Robot | Path | Permission |
GoogleBot | / | ✔ |
BingBot | / | ✔ |
BaiduSpider | / | ✔ |
YandexBot | / | ✔ |
Title | Tech With |
Description | AG3100D Tech With K Koorosh Developer / Security Researcher Home Categories Tags Archives About GitHub Twitter Mail AG3100D Nov 20, 2021 in Hardware Hacking , Sec |
Keywords | N/A |
WebSite | koorosh.dev |
Host IP | 172.67.143.9 |
Location | United States |
Site | Rank |
US$1,737
Last updated: 2022-07-20 07:03:50
koorosh.dev has Semrush global rank of 0. koorosh.dev has an estimated worth of US$ 1,737, based on its estimated Ads revenue. koorosh.dev receives approximately 200 unique visitors each day. Its web server is located in United States, with IP address 172.67.143.9. According to SiteAdvisor, koorosh.dev is safe to visit. |
Purchase/Sale Value | US$1,737 |
Daily Ads Revenue | US$1 |
Monthly Ads Revenue | US$48 |
Yearly Ads Revenue | US$577 |
Daily Unique Visitors | 13 |
Note: All traffic and earnings values are estimates. |
Host | Type | TTL | Data |
koorosh.dev. | A | 300 | IP: 172.67.143.9 |
koorosh.dev. | A | 300 | IP: 104.21.87.118 |
koorosh.dev. | AAAA | 300 | IPV6: 2606:4700:3037::ac43:8f09 |
koorosh.dev. | AAAA | 300 | IPV6: 2606:4700:3031::6815:5776 |
koorosh.dev. | NS | 86400 | NS Record: newt.ns.cloudflare.com. |
koorosh.dev. | NS | 86400 | NS Record: kristin.ns.cloudflare.com. |
koorosh.dev. | TXT | 300 | TXT Record: Sendinblue-code:501403f89bdfd80946e60bc714884b5e |
koorosh.dev. | TXT | 300 | TXT Record: v=spf1 include:spf.sendinblue.com mx ~all |
Tech With K Koorosh Developer / Security Researcher Home Categories Tags Archives About GitHub Twitter Mail AG3100D Nov 20, 2021 in Hardware Hacking , Security AirMaster AG3100D Security Analysis AG3100D is the newest variant of 3100 families with the support of 4G/LTE. the whole firmware has changed (probably the board has changed too, I haven’t opened the device box :/) there are some improvements on the new firmware, but most of the previous enhancements are lost due to making the latest firmware. Password Hashing (good, bad, and the ugly) user passwords are hashed in this firmware using HMAC-SHA1, but the problem is, it’s getting hashed on the client-side, and the hash gets checked in the embedded web server against the hashed password stored in the NVRAM. you can read the javascript hashing code 1 2 3 4 var hmacObj = new jsSHA("SHA-1", "TEXT"); hmacObj.setHMACKey("*kztech*", "TEXT"); hmacObj.update("admin"); g_value = hmacObj.getHMAC("HEX"); The good part is the attacker can’t |
HTTP/1.1 301 Moved Permanently Date: Wed, 03 Nov 2021 17:54:56 GMT Connection: keep-alive Cache-Control: max-age=3600 Expires: Wed, 03 Nov 2021 18:54:56 GMT Location: https://blog.koorosh.dev Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zmvql9B03f63wB8Lgre82lFU7u9NUsWN2wYb3pEEo8dVtofTuu3D0ofR9imtXV1qVV42DKvMQ6pI3jyIQnsuU4Mc15%2B9zfnF%2BfkPqSjToshJ%2FodfQi8pQUku6fL5Gg%3D%3D"}],"group":"cf-nel","max_age":604800} NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server: cloudflare CF-RAY: 6a87787e1e0e2ae2-ORD alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 HTTP/2 200 date: Wed, 03 Nov 2021 17:54:56 GMT content-type: text/html; charset=utf-8 last-modified: Mon, 23 Aug 2021 20:25:23 GMT access-control-allow-origin: * expires: Wed, 03 Nov 2021 18:04:56 GMT cache-control: max-age=600 x-proxy-cache: MISS x-github-request-id: 5362:5EF7:38FE1A:547C45:6182CCF0 via: 1.1 varnish age: 0 x-served-by: cache-mdw17322-MDW x-cache: MISS x-cache-hits: 0 x-timer: S1635962096.460846,VS0,VE30 vary: Accept-Encoding x-fastly-request-id: ab91f4306a7182ac3650cd9185f421043f47e561 cf-cache-status: DYNAMIC expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HDG1Ciq7m8yi6VIHsrDY%2FjWvK2M5b6vx7v787ObjN5%2BtoZHNKMqaDaRJxLze%2FfZq%2BpWzI%2FdyPGRw0yL8r0LNvBOME9F8A%2FsHWIyU%2FXzClu%2FYFWfBzgRdYOd43rQacMHQ5Me"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 6a87787ecefa2bc4-ORD alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 |
Domain Name: koorosh.dev Registry Domain ID: 45B1BAEED-DEV Registrar WHOIS Server: whois.1api.net Registrar URL: http://www.1API.net Updated Date: 2021-03-02T19:48:34Z Creation Date: 2021-02-08T21:27:21Z Registry Expiry Date: 2022-02-08T21:27:21Z Registrar: 1API GmbH Registrar IANA ID: 1387 Registrar Abuse Contact Email: abuse@1api.net Registrar Abuse Contact Phone: +49.68949396850 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Registrant Organization: Digital Software Solutions Registrant State/Province: Istanbul Registrant Country: TR Name Server: kristin.ns.cloudflare.com Name Server: newt.ns.cloudflare.com DNSSEC: unsigned >>> Last update of WHOIS database: 2021-10-10T09:11:59Z <<< |