Sunday, 10 February 2019

ZTE MF910V LFI : HTTPshare exploit

ZTE MF910V LFI : HTTPshare exploit

Telstra MF910V:

passwords are base64(encode)
The Config file has the sd card function turned off in the basic state

SD_CARD_SUPPORT: true or false
mf910v

SD_BASE_PATH: /
from mf65
/*** SD 卡根目录
  • @attribute {String} SD_BASE_PATH
*/ SD_BASE_PATH: '/mmc2',
change to
'/'



menus relating to httpshare are stripped out
(webs)/js/config/menu.js
in this file the following functions are commmented out
#httpshare_guest
#sd (sets the menu item up again)
#sdcard(settings part for sd card menu)
#httpshare(file viewer for sd card menu)
by un commenting these we can enable the sdcard function again
we need to change the pre path in the httpshare.js file
we will change this to '/mmc2'
/**
* 前置路径,发现有的设备会将sd卡数据显示在web目录
@attribute {String} prePath
@example
* prePath = "/usr/zte/zte_conf/web";
*/
var prePath = "/mmc2";// "/usr/zte/zte_conf/web";


then use the commands
cfg set sd_card_state=1
cfg set sd_card_state=1
mount dev/root /mmc2

No comments:

Post a Comment