Changes

Jump to: navigation, search

Category:ZyXEL VMG3925 B10B

135 bytes added, 13:05, 19 August 2019
m
Explain the challenges of reading /etc/passwd and /etc/shadow
Supervisor password:
 
The B10B has an autogenerated supervisor password (hashed from the serial number). Earlier models left a md5crypt type hash in /etc/passwd, however firmware AAVF.10 changed to a SHA-512 type hash stored in /etc/shadow. <strike>YouPrior mayto havefirmware someAAVF.10 successyou readingwill thisbe fileable to read /etc/passwd by logging into the router as the "admin" user via SSH or Telnet.</strike> With firmware AAVF.10 and later you would have to log in as the supervisor user - but you'd need to know the password.... You would need to crack the hash (e.g. with hashcat), the password will be 8 characters long using characters 0-9,a-f (lower case)
 
[[Category:AA Routers]]
345
edits

Navigation menu