
You receive a Dlink_firmware. Somewhere inside this binary there are telnet credentials stored. Your task is to analyze the file and find the credentials…
This time I’ll use the Attify OS VMWare Image to solve this task.
After extraction I’ll first browse to the /etc directory.
There is a directory called scripts with a bunch of shell scripts inside. I can check each of them manually, but a much efficienter way is to use the tool grep for that…
grep -irn 'telnet' .
From the output we get, I’ll have a closer look on the shellscript telnetd.sh
The login name is: Alphanetworks and the password is stored in a variable called $image_sign
image_sign= cat /etc/config/image_sign
password: wrgn23_dlwbr_dir300b
Schreib einen Kommentar