zte router and lan pc

[D4rkL3on]

Hello,

I am using neighborhood internet ...and I need help to access the router web interface.
The router is the ZTE ZXHN H108NS. I have tried every password like admin:admin, admin:1234 etc but no luck.
I saw in the internet that this router has default username admin and pass 8 digits (a-f, 1-0). Is impossible to try bruteforce because it is around 4billion combos! I also read on forums that this router is exploitable, but I didn't find anything for that only for H108N which the default user/pass is admin/admin. Then I tried to hack into neighborhood pc using backbox linux and metasploit...no luck there either...I even tried MitM attack but nothing :/
Is  there any chance any way to take that damn password?

Thanks in advance!

[white-knight]

You could always ask for the password 


Or try using Hydra or medusa to brute the login  or burp and so on 

[D4rkL3on]

I did once ask the wifi pass but he refuse...I dont think he will give me the web interface pass!!

With hydra it will take me years to bruteforce! I was wondering if I get into his pc it would be easier

[white-knight]

I was wondering if I get into his pc it would be easier

Since you are connected to his network you can practically do anything you want within your skill level

[0pt1musPr1m3]

Don't ask for someone to feed you with a spoon so you can do some shady illegal shit. Go read a book and learn something.


You are acting like a queer in a dildo shop... Quit being so excited and read some directions before you hurt yourself.

[dumbSec]

I would probably set up an apache page that cloned the interface of the router then add some type of warning about security update.  He will most likely  just type in the credentials to see what is going on and they will be sent straight to you.  An easy way to do this is to use setoolkit i believe.  with a little bit of html addition to the original page it will look very legit and and create a level of urgency that will require his attention. https://www.youtube.com/watch?v=kGcdeAPMmfs

that is only the first part because then you have to cause him to open it,  it is best if it just pops up when he tries to open a webpage and looks like a router alert or update that requires his information to continue. you will need him to connect to your ip somehow.  DNS spoofing is the best way unless you have physical access to his computer.    This may cause problems however as there are many people using this network it sounds like.  If you can forward most responses to regular dns then only change the response for a certain page that he is most likely to use but not the other residents then you have a chance.  another option is to give him a link to the page you have created and hope he opens it,  not always reliable. 

I am not going to try and give you a walkthrough on how to do this since every situation is different but this may be an option to look into if you really need to get into the router.  Once you have the router the game becomes much easier because then you can use site cloning and set up dns in the router in many routers to link a specific page search to your clones(ie facebook, gmail, or whatever other credentials you would like to grab)
hope this has been helpful and gives you something to learn about
noSec

p.s. way too many emotocons dude

[D4rkL3on]

Well I appreciate the help

I will look into to see some tutorials on how to do this and hopefully I will grand access to the router!