Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ______ _ _ _ _ _____ _ _ _
- | ____| | | (_) | | | / ____| | | (_) |
- | |__ __ ___ __ | | ___ _| |_ | |__ _ _ | | _ _| |__ ___ _ __ ___ ___ ___ _ _ _ __ _| |_ _ _
- | __| \ \/ / '_ \| |/ _ \| | __| | '_ \| | | | | | | | | | '_ \ / _ \ '__/ __|/ _ \/ __| | | | '__| | __| | | |
- | |____ > <| |_) | | (_) | | |_ | |_) | |_| | | |___| |_| | |_) | __/ | \__ \ __/ (__| |_| | | | | |_| |_| |
- |______/_/\_\ .__/|_|\___/|_|\__| |_.__/ \__, | \_____\__, |_.__/ \___|_| |___/\___|\___|\__,_|_| |_|\__|\__, |
- | | __/ | __/ | __/ |
- |_| |___/ |___/ |___/
- -----------------------------------------------------------------------------------------------------------------------------+
- # vulnerability IBAL DSL Router Hack edit html code find user & Password there html code ibal router
- # FOR MORE INFORMATION AND COMMENTS PLEASE CONTACT ME: newfeedback@hotmail.com
- -----------------------------------------------------------------------------------------------------------------------------+
- <html>
- <head>
- <meta HTTP-EQUIV='Pragma' CONTENT='no-cache'>
- <link rel="stylesheet" href='stylemain.css' type='text/css'>
- <link rel="stylesheet" href='colors.css' type='text/css'>
- <script language="javascript" src="util.js"></script>
- <script language="javascript">
- <!-- hide
- pwdAdmin = 'admin';
- pwdSupport = 'support';
- pwdUser = 'user';
- function btnApply() {
- var loc = 'password.cgi?';
- var passwordEndTag = 'useless';
- with ( document.forms[0] ) {
- var idx = userName.selectedIndex;
- switch ( idx ) {
- case 0:
- alert("No username is selected.");
- return;
- case 1:
- if ( pwdOld.value == pwdAdmin )
- break;
- else {
- alert("Old admin password is wrong.");
- return;
- }
- case 2:
- if ( pwdOld.value == pwdSupport )
- break;
- else {
- alert("Old support password is wrong.");
- return;
- }
- case 3:
- if ( pwdOld.value == pwdUser )
- break;
- else {
- alert("Old user password is wrong.");
- return;
- }
- }
- if ( pwdNew.value != pwdCfm.value ) {
- alert("The passwords do not match.");
- return;
- }
- var str = new String();
- str = pwdNew.value;
- if ( str.length > 16 ) {
- alert('Password should not be longer than 16 characters.');
- return;
- }
- if ( str.indexOf(' ') != -1 ) {
- alert('Password cannot contain a space.');
- return;
- }
- switch ( idx ) {
- case 2:
- loc += 'sptPassword=' + encodeUrl(pwdNew.value) + '&passwordEndTag=' + passwordEndTag;
- break;
- case 3:
- loc += 'usrPassword=' + encodeUrl(pwdNew.value) + '&passwordEndTag=' + passwordEndTag;
- break;
- default:
- loc += 'sysPassword=' + encodeUrl(pwdNew.value) + '&passwordEndTag=' + passwordEndTag;
- break;
- }
- /* Add by Wu Yanhong, 24Feb2010
- * Avoid non-ISO-8859-1 character.
- */
- for ( i = 0; i < pwdNew.value.length; i++ )
- {
- if (pwdNew.value.substring(i,i+1).charCodeAt(0) >= 255)
- {
- return ;
- }
- }
- /* Add end */
- var code = 'location="' + loc + '"';
- eval(code);
- }
- }
- // done hiding -->
- </script>
- </head>
- <body>
- <blockquote>
- <form>
- <b>Access Control -- Password</b><br><br>
- Access to your DSL router is controlled through three user accounts: admin,
- support, and user.<br><br>
- The user name "admin" has unrestricted access to change and view configuration of
- your DSL Router.<br><br>
- The user name "support" is used to allow an ISP technician to access your
- DSL Router for maintenance and to run diagnostics.<br><br>
- The user name "user" can access the DSL Router, view configuration settings
- and statistics, as well as, update the router's software.<br><br>
- Use the fields below to enter up to 16 characters
- and click "Apply" to change or create password. Note: Password cannot contain a space.<br><br>
- <table border="0" cellpadding="0" cellspacing="0">
- <tr>
- <td width="120">Username:</td>
- <td><select name='userName' size="1">
- <option value="0">
-  
- <option value="1">admin
- <option value="2">support
- <option value="3">user
- </select></td>
- </tr>
- <tr>
- <td>Old Password:</td>
- <td><input name='pwdOld' type="password" size="20"></td>
- </tr>
- <tr>
- <td>New Password:</td>
- <td><input name='pwdNew' type="password" size="20"></td>
- </tr>
- <tr>
- <td>Confirm Password:</td>
- <td><input name='pwdCfm' type='password' size="20"></td>
- </tr>
- </table>
- <br>
- <center><input type='button' onClick='btnApply()' value='Save/Apply'></center>
- </form>
- </blockquote>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement