时间:2015-03-04 | 来源:互联网 | 阅读:163
话题:
这里有一个小小的提醒,ac30fffc是”sw $s0, -4($at)”的16进制值。现在我们可以确定解压后的镜像基址在0×80020000。这如上面所提及到的,我们知道”解锁”字节在地址0x8034FF94上,如果我们将它从”1”改到”0”,那么此时路由应该不需要密码验证了。让我们来试试看:
atrb8034ff94 8034FF94:01 OK atwb8034ff94,0 OK atgo80020000 Copyright(c) 2001 - 2006 TP-LINK TECHNOLOGIES CO., LTD initializech = 0, TC2105MJ, ethernet address: 14:cc:20:57:38:2a initializech = 1, ethernet address: 14:cc:20:57:38:2a WanChannel init ........ done Reset dmt Check DMTversion =b2 ........ InitializingADSL F/W ........ done ADSL HWversion: b2, HCLK 140 ok ==>natTableMemoryInit <==natTableMemoryInitANNEXAIJLM US bitswapon,DS bitswap on OlrON SRAON Testlab 32 largeD flag=2(0:maxD=64, 1:maxD=128, 2:maxD=511) portreverse: on inputline: sysdisa Erasing 4KSector... Erasing 4KSector... writeRomBlock():Erase OK! ble PM! DyingaspOFF! dhcpaddress probe action is disabled Valid Lossof power OFF! rundistributePvcFakeMac! set trymultimode number to 3 (dropmode try num 3) Syncookieswitch On! rundistributePvcFakeMac! rundistributePvcFakeMac! run d Erasing 4KSector... Erasing 4KSector... writeRomBlock():Erase OK! istributePvcFakeMac! rundistributePvcFakeMac! rundistributePvcFakeMac! rundistributePvcFakeMac! rundistributePvcFakeMac! rundistributePvcFakeMac! PressENTER to continue... cawan$curl 192.168.1.1
湘ICP备2022002427号-10湘公网安备:43070202000427号
© 2013~2019 haote.com 好特网