Sitemap

Earning money by finding hard core Secret in D-Link Firmware

3 min readFeb 25, 2021

--

Every firmware has a default username and password, and if a person is able to find they might get money in exchange of this vulnerability . In this tutorial i will teach you how to find username and password in one of the firmware of D-Link.

Let’s start:-

* First we need a firmware, as i am using firmware of D-Link which i have already downloaded, you can also download it from the following site:- http://dlink.co.in/firmware/ftp.aspx

* I am using AttifyOs in this tutorial, it’s an operating system with pre-load tools which will help us to find the default username and password. It’s downloaded and install in my system , you can download it from the following site:- https://www.attify.com/attifyos

◙ Now open terminal in AttifyOs, and use command “cd /tools/firmware-mod-kit” this will take us to folder “firmware-mod-kit”, firmware should be in this folder.

◙ Now we will use command:- “binwalk Dlink_firmware.bin” to find the code embedded inside of firmware images.

◙ Now we will use command :- “dd if=Dlink_firmware.bin skip=917632 bs=1 of=hello” to create and copy files which we left previously.

hello is created
hello is created.

◙ Now we will use command:- “binwalk -e Dlink_firmware.bin” to create an extracted file of .bin.

_Dlink_firmware.biin.extracted is created.

◙ Now let’s enter in “_Dlink_firmware.bin.extracted” , here we will find a folder name “squashfs-root” it contain all system files.

◙ Now use command:- “grep -iRn “telnet” it will search for telnet in every file and folder (i : to ignore case sensitive , R : to find “telnet” in each files and directory, n : to print in next line)

◙ Here we find that “/etc/scripts/misc/” there’s a script which run’s to start the telnet….. we might find some usefull infirmation in it.

◙ Use “cd etc/scripts/misc/” to navigate ins misc folder, here we will se “telnetd.sh” let’s see what’s in it, use command : “cat telnetd.sh”

◙ Here we got two things the username and location where default password is stored… We can see “Alphanetworks” near “/usr/sbin/login” it’s the default username of the firmware.. and the highlighted part is the location of default password of firmware :- “/etx/config/image_sign”

◙ Let’s navigate to this folder using command: “cd /home/oit/tools/firmware-mod-kit/_Dlink_firmware.bin.extracted/squashfs-root/etc/config”

◙ Here we will se a file name “image_sign” this find contain the default password of firmware, let’s see the password using command “cat image_sign”

◙ So we finally found the password :::

◙ These are the steps which we can use to find the default username and passwords and earn money….

✭ Hope you understand all the steps :::✭

Please fell free to Dm for an Query ::

See you in next tutorial ::::: Till than Thank You…!

--

--

Gagan Khunteta
Gagan Khunteta

Written by Gagan Khunteta

Passionate about motivation, tech, and cybersecurity? Join me for daily inspiration, tech trends, and practical cybersecurity tips.

No responses yet