Bockage
12-02-2016, 10:58 PM
I'm trying to get root access to my MiFi 5510L over serial, anyone able to help?
I found the root password in the DUU exe through a hex editor, and am running it through hashcat and john but it doesn't seem like that's gonna work. So the other option (unless Metasploit can exploit over a serial connection) is to simply change the md5crypted password in the DUU and run the DUU. Except it's not so simple. I changed the password and ran the DUU but still couldn't log in and after some more testing found that it wasn't writing the updated /etc/shadow file (and other files under /etc) at all. So if anyone knows of a way to force the DUU to rewrite everything, please do tell. Thanks.
edit: the md5crypted password is here if anyone has decent equipment and would be willing to try to crack it:
$1$X1yOXSbF$hxfhfLQA96TzuH0vQqjsR/
I found the root password in the DUU exe through a hex editor, and am running it through hashcat and john but it doesn't seem like that's gonna work. So the other option (unless Metasploit can exploit over a serial connection) is to simply change the md5crypted password in the DUU and run the DUU. Except it's not so simple. I changed the password and ran the DUU but still couldn't log in and after some more testing found that it wasn't writing the updated /etc/shadow file (and other files under /etc) at all. So if anyone knows of a way to force the DUU to rewrite everything, please do tell. Thanks.
edit: the md5crypted password is here if anyone has decent equipment and would be willing to try to crack it:
$1$X1yOXSbF$hxfhfLQA96TzuH0vQqjsR/