The ZTE ZXDSL 831 II modem suffers from an arbitrary configuration access vulnerability.
a8b43711287ad645fe76c7b342b3bae7fef7243eba157f66242715dcd473d0f2
-----------------------------------------------------
-->> Found By SuNHouSe2 [ALGERIAN HaCkEr] <<--
--> Made in "Maghnia City" (DZ) <--
--> Contact : sunhouse2@yahoo.com <--
--> Greetz to : His0k4 all my friends <--
--> Good Ramadan to all muslims <--
-----------------------------------------------------
Exploit tested on modem with this informations :
ZTE CORPORATION
Date : NOV 2008
Product : ADSL Modem
Model : ZXDSL 831 II --> http://www.geeksecurity.org/tsttte.JPG
Firmware Version : ZXDSL 831IIV7.5.0a_E09_OV
-----------------------------------------------------
Introduction:
This modem is used by many providers in the world like
russia india and algeria [used by provider and all clients of "Easy ADSL"].
Exploit :
We can get access to to configuration of the modem , and get PPPOE user & password.
Go only here
http://192.168.1.1/vpivci.cgi
A video uploaded to explain how we can use this exploit to get PPPOE sessions
with user & password
download video demonstration >
http://www.geeksecurity.org/vid/zxdsl-exploit-2.rar
------------------------------------------------------