Jump to content
  • Hello visitors, welcome to the Hacker World Forum!

    Red Team 1949  (formerly CHT Attack and Defense Team) In this rapidly changing Internet era, we maintain our original intention and create the best community to jointly exchange network technologies. You can obtain hacker attack and defense skills and knowledge in the forum, or you can join our Telegram communication group to discuss and communicate in real time. All kinds of advertisements are prohibited in the forum. Please register as a registered user to check our usage and privacy policy. Thank you for your cooperation.

    TheHackerWorld Official

iBall-Baton WRA150N Rom-0 Backup - File Disclosure (Sensitive Information)

 Share


Recommended Posts

# Exploit Title: iBall-Baton WRA150N Rom-0 Backup - File Disclosure (Sensitive Information)
# Date: 07/01/2021
# Exploit Author: h4cks1n
# Vendor Homepage: iball.co.in
# Version: iBall-Baton WRA150N
#Tested on : Windows 7/8/8.1/10, Parrot Linux OS


# The iBall-Baton router version WRA150N is vulnerable to the Rom-0
Extraction exploit.

The rom-0 is a file which contains the ADSL Login credentials.

In the case of this router the access to this file is unusually not
encrypted.

The file can be accessed by following methods:


Method 1 : Type the WiFi IP address in the browser followed by /rom-0 (For
example - 192.168.1.1/rom-0). The rom-0 file will be downloaded. The file
is obfuscated,however.It needs to be deobfuscated using online decryptors

#Online Rom-0 decryptor - http://www.routerpwn.com/zynos/
#Offline Rom-0 decryptor - https://github.com/rootkick/Rom-0-Decoder

Method 2: (Linux)
This full process can be automated by using threat 9's routersploit

Routersploit Download- https://github.com/threat9/routersploit

Download and run routersploit and use router/multi/rom-0  module
            
Link to post
Link to comment
Share on other sites

 Share

discussion group

discussion group

    You don't have permission to chat.
    • Recently Browsing   0 members

      • No registered users viewing this page.
    ×
    ×
    • Create New...