Forgot Password.... Help

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Goto page 1, 2  Next
Author Message
kman-australia
DD-WRT Novice


Joined: 10 Jul 2006
Posts: 2

PostPosted: Mon Jul 10, 2006 11:52    Post subject: Forgot Password.... Help Reply with quote
I know this a long shot but here goes. I forgot my password or something has gone wrong. I know I can reset the router and start again but the routers are in spots that are almost impossible to get to. I cannot afford to loose their config. I am hardwired to one of them and the other 6 are wireless using WDS so not real easy to re-configure.

Any answers anyone???

I think I know the answer..
Sponsor
Eko
DD-WRT Developer/Maintainer


Joined: 07 Jun 2006
Posts: 5771

PostPosted: Mon Jul 10, 2006 11:56    Post subject: Reply with quote
Yes, you do...
You can use jtag to read nvram.... bla bla bla...
kman-australia
DD-WRT Novice


Joined: 10 Jul 2006
Posts: 2

PostPosted: Mon Jul 10, 2006 13:03    Post subject: Reply with quote
Thanks Eco but as I said, these routers are not easy to access. If I was going to plug a JTag in I may as well reconfigure them.

I did save their config in a file. Is the password in there?
GrumpY54gsv4
DD-WRT User


Joined: 07 Jun 2006
Posts: 286

PostPosted: Mon Jul 10, 2006 13:19    Post subject: Reply with quote
yes, it's a dump of the nvram too.
BrainSlayer
Site Admin


Joined: 06 Jun 2006
Posts: 7463
Location: Dresden, Germany

PostPosted: Mon Jul 10, 2006 13:21    Post subject: Reply with quote
but in newer v23 sp1 releases and in v24 these values are now encrypted. so its only possible if you have a older version
_________________
"So you tried to use the computer and it started smoking? Sounds like a Mac to me.." - Louis Rossmann https://www.youtube.com/watch?v=eL_5YDRWqGE&t=60s
cdkiller
DD-WRT User


Joined: 26 Jun 2007
Posts: 262
Location: Trinidad & Tobago

PostPosted: Tue Jul 22, 2008 6:40    Post subject: Reply with quote
Hi. I forgot my password for my new WRT150N. It is running v24 svn9856. I realize this means I have to reset it but I don't want to lose my configuration. I have my configuration saved from before in case I ever needed to restore it but restoring it will put back the password that I cannot remember. Is there anyone here who can edit my nvram backup file and remove the part with the password? Is that possible at all? I guessed like 50 wrong passwords already and no success, I just dunno what the hell I set as that password.
_________________
[everything is to be replicate]
soulstace
DD-WRT Guru


Joined: 04 Aug 2007
Posts: 6427

PostPosted: Tue Jul 22, 2008 6:51    Post subject: Reply with quote
You could probably edit the hashed password of the nvram backup using a Hex editor. I'm not sure though....never tried it myself.
redhawk0
DD-WRT Guru


Joined: 04 Jan 2007
Posts: 11563
Location: Wherever the wind blows- North America

PostPosted: Tue Jul 22, 2008 12:43    Post subject: Reply with quote
I agree...I would try it too. You have nothing to loose at this point...except your config....its inconvenient...but not a tragedy.

If you reset to defaults to get in...then make another backup. Check password with a hex editor and try to edit in the default password to the old backup...then restore the old backup.

Keep a copy of the original old backup....just in case you have to try multiple times.

[EDIT] - BTW...you are looking for "http_passwd" in the backup using the hex editor.

redhawk

_________________
The only stupid question....is the unasked one.
cdkiller
DD-WRT User


Joined: 26 Jun 2007
Posts: 262
Location: Trinidad & Tobago

PostPosted: Tue Jul 22, 2008 14:54    Post subject: Reply with quote
Thanks, I was asking if somebody who knew what to do could do it for me because I did not know the hex address of the password field. Since you said the string is "http_passwd" then that is just as helpful as telling me the hex address. I can now try it on my own. I didn't know if it would work because of how the password is encrypted but as you said I don't really have anything to lose. lol. Gona try, will be back. Hope it works.
_________________
[everything is to be replicate]
cdkiller
DD-WRT User


Joined: 26 Jun 2007
Posts: 262
Location: Trinidad & Tobago

PostPosted: Wed Jul 23, 2008 5:53    Post subject: Reply with quote
Ok this is worse than I thought. I followed what you said redhawk it worked but it made me realize that it wasn't me who forgot the password, somehow the router forgot it on its own and was not letting me in.

