Брут роутера с помощью thc-hydra (мануал для новичков)

Discussion in 'Беспроводные технологии/Wi-Fi/Wardriving' started by Kevin Shindel, 27 Jan 2016.

  1. k0llapse

    k0llapse New Member

    Joined:
    10 Jun 2017
    Messages:
    15
    Likes Received:
    1
    Reputations:
    0
    Есть роутер D-link прошитый на OpenWrt LuCI. Как узнать пароль админки, если пароль к WiFi я знаю. Стандартные пароли не подходят.
     
  2. Turanchocks_

    Turanchocks_ Elder - Старейшина

    Joined:
    11 May 2013
    Messages:
    1,326
    Likes Received:
    3,283
    Reputations:
    17
    Админка точно также брутится. Да хоть бы и той же гидрой.
     
    binarymaster and Veil like this.
  3. Kevin Shindel

    Kevin Shindel Elder - Старейшина

    Joined:
    24 May 2015
    Messages:
    1,011
    Likes Received:
    1,192
    Reputations:
    62
    Гуглим OpenWRT XSS, CSRF.
     
  4. Vandar

    Vandar New Member

    Joined:
    8 Apr 2016
    Messages:
    3
    Likes Received:
    0
    Reputations:
    0
    В гидре есть возможность капчу обходить? нужно забрутить форму через http
     
  5. Shnaidt

    Shnaidt New Member

    Joined:
    13 Jan 2020
    Messages:
    40
    Likes Received:
    0
    Reputations:
    0
    Здравствуйте.
    Можно ли взломать админку роутера ZTE ZXHN H298A с помощью hydra?
    Пароль от Wi-Fi есть.
    Авторизация Post-Form :-(, и есть контроль по количеству неправильных попыток.
    Если в web-морде 3 раза ввести пароль неправильно, то форма блокируется на 60 секунд.
    Логин известен, и есть исчерпывающий словарь на 100 000 паролей.
    P.S.: может быть кто-то готов удаленно подключиться и помочь (небесплатно)?
     
  6. Kevin Shindel

    Kevin Shindel Elder - Старейшина

    Joined:
    24 May 2015
    Messages:
    1,011
    Likes Received:
    1,192
    Reputations:
    62
    IP внешний есть?
     
  7. CRACK211

    CRACK211 Elder - Старейшина

    Joined:
    16 Sep 2009
    Messages:
    1,050
    Likes Received:
    1,128
    Reputations:
    11
    Кто нибудь зуксел канектик пробовал гидру? Как там дела с брутом?
     
  8. user100

    user100 Moderator

    Joined:
    24 Dec 2011
    Messages:
    4,815
    Likes Received:
    18,473
    Reputations:
    377
    Там telnet и ssh бывают открыты.
    Да и если не ошибаюсь вэбформа простая для брута.
     
    _________________________
    CRACK211 likes this.
  9. Shnaidt

    Shnaidt New Member

    Joined:
    13 Jan 2020
    Messages:
    40
    Likes Received:
    0
    Reputations:
    0
    Есть. Сейчас пытаюсь через telnet подобрать.
    Nmap scan report for rt (192.168.0.1)
    Host is up (0.0094s latency).
    Not shown: 995 closed ports
    PORT STATE SERVICE
    23/tcp filtered telnet
    53/tcp open domain
    80/tcp open http
    443/tcp open https
    52869/tcp open unknown
    MAC Address: 34:DA:B7:82:2B:0A (zte)

    hydra -l superadmin -P pass.txt -t1 -w2 -m 192.168.0.1 telnet
     
    #129 Shnaidt, 14 Jan 2020
    Last edited: 14 Jan 2020
  10. Shnaidt

    Shnaidt New Member

    Joined:
    13 Jan 2020
    Messages:
    40
    Likes Received:
    0
    Reputations:
    0
    Что-то не могу понять. По инструкции пишут что можно зайти по ssh
    Подключаюсь по SSH:

    $ ssh [email protected]
    [email protected]'s password: <= здесь вводим "admin"
    ZXHN H298A V1.1
    Login:superadmin
    Password: <= здесь вводим "Zte531zTE@fnXXXXX", где XXXXX -- последние 5 цифр серийника роутера


    Попадаем в командную строку. Если нажать "?", получим доступный список команд:

    CLI>?
    Exec commands:
    enable Turn on privileged commands.
    exit Quit from telnet.
    ping Ping the destination.


    Он очень куцый, потому пишем команду enable и вводим супер-секретный пароль "zte":


    CLI#?
    Exec commands:
    configure Enter configuration mode.
    disable Exit from privilege mode.
    exit Quit from telnet.
    ping Ping the destination.
    reboot Reboot device.
    restoredefault Reset to factory configuration.
    save Save function.


    Возможностей тоже особо немного, но интересна одна из них:

    CLI#configure terminal
    Enter configuration commands, one per line. End with 'Exit'.
    CLI(config)#show tr069 basic
    tr-069 basic information:
    Wan connection :
    Acs url : http://acs.rt.ru
    Username : rtk
    Password : rtk
    Connection request url : http://0.0.0.0:58000
    Connection request username :
    Connection request password :
    Connection request port : 58000
    Enable periodic inform : Enable
    Periodic inform interval : 3600 sec
    Enable certificate : Disable


    Это фактически троян в системе, который периодически "стучит" хозяину (не вам [​IMG] )
    Чуть подробнее, что это за чудо: https://ru.wikipedia.org/wiki/TR-069

    А у меня нет доступа к 22, только к 23 порту - См. предыдущий пост.
    Code:
    root@kali:~# ssh [email protected]
    ssh: connect to host 192.168.0.1 port 22: Connection refused
    root@kali:~# ssh
    usage: ssh [-46AaCfGgKkMNnqsTtVvXxYy] [-B bind_interface]
               [-b bind_address] [-c cipher_spec] [-D [bind_address:]port]
               [-E log_file] [-e escape_char] [-F configfile] [-I pkcs11]
               [-i identity_file] [-J [user@]host[:port]] [-L address]
               [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
               [-Q query_option] [-R address] [-S ctl_path] [-W host:port]
               [-w local_tun[:remote_tun]] destination [command]
    root@kali:~# ssh [email protected]
    ssh: connect to host 192.168.0.1 port 22: Connection refused
    root@kali:~#
    
    Разобрался c ssh. К сожалению в настройках по умолчанию стоит блокировка доступа на порт 22.
     
    #130 Shnaidt, 14 Jan 2020
    Last edited: 14 Jan 2020
  11. Shnaidt

    Shnaidt New Member

    Joined:
    13 Jan 2020
    Messages:
    40
    Likes Received:
    0
    Reputations:
    0
    Как же плохо что картинки в теме не сохранены. Не могу разобраться с post-form.
    Кто-нибудь может помочь?
    https://cloud.mail.ru/public/54X6/2vtkkS43q
    Снимок экрана 2020-01-16 в 19.12.08.png

    hydra -V -l superadmin -P pass.txt 192.168.0.1 -I -t1 -w1 http-post-form -m "/css/login.css:Frm_Username=^USER^&Frm_Password=^PASS^:F=login_error_span"
     

    Attached Files:

  12. Shnaidt

    Shnaidt New Member

    Joined:
    13 Jan 2020
    Messages:
    40
    Likes Received:
    0
    Reputations:
    0
    Я пробовал через Web форму. Гидрой можно подобрать. Но нужен словарь.
     
  13. binarymaster

    binarymaster Elder - Старейшина

    Joined:
    11 Dec 2010
    Messages:
    4,717
    Likes Received:
    10,195
    Reputations:
    126
    С большой вероятностью, у вас неправильный подход к анализу POST запроса авторизации. :) Нужно смотреть на сам запрос, а не на HTML код, поскольку за отправку формы зачастую отвечает JavaScript код на странице, который может любым образом кодировать или изменять значения в полях форм.

    Судя по скриншоту могу сказать, что на таких роутерах часто используется шифрование данных входа - в лучшем случае Base64, в худшем - через AES и RSA. В последнем случае hydra не применима.
     
    Kevin Shindel and Shnaidt like this.
  14. CRACK211

    CRACK211 Elder - Старейшина

    Joined:
    16 Sep 2009
    Messages:
    1,050
    Likes Received:
    1,128
    Reputations:
    11
    Поделитесь пожалуйста словарём у кого есть.
     
  15. Shnaidt

    Shnaidt New Member

    Joined:
    13 Jan 2020
    Messages:
    40
    Likes Received:
    0
    Reputations:
    0
    Я просто пробовал. Словаря у меня нет. Словаря на 200Гб может не хватить.

