天翼宽带家庭网关后门

 

地址：http://192.168.x.x:8080/publicSecu.html

打开电信的光猫，打开上面的网页，输入光猫的账号密码，默认是

用户名：telecomadmin

密码：nE7jA%5m

不多解释，一看界面上的文字就知道这个是干嘛的。

网上有人说这个后门是强制启用，但是我看的时候并不是，所以琢磨了一下看看网页源码。

	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
	<html xmlns="http://www.w3.org/1999/xhtml">
	<head>
	<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
	<meta http-equiv='Pragma' content='no-cache'>
	<title>公安溯源-公安溯源-安全</title>
	<link rel="stylesheet" href='stylemain.css' type='text/css'>
	<link rel="stylesheet" href='colors.css' type='text/css'>
	<script type="text/javascript" src="jquery.js"></script>
	<script type="text/javascript" src="util.js"></script>
	<script type="text/javascript">
	var sessionKey='1964050583';
	var XINJIANG_GASY = '0|2';
	XINJIANG_GASY=XINJIANG_GASY.split('|');
	var publicSecenable = XINJIANG_GASY[0]; //是否启用
	var publicSecPluginInx=XINJIANG_GASY[1];
	function frmLoad() {
	with(document.forms[0]) {
	if (publicSecenable == '0') {
	publicSecTraceabilityEnable.checked = false;
	} else {
	publicSecTraceabilityEnable.checked = true;
	}
	publicSecPluginVal.selectedIndex= parseInt(publicSecPluginInx)-1;
	}
	}
	function saveClick() {
	var loc = 'publicSecu.cmd?';
	with ( document.forms[0] ) {
	if(publicSecTraceabilityEnable.checked == true)
	loc += '&enable=1';
	else
	loc += '&enable=0';
	if ( publicSecPluginVal.value == "1" )
	loc += '&SJCJ=1';
	else if( publicSecPluginVal.value == "2")
	loc += '&SJCJ=2';
	else if( publicSecPluginVal.value == "3")
	loc += '&SJCJ=3';
	else if( publicSecPluginVal.value == "4")
	loc += '&SJCJ=4';
	}
	loc += '&sessionKey=' + sessionKey;
	var code = 'location="' + loc + '"';
	eval(code);
	}
	</script>
	</head>
	<body onLoad='frmLoad()'>
	<form action="" method="">
	<b id="Title_mac_filter_tips">公安溯源 —— 本页可设置溯源平台</b> <br />
	<br />
	<table border="0" cellpadding="3" cellspacing="0" width="100%">
	<tr>
	<td width="164">启用</td>
	<td ><input type='checkbox' name='publicSecTraceabilityEnable' id="publicSecTraceabilityEnable" value="1" /></td>
	</tr>
	<tr>
	<td width="164">启用插件</td>
	<td >
	<select name="publicSecPluginVal" id="publicSecplugin" >
	<option value="1">广州巨泰_WIFIDOG</option>
	<option value="2">广州巨泰_NOWIFIDOG</option>
	<option value="3">任子行_WIFIDOG</option>
	<option value="4">任子行_NOWIFIDOG</option>
	</select>
	</td>
	<tr>
	<td width="164">&nbsp;</td>
	<td></td>
	</tr>
	<tr>
	<td width="164">&nbsp;</td>
	<td></td>
	</tr>
	<tr>
	<td width="164">&nbsp;</td>
	<td id="ModeSave_button"><input type="button" name="save" onclick="saveClick()" value="保存" />
	</td>
	</tr>
	</table>
	</form>
	</body>
	</html>

看了源码就知道了，是在某个地区会强制启用。