Blog Archives
Cyberoam Hack : As many accounts as you like
NOTE : I have now detailed the process explaining how to do it http://navkamalrakra.com/cyberoam-accounts-stealing-hacking-bypassing/
Our College has got a CybeRoam Firewall to censor our online activities, and everybody is provided with a username/password combination to connect to internet. Students get a limited access and the faculty gets unlimited access, so the the aim ultimately is, to gather as many faculty accounts as possible. In free time I wrote a shell script to accomplish this task … and in about 2 hours I had more than 100 accounts out of which more than 10 were unlimited faculty accounts 🙂 ….
It was as easy as grep -i "mode=[0-9][0-9][0-9]"
from the dump .
Here the proof (the list is too long to be displayed and the usernames as well as passwords have been trimmed off for security of accounts):
username=10803149 44 username=10901012 56 username=10901015 ki username=10901018 34 username=10901024 bh username=10901025 43 username=10901031 1* username=10901040 le username=10901042 67 username=10901047 31 username=10901048 40 username=10901056 12 username=10901062 al username=10902025 dd username=10902027 ja username=10902038 ja username=10902050 19 username=10902062 30 username=10902064 78 username=10902070 78 username=10902105 85 username=10902107 32 username=10902123 26 username=10902125 47 username=10902132 87 username=10902145 32 username=10902172 35 username=10902173 86 username=10902302 70 username=10902302 70 username=10902303 43 username=10903001 76 username=10903005 12 username=10903006 29 username=10903015 20 username=10903016 64 username=10903030 19 username=10903031 13 username=10903038 pa username=10903045 80 username=10903052 qw username=10903055 24 username=10903056 22 username=10903058 51 username=10903060 re username=10903105 31 username=10903108 32 username=10903110 24 username=10903115 80 username=10903125 25 username=10903131 20 username=10903159 90 username=10903159 90 username=10903164 71 username=10903178 ni username=11002001 88 username=11002005 67 username=11002010 28 username=11002013 41 username=11002034 49 username=11002043 82 username=11002049 23 username=11002096 52 username=11002160 10 username=11002160 um username=11002172 46 username=11002176 as username=11003301 77 username=11003309 80 username=11102146 15 username=11102156 15 username=11103042 ba username=11103069 cu username=11103323 90 username=11103333 72 username=11103339 72 username=11103339 72 username=1110339 72 username=11191039 96 username=120425727 en username=120426058 36 username=120426058 36 username=641 40 username=801090 78 username=801160 95 username=802088 mo username=802100 aa username=802124 75 username=802242 74 username=802246 59 username=amandeep pl username=amandeep pl username=baljinder hl username=daljeet sh username=dinesh ma username=ema 37 username=hardeep 72 username=harpreet 20 username=jagro 32 username=nidh 56 username=palwin 11 username=ps 74 username=rake 67 . .
The article has been moved to http://navkamalrakra.com/cyberoam-accounts-stealing-hacking-bypassing/