    Гидра сама может генерировать пароли по ходу брута. например все пароли из 2-х букв:
    Code:
    hydra -V -l admin -x 1:2:aA -t64 192.168.1.2 -I http-get
     
    #135 Shnaidt, 16 Jan 2020
    Last edited: 17 Jan 2020
  16. Shnaidt

    Shnaidt New Member

    Joined:
    13 Jan 2020
    Messages:
    40
    Likes Received:
    0
    Reputations:
    0
    Вот здесь надо смотреть?
    Снимок экрана 2020-01-17 в 8.10.35.png
    Снимок экрана 2020-01-17 в 8.16.04.png
     
  17. Shnaidt

    Shnaidt New Member

    Joined:
    13 Jan 2020
    Messages:
    40
    Likes Received:
    0
    Reputations:
    0
    Вот полная информация.
    HTML:
    GET /function_module/login_module/login_page/logintoken_lua.lua?_=1579232251964 HTTP/1.1
    Host: 192.168.0.1
    Accept: application/xml, text/xml, */*; q=0.01
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    X-Requested-With: XMLHttpRequest
    
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cache-Control: no-cache,no-store
    Connection: close
    Content-Length: 57
    Content-Type: text/html; charset=utf-8
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    
    POST / HTTP/1.1
    Host: 192.168.0.1
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Content-Type: application/x-www-form-urlencoded
    Origin: http://192.168.0.1
    Upgrade-Insecure-Requests: 1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 302 Moved Temporarily
    Accept-Ranges: bytes
    Cache-Control: no-cache,no-store
    Connection: close
    Content-Length: 70831
    Content-Type: text/html; charset=utf-8
    Location: /
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    
    GET / HTTP/1.1
    Host: 192.168.0.1
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
    Content-Type: application/x-www-form-urlencoded
    Origin: http://192.168.0.1
    Upgrade-Insecure-Requests: 1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Cache-Control: no-cache,no-store
    Connection: close
    Content-Length: 127850
    Content-Type: text/html; charset=utf-8
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    X-XSS-Protection: 1; mode=block
    
    GET /jquery/jquery-1.7.2.min.js HTTP/1.1
    Host: 192.168.0.1
    Accept: */*
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: application/x-javascript
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /jquery/jquery.validate.min.js HTTP/1.1
    Host: 192.168.0.1
    Accept: */*
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: application/x-javascript
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /jquery/jquery.json-2.3.min.js HTTP/1.1
    Host: 192.168.0.1
    Accept: */*
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: application/x-javascript
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/Logo_rostelecom_py.png HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: image/png
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /css/login.css HTTP/1.1
    Host: 192.168.0.1
    Accept: text/css,*/*;q=0.1
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 657
    Content-Type: text/css
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/nv_left.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/nv_right.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/nv_middle.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/waiting.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/nv_s.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 162
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/English_s.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 269
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/Chinese.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 272
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/Chinese_s.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 217
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/English.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 269
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/info_m.png HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 2287
    Content-Type: image/png
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/waiting_w.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 200 OK
    Accept-Ranges: bytes
    Content-Length: 13668
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/site_holder.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/login_title.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/login_bg.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/err_m.png HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: image/png
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
    GET /img/login_footer.gif HTTP/1.1
    Host: 192.168.0.1
    Accept: image/webp,image/apng,image/*,*/*;q=0.8
    If-None-Match: "29520218ee5dbf043f715d4ad62789fa"
    User-Agent: Mozilla/5.0 (Linux; Android 6.0; Nexus 5 Build/MRA58N) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.117 Mobile Safari/537.36
    
    HTTP/1.1 304 Not Modified
    Accept-Ranges: bytes
    Connection: close
    Content-Type: image/gif
    ETag: "29520218ee5dbf043f715d4ad62789fa"
    Server: ZTE web server 1.0 ZTE corp 2015.
    X-Content-Type-Options: nosniff
    X-Frame-Options: SAMEORIGIN
    
     
  18. Shnaidt

    Shnaidt New Member

    Joined:
    13 Jan 2020
    Messages:
    40
    Likes Received:
    0
    Reputations:
    0
    Да, 23-ий открыт по умолчанию, но сначала дается 2 попытки, потом 10 секунд там-аут, и если 3-я попытка неудачная, то просто отключается.
     
  19. xxxsert

    xxxsert Well-Known Member

    Joined:
    15 Sep 2019
    Messages:
    193
    Likes Received:
    387
    Reputations:
    2
    Это заголовки, нужен зам запрос.
     
    binarymaster likes this.
  20. Shnaidt

    Shnaidt New Member

    Joined:
    13 Jan 2020
    Messages:
    40
    Likes Received:
    0
    Reputations:
    0
    А где его посмотреть?
     
Loading...