when i looked at the headers in form data from the network tap after i typed and clicked submit password ! i found this csrf_token=kxyI5jBIMphjywfasdWKwHoL1M3IBilEoE&y.Standard=b%2Fg%2Fn&y.MaxBitRate=Auto&y.X_Wlan11NHtMcs=33&y.Enable=1&y.AutoChannelEnable=1&y.Channel=6&y.SSIDAdvertisementEnabled=1&y.X_WlanIsolateControl=0&y.WMMEnable=1&y.X_Wlan11NBWControl=20%2F40&y.X_Wlan11NGIControl=long&y.SSID=mywifi&y.X_AssociateDeviceNum=32&y.X_PowerValue=20&y.BeaconType=11i&z.Enable=1&z.X_WPSMode=ap-pbc&k.PreSharedKey=passstest&y.IEEE11iEncryptionModes=AESEncryption&x.X_WLANEnable=1 the curl command curl "http://192.168.1.1/html/ntwkall/set...tion.1.WPS&RequestFile=/html/ntwkall/wlan.asp" -H "Connection: keep-alive" -H "Cache-Control: max-age=0" -H "Origin: http://192.168.1.1" -H "Upgrade-Insecure-Requests: 1" -H "DNT: 1" -H "Content-Type: application/x-www-form-urlencoded" -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.90 Safari/537.36" -H "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3" -H "Referer: http://192.168.1.1/html/ntwkall/wlan.asp" -H "Accept-Encoding: gzip, deflate" -H "Accept-Language: en-US,en;q=0.9,ar;q=0.8" -H "Cookie: Language=en; SessionID_R3=gDQMrUbPQvIY0lkIlqhHM3Qrh9MrVI4l0WZDrEtCllFDHLmrnBM937tK24cI5FxTQRhV0p1dflSm6dA7AwaUgE2HOEoADTtS8DM8vU6TyFWwFZbxhE8QZ25k85zsVqYc; FirstMenu=Admin_1; SecondMenu=Admin_1_2; ThirdMenu=Admin_1_2_0" --data "csrf_token=XGusO59EJlffVQ0sWpMA7ftQo7JH5gQN&y.Standard=b%2Fg%2Fn&y.MaxBitRate=Auto&y.X_Wlan11NHtMcs=33&y.Enable=1&y.AutoChannelEnable=1&y.Channel=6&y.SSIDAdvertisementEnabled=1&y.X_WlanIsolateControl=0&y.WMMEnable=1&y.X_Wlan11NBWControl=20%2F40&y.X_Wlan11NGIControl=long&y.SSID=mywifi&y.X_AssociateDeviceNum=32&y.X_PowerValue=20&y.BeaconType=11i&z.Enable=1&z.X_WPSMode=ap-pbc&k.PreSharedKey=passstest&y.IEEE11iEncryptionModes=AESEncryption&x.X_WLANEnable=1" this the url of that request http://192.168.1.1/html/ntwkall/set...tion.1.WPS&RequestFile=/html/ntwkall/wlan.asp and changing the wpa pre-shared input bar type from password to text gave me this @1GV)Z<! and this is not the password .. any ideas on how can i get the password ? note when i visit that url i get page not found !!!!! and router scan get's password <not accessible>
and these lines from the page what pissed me the most !! var keys = [["InternetGatewayDevice.LANDevice.1.WLANConfiguration.1.WEPKey.1","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.1.WEPKey.2","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.1.WEPKey.3","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.1.WEPKey.4","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.2.WEPKey.1","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.2.WEPKey.2","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.2.WEPKey.3","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.2.WEPKey.4","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.3.WEPKey.1","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.3.WEPKey.2","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.3.WEPKey.3","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.3.WEPKey.4","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.4.WEPKey.1","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.4.WEPKey.2","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.4.WEPKey.3","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.4.WEPKey.4","@1GV\x29Z\x3c!"],null]; var wpaPskKey = [["InternetGatewayDevice.LANDevice.1.WLANConfiguration.1.PreSharedKey.1","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.2.PreSharedKey.1","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.3.PreSharedKey.1","@1GV\x29Z\x3c!"],["InternetGatewayDevice.LANDevice.1.WLANConfiguration.4.PreSharedKey.1","@1GV\x29Z\x3c!"],null]; what does they do ?