This is what happened.
I did a hard reset, then the new first page comes up where I set a new password. Then I made a backup of nvram and I loaded it up in my hex editor XVI32. Then I located my other backup with my needed configurations and loaded that in another instance of XVI32. To my surprise the values after the string "http_passwd" were the exact same thing on both. What a coincidence I had thought up the same password twice, lol.

Thus you can see my concern. My old password was the same thing which I tried to log in with many times and the router refused to let me in. Totally confusing how the router could forget its password on its own. I tried to log in multiple times with different browsers and still no success, which is what lead me to believe that maybe I just forgot what the password was but turns out that I didn't forget.

How could this happen? My only explanation is maybe I changed it at some time after I made that first backup and didn't back it up again. I have no memory of doing that though. Oh well, the main thing is it works now. Thanks for your help redhawk.

_________________
[everything is to be replicate]
redhawk0
DD-WRT Guru


Joined: 04 Jan 2007
Posts: 11563
Location: Wherever the wind blows- North America

PostPosted: Wed Jul 23, 2008 14:02    Post subject: Reply with quote
I'm glad it worked for you. So...now keep a backup of the new nvram parameters and write down the password.

I have never heard of a router forgetting its password....maybe you have a bad memory cell on that flash chip. Stranger things have happened.

Keep an eye on it. It is probably what you said though...you probably changed the password and forgot it....or you typed it wrong twice and it accepted it that way.

redhawk

_________________
The only stupid question....is the unasked one.
jmh9072
DD-WRT Guru


Joined: 04 Sep 2007
Posts: 800
Location: Ohio

PostPosted: Sat Aug 02, 2008 23:52    Post subject: Reply with quote
In v24, http_passwd is not the password; it is the salt used by the crypt() function. (Not sure if it's still used; they may be using a new encryption function now)

Your (encrypted) password is stored in newhttp_passwd.

Edit: The info above isn't correct; see the following posts. I'm not removing it in the interest of keeping the thread readable.

(Sorry for the bump; I stumbled upon this thread and thought you might want to know)

_________________
WRT54G v3 - v24 r14471M NEWD Eko - AP
WRT350N v1.0
WRT600N v1.1 - halfway there!
Se7en is Darker...


Last edited by jmh9072 on Sun Aug 03, 2008 0:23; edited 2 times in total
soulstace
DD-WRT Guru


Joined: 04 Aug 2007
Posts: 6427

PostPosted: Sun Aug 03, 2008 0:02    Post subject: Reply with quote
http_passwd stores the password hash. In v24 it is crypt format...and in v24 SP1, it is MD5. The salt is part of the hash.

My router does not even have this newhttp_passwd variable you speak of. Maybe because I do hard reset before and after upgrade.

BrainSlayer made the password system backwards compatible.
jmh9072
DD-WRT Guru


Joined: 04 Sep 2007
Posts: 800
Location: Ohio

PostPosted: Sun Aug 03, 2008 0:21    Post subject: Reply with quote
soulstace wrote:
http_passwd stores the password hash. In v24 it is crypt format...and in v24 SP1, it is MD5. The salt is part of the hash.

My router does not even have this newhttp_passwd variable you speak of. Maybe because I do hard reset before and after upgrade.

BrainSlayer made the password system backwards compatible.

Ah, nevermind. I got it backwards.

Password is stored in http_passwd; salt is in newhttp_passwd. (I could have sworn it was the other way around)

And yes, I have this variable. I usually do an mtd erase nvram at the same time I flash the firmware.

Edit: Again, I am wrong.

_________________
WRT54G v3 - v24 r14471M NEWD Eko - AP
WRT350N v1.0
WRT600N v1.1 - halfway there!
Se7en is Darker...


Last edited by jmh9072 on Sun Aug 03, 2008 0:40; edited 1 time in total
soulstace
DD-WRT Guru


Joined: 04 Aug 2007
Posts: 6427

PostPosted: Sun Aug 03, 2008 0:33    Post subject: Reply with quote
There's no reason to store the salt separate (in another variable) from the hashed result.

Maybe one is the crypt password, and the other is MD5.

Crypt hashes are short. MD5 hashes are long and you will see $ to designate that it is in fact MD5 and separated the salt from the hash.
Goto page 1, 2  Next Display posts from previous:    Page 1 of 2
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum