全部楼层
刷第三方固件丢了SN的,可以计算密码,开SSH不?

点评

刷早期的开发版0.4.36,然后用SSH bdata用bdata(\usr\sbin\bdata)修改 bdata set model=R1CM bdata set color=101 bdata set CountryCode=CN bdata set SN=XXXXXXXXXXXX bdata set wl0_ssid=Xiaomi_XXXX_5G b  详情 回复 发表于 2015-3-1 13:43
我的恩山、我的无线 The best wifi forum is right here.
发表于 2015-3-1 13:05 | 显示全部楼层
看看,挺好的
我的恩山、我的无线 The best wifi forum is right here.
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

QQ|手机版|小黑屋|Archiver|恩山无线论坛(常州市恩山计算机开发有限公司版权所有) ( 苏ICP备05084872号 )

GMT+8, 2019-7-23 21:31

Powered by Discuz! X3.4

© 2001-2017 Comsenz Inc.

快速回复 返回顶部 返回列表