Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

engenius EOC1650 #103

Open
itsjustaguy opened this issue Jun 11, 2014 · 2 comments
Open

engenius EOC1650 #103

itsjustaguy opened this issue Jun 11, 2014 · 2 comments

Comments

@itsjustaguy
Copy link

Firmware Version 1.3.1

I successfully got in before, but then it magically closed.
After a reboot:
justaguy@marie:/TCP-32764$ ./poc.py --shell --ip 192.168.254.130
Traceback (most recent call last):
File "./poc.py", line 66, in
tmp = s.recv(0xC - len(r))
socket.error: [Errno 104] Connection reset by peer
When logging in to the router, using /sbin/logread, i noticed this line:
Jun 11 07:49:00 (none) daemon.debug cfg_mgr[93]: cfgReqHandler: socket_read failed
This happend at the time when i got the connection reset by peer.
engenius EOC1650,
Now i nmap the AP:
justaguy@marie:/TCP-32764$ nmap -p 32764 192.168.254.130
PORT STATE SERVICE
32764/tcp open unknown
And now:
justaguy@marie:~/TCP-32764$ ./poc.py --shell --ip 192.168.254.130
probably not vulnerable (error: [Errno 111] Connection refused)
After this, i used the /sbin/logread on the router.
Jun 11 07:51:55 (none) daemon.debug cfg_mgr[93]: cfgReqHandler: socket_read failed
Jun 11 07:51:56 (none) user.debug syslog: cfg_exchange: socket_connect failed
Jun 11 07:51:56 (none) user.debug syslog: cfg_get: cfg_exchange failed
Jun 11 07:51:56 (none) user.debug syslog: cfg_exchange: socket_connect failed
Jun 11 07:51:56 (none) user.debug syslog: cfg_get: cfg_exchange failed
Jun 11 07:51:58 (none) user.debug syslog: cfg_exchange: socket_connect failed
Jun 11 07:51:58 (none) user.debug syslog: cfg_get: cfg_exchange failed
Jun 11 07:51:58 (none) user.debug syslog: cfg_exchange: socket_connect failed
Jun 11 07:51:58 (none) user.debug syslog: cfg_get: cfg_exchange failed
Jun 11 07:52:00 (none) user.debug syslog: cfg_exchange: socket_connect failed
Jun 11 07:52:00 (none) user.debug syslog: cfg_get: cfg_exchange failed
Jun 11 07:52:00 (none) user.debug syslog: cfg_exchange: socket_connect failed
Jun 11 07:52:00 (none) user.debug syslog: cfg_get: cfg_exchange failed
Jun 11 07:52:02 (none) user.debug syslog: cfg_exchange: socket_connect failed
Jun 11 07:52:02 (none) user.debug syslog: cfg_get: cfg_exchange failed

Looks like the control page is now crippled too:
https://i.imgur.com/83LvZwU.png
Reboot fixed this
@elvanderb
Copy link
Owner

Strange... maybe you modified something?
You say you "successfully got in before", do you mean that you had a shell?

@itsjustaguy
Copy link
Author

I didn't modify a thing, and yes i got a shell before, then it got closed (connection reset by peer) and after a reboot, it would be there again, but one login, and it needs a reboot to be reactivated again.
And now even after a reboot it doesn't work :(

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@elvanderb @itsjustaguy