init

README.md

@@ -0,0 +1,13 @@
+# Unicom Youhua Communications Router PT952G root password
+
+联通友华通信路由器PT952G获取ROOT密码  
+
+## 使用方法 
+
+1.连接路由器的WIFI  
+2.打开浏览器输入 http://192.168.1.1/ 确认可以进入管理页面  
+3.运行  
+    ./UYC-Router-PT952G-Root-Password  
+    .\UYC-Router-PT952G-Root-Password.exe  
+
+4.终端打印获取到的超级用户密码  

build.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+set -x
+
+
+BIN="UYC-Router-PT952G-Root-Password"
+
+
+CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o ${BIN}-linux-arm64 -a -ldflags '-extldflags "-static"'
+CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o ${BIN}-linux-amd64 -a -ldflags '-extldflags "-static"'
+CGO_ENABLED=0 GOOS=windows GOARCH=amd64 go build -o ${BIN}-linux-amd64.exe -a -ldflags '-extldflags "-static"'

go.mod

@@ -0,0 +1,15 @@
+module UYC-Router-PT952G-Root-Password
+
+go 1.23.5
+
+require github.com/jlaffaye/ftp v0.2.0
+
+require (
+	github.com/go-ping/ping v1.2.0 // indirect
+	github.com/google/uuid v1.2.0 // indirect
+	github.com/hashicorp/errwrap v1.0.0 // indirect
+	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4 // indirect
+	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c // indirect
+	golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005 // indirect
+)

go.sum

@@ -0,0 +1,20 @@
+github.com/go-ping/ping v1.2.0 h1:vsJ8slZBZAXNCK4dPcI2PEE9eM9n9RbXbGouVQ/Y4yQ=
+github.com/go-ping/ping v1.2.0/go.mod h1:xIFjORFzTxqIV/tDVGO4eDy/bLuSyawEeojSm3GfRGk=
+github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs=
+github.com/google/uuid v1.2.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=
+github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
+github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
+github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM=
+github.com/jlaffaye/ftp v0.2.0 h1:lXNvW7cBu7R/68bknOX3MrRIIqZ61zELs1P2RAiA3lg=
+github.com/jlaffaye/ftp v0.2.0/go.mod h1:is2Ds5qkhceAPy2xD6RLI6hmp/qysSoymZ+Z2uTnspI=
+golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4 h1:b0LrWgu8+q7z4J+0Y3Umo5q1dL7NXBkKBWkaVkAq17E=
+golang.org/x/net v0.0.0-20210316092652-d523dce5a7f4/go.mod h1:RBQZq4jEuRlivfhVLdyRGr576XBO4/greRjx4P4O3yc=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005 h1:pDMpM2zh2MT0kHy037cKlSby2nEhD50SYqwQk76Nm40=
+golang.org/x/sys v0.0.0-20210315160823-c6e025ad8005/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

main.go

@@ -0,0 +1,73 @@
+package main
+
+import (
+	"bytes"
+	"fmt"
+	"log"
+	"os"
+	"time"
+
+	"github.com/jlaffaye/ftp"
+)
+
+/*
+	联通友华通信路由器PT952G获取root密码
+	时间：：2025年02月03日 星期五 22时41分09秒
+*/
+
+func main() {
+
+	ftp_server_addr := "192.168.1.1"
+
+	if !test_port(ftp_server_addr, 21, 2*time.Second) {
+		fmt.Printf("目标 %s:%d 无法访问\n", ftp_server_addr, 21)
+		return
+	}
+
+	// 这里可以继续连接 FTP
+	fmt.Println("目标 IP 可达，继续连接 FTP...")
+
+	// 使用禁用 UTF-8 的选项连接到 FTP 服务器
+	conn, err := ftp.Dial(ftp_server_addr+":21", ftp.DialWithDisabledUTF8(true))
+	if err != nil {
+		log.Fatalf("无法连接到 FTP 服务器: %v", err)
+	}
+	defer conn.Quit()
+
+	// 登录 FTP 服务器
+	err = conn.Login("e8ftp", "e8ftp")
+	if err != nil {
+		log.Fatalf("登录失败: %v", err)
+	}
+
+	// 切换到目标目录
+	err = conn.ChangeDir("/var/config/")
+	if err != nil {
+		log.Fatalf("切换目录失败: %v", err)
+	}
+
+	// 下载文件
+	resp, err := conn.Retr("lastgood.xml")
+	if err != nil {
+		log.Fatalf("无法下载文件: %v", err)
+	}
+	defer resp.Close()
+
+	// 将文件内容读入内存
+	buf := new(bytes.Buffer)
+	_, err = buf.ReadFrom(resp)
+	if err != nil {
+		log.Fatalf("读取文件失败: %v", err)
+	}
+
+	// 保存到本地文件
+	localFileName := "lastgood.xml"
+	err = os.WriteFile(localFileName, buf.Bytes(), 0644)
+	if err != nil {
+		log.Fatalf("保存本地文件失败: %v", err)
+	}
+
+	fmt.Printf("文件下载完成并保存为 %s\n", localFileName)
+
+	_search()
+}

search.go

@@ -0,0 +1,51 @@
+package main
+
+import (
+	"bufio"
+	"fmt"
+	"log"
+	"os"
+	"regexp"
+	"strings"
+)
+
+func _search() {
+	// 打开文件
+	file, err := os.Open("lastgood.xml")
+	if err != nil {
+		log.Fatalf("无法打开文件: %v", err)
+	}
+	defer file.Close()
+
+	// 搜索目标字段
+	searchField := "SUSER_PASSWORD"
+	password := ""
+
+	scanner := bufio.NewScanner(file)
+	for scanner.Scan() {
+		line := scanner.Text()
+		if strings.Contains(line, searchField) {
+			fmt.Printf("找到字段: %s\n", line)
+
+			// 提取密码
+			re := regexp.MustCompile(`Value="([^"]+)"`)
+			matches := re.FindStringSubmatch(line)
+			if len(matches) > 1 {
+				password = matches[1]
+			}
+			break
+		}
+	}
+
+	// 检查文件是否已完全扫描
+	if err := scanner.Err(); err != nil {
+		log.Fatalf("读取文件失败: %v", err)
+	}
+
+	// 输出提取的密码
+	if password != "" {
+		fmt.Printf("提取的密码是: %s\n", password)
+	} else {
+		fmt.Printf("未找到字段或未提取到密码: %s\n", searchField)
+	}
+}

test.go

@@ -0,0 +1,19 @@
+package main
+
+import (
+	"fmt"
+	"net"
+	"time"
+)
+
+// 检查指定的 IP 和端口是否可达
+func test_port(ip string, port int, timeout time.Duration) bool {
+	address := fmt.Sprintf("%s:%d", ip, port)
+	conn, err := net.DialTimeout("tcp", address, timeout)
+	if err != nil {
+		fmt.Printf("无法连接到 %s: %v\n", address, err)
+		return false
+	}
+	defer conn.Close()
+	return true
+}