移动光猫探索
移动光猫 H2-2
解锁 telnet 教程: https://www.cnblogs.com/dingshaohua/p/17388270.html
查看开启端口和服务:
$ nmap -O -sV 192.168.1.1
Starting Nmap 7.80 ( https://nmap.org ) at 2025-01-15 10:33 GMT
Nmap scan report for 192.168.1.1 (192.168.1.1)
Host is up (0.0031s latency).
Not shown: 996 closed ports
PORT STATE SERVICE
23/tcp open telnet BusyBox telnetd 1.00-pre7 - 1.14.0
80/tcp open http Mini web server 1.0 (ZTE ZXV10 W300 ADSL router http config)
5080/tcp open onscreen?
8080/tcp open http-proxy
17998/tcp open unknown
17999/tcp open unknown
Service Info: OS: Linux 2.4.17; Device: broadband router; CPE: cpe:/h:zte:zxv10_w300, cpe:/o:montavista:linux_kernel:2.4.17
$ uname -a
Linux zxic 4.1.25 #3 SMP PREEMPT Fri Oct 13 16:33:00 CST 2023 armv7l GNU/Linux
#cpu
/ # cat /proc/cpuinfo
processor : 0
model name : ARMv7 Processor rev 1 (v7l)
BogoMIPS : 1987.37
Features : half thumb fastmult edsp tls
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x4
CPU part : 0xc09
CPU revision : 1
processor : 1
model name : ARMv7 Processor rev 1 (v7l)
BogoMIPS : 1993.93
Features : half thumb fastmult edsp tls
CPU implementer : 0x41
CPU architecture: 7
CPU variant : 0x4
CPU part : 0xc09
CPU revision : 1
Hardware : ZTE ZX279128S (Device Tree)
Revision : 0000
Serial : 0000000000000000
# 内存
/ # free -m
total used free shared buffers
Mem: 450 243 207 6 0
-/+ buffers: 243 207
Swap: 0 0 0
谁打开的 80, 5080, 8080?
/proc/1214 # netstat -tlnp | grep 80
tcp 0 0 192.168.1.1:80 0.0.0.0:* LISTEN 1214/httpd
tcp 0 0 :::8080 :::* LISTEN 1750/java
tcp 0 0 fe80::1:80 :::* LISTEN 1214/httpd
tcp 0 0 ::ffff:192.168.1.1:5080 :::* LISTEN 1750/java
关于 80 端口, 也就是管理页面, 使用的是 apache http server.