利用审查元素查看浏览器保存的移动光猫页面明文密码-不要干坏事

Posted jasy

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了利用审查元素查看浏览器保存的移动光猫页面明文密码-不要干坏事相关的知识,希望对你有一定的参考价值。

技术图片

 

 技术图片

 nmap扫描出来一个csrf漏洞

C:
map 192.168.1.1 --script=auth,vuln
Starting Nmap 7.70 ( https://nmap.org ) at 2020-02-21 23:19 ?D1ú±ê×?ê±??
mass_dns: warning: Unable to determine any DNS servers. Reverse DNS is disabled. Try using --system-dns or specify valid servers with --dns-servers
Stats: 0:02:00 elapsed; 0 hosts completed (1 up), 1 undergoing Script Scan
NSE Timing: About 98.59% done; ETC: 23:21 (0:00:00 remaining)
Nmap scan report for 192.168.1.1
Host is up (0.0044s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
80/tcp   open  http
|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
| http-csrf:
| Spidering limited to: maxdepth=3; maxpagecount=20; withinhost=192.168.1.1
|   Found the following possible CSRF vulnerabilities:
|
|     Path: http://192.168.1.1:80/
|     Form id: top
|_    Form action: javascript:submit();
|_http-dombased-xss: Couldn‘t find any DOM based XSS.
|_http-stored-xss: Couldn‘t find any stored XSS vulnerabilities.
|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
5080/tcp open  onscreen
8080/tcp open  http-proxy
|_http-aspnet-debug: ERROR: Script execution failed (use -d to debug)
|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
MAC Address: FC:8F:7D:41:0C:6C (Unknown)

 

以上是关于利用审查元素查看浏览器保存的移动光猫页面明文密码-不要干坏事的主要内容,如果未能解决你的问题,请参考以下文章

查看360极速浏览器已保存的星号密码明文

光猫获取超级密码

改了审查元素还是看不了密码

怎样用360浏览器的F12键保存图片

谷歌浏览器查看光猫宽带密码

友华PT921光猫改了宽带密码后找不到宽带密码登录口,怎么设置和登录宽