买了个米家小白摄像机( http://www.mi.com/micamera/),连接后端口扫描发现开放了 23 telnet 端口和 1883 端口, telnet 端口有办法破解得到密码吗?另外这个 1883 端口最可能是什么应用呢?
1
t895 2016-07-25 20:51:08 +08:00 1
1883 好像是内网传统端口,路由器上面会被 upnp
|
2
zhangyuting OP nmap -Pn -O 10.0.0.110
Starting Nmap 6.00 ( http://nmap.org ) at 2016-07-25 21:03 CST Nmap scan report for 10.0.0.110 Host is up (0.0034s latency). Not shown: 999 closed ports PORT STATE SERVICE 23/tcp open telnet MAC Address: F0:B4:29:C6:F3:D6 (Unknown) No exact OS matches for host (If you know what OS is running on it, see http://nmap.org/submit/ ). TCP/IP fingerprint: OS:SCAN(V=6.00%E=4%D=7/25%OT=23%CT=1%CU=32082%PV=Y%DS=1%DC=D%G=Y%M=F0B429%T OS:M=57960E2A%P=armv7l-unknown-linux-gnueabi)SEQ(SP=104%GCD=1%ISR=10E%TI=Z% OS:CI=I%II=I%TS=7)OPS(O1=M5B4ST11NW4%O2=M5B4ST11NW4%O3=M5B4NNT11NW4%O4=M5B4 OS:ST11NW4%O5=M5B4ST11NW4%O6=M5B4ST11)WIN(W1=3890%W2=3890%W3=3890%W4=3890%W OS:5=3890%W6=3890)ECN(R=Y%DF=Y%T=41%W=3908%O=M5B4NNSNW4%CC=Y%Q=)T1(R=Y%DF=Y OS:%T=41%S=O%A=S+%F=AS%RD=0%Q=)T2(R=N)T3(R=N)T4(R=Y%DF=Y%T=41%W=0%S=A%A=Z%F OS:=R%O=%RD=0%Q=)T5(R=Y%DF=Y%T=41%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y%DF=Y% OS:T=41%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=Y%T=41%W=0%S=Z%A=S+%F=AR%O=%RD OS:=0%Q=)U1(R=Y%DF=N%T=41%IPL=164%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G%RUD=G)IE OS:(R=Y%DFI=N%T=41%CD=S) Network Distance: 1 hop OS detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 20.39 seconds |
3
20150517 2016-07-26 00:29:39 +08:00 1
哈哈,我以前也想过这问题,后来找到办法是导出备份文件,查看备份文件里有没有什么服务可以 enable 的,然后再导入这个备份文件到后台,我上次 telnet 就这样被我打开了,不过我的没有密码
解密码也可以试试这思路,看看有什么可疑的 |
4
kekeones 2016-07-26 15:01:40 +08:00
现在破解了吗?
|
5
zhangyuting OP @kekeones 木有呢,有想法没?
|
6
kekeones 2016-07-27 07:53:00 +08:00 via iPhone
@zhangyuting 都想把它拆了
|
7
benfounder 2016-07-30 10:55:25 +08:00 via Android 1
拆开,找串口,也许有办法
|
8
zhangyuting OP @20150517 你试过备份小白吗?好像没办法备份,没提供这个功能
|
9
20150517 2016-08-07 15:54:49 +08:00
@zhangyuting 小白是啥,你有 admin 吗
|