Skip to content

Instantly share code, notes, and snippets.

@jkctech
Created January 16, 2023 15:51
Embed
What would you like to do?
Bypass for Ziggo modems forced password strength

Bypass for Ziggo modems forced password strength

In my use case I HAD to implement an 8 character password for my WiFi network. However, this was not accepted since Ziggo modems require you to have at least 10 characters as a password.

I fixed that :)

In the sourcecode of the WebUI it's easy to spot where the strength validation is happening. By simply disabling the return statements (Therefore just ignoring the errors) we can force the modem to accept the new password even though it does not meet the required limits.

How to use:

  1. Navigate to the Wireless page and fill in your desired (weak) password / SSID
  2. Copy the raw contents of passfix.js
  3. Open your browser's debug window using F12
  4. Paste the contents of your clipboard into the JavaScript console and press Enter
  5. Click the Save button on the bottom of the Wireless page and ignore any warnings that come up
  6. After about a minute, reload the page if it has not done so by itself
  7. Enjoy your freedom :)
// Disabled returns on SSID and password checks...
// Did not bother to remove them for the sake of keeping stuff together
function setWirelessAccessFix(){
$(bubblecontent).empty();
if(!checkPskey(0) && ($("#wlSecurity").val() != "0")){
NoticeStrart("w_sec01","setWirelessBasic()");
$('.PasswordErrorMessage2G').hide();
$('#PasswordErrorMessage2G,.WifiSufficient2G').show();
$('#wlSecKey').addClass('error');
//return changeBoth['TriggerClick']=false;
}
if(!checkPskey(1) && ($("#wlSecurity5G").val() != "0")){
NoticeStrart("w_sec01","setWirelessBasic()");
$('.PasswordErrorMessage5G').hide();
$('#PasswordErrorMessage5G,.WifiSufficient5G').show();
$('#wlSecKey5G').addClass('error');
//return changeBoth['TriggerClick']=false;
}
if(!checkSSID(0)){
//console.log('SSID error');
//return changeBoth['TriggerClick']=false;
}
if(!checkSSID(1)){
//console.log('SSID error');
//return changeBoth['TriggerClick']=false;
}
if(PWstrength2G==0 && ($("#wlSecurity").val() != "0")){
NoticeStrart("w_sec01","setWirelessBasic()");
$('.PasswordErrorMessage2G').hide();
$('#PasswordErrorMessage2G,.WifiSufficient2G').show();
$('#wlSecKey').addClass('error');
//return changeBoth['TriggerClick']=false;
}
if(PWstrength5G==0 && ($("#wlSecurity5G").val() != "0")){
NoticeStrart("w_sec01","setWirelessBasic()");
$('.PasswordErrorMessage5G').hide();
$('#PasswordErrorMessage5G,.WifiSufficient5G').show();
$('#wlSecKey5G').addClass('error');
//return changeBoth['TriggerClick']=false;
}
//set security
var wlSecurity2g = 0;
var wlWpaalg2g = 0; //NONE
var wlSecurity5g = 0;
var wlWpaalg5g = 0;
switch($('#wlSecurity').val()){
case '0': //disable(0);
wlSecurity2g=0;
wlWpaalg2g=0
break;
case '4': //WPA2PSK
wlSecurity2g=4;
wlWpaalg2g=2
break;
case '8': //WPAPSK/WPA2PSK
wlSecurity2g=8;
wlWpaalg2g=3
break;
}
switch($('#wlSecurity5G').val()){
case '0': //disable(0);
wlSecurity5g=0;
wlWpaalg5g=0
break;
case '4': //WPA2PSK
wlSecurity5g=4;
wlWpaalg5g=2
break;
case '8': //WPAPSK/WPA2PSK
wlSecurity5g=8;
wlWpaalg5g=3
break;
}
var wlBandMode2g = BssEnable2g;
var wlBandMode5g = BssEnable5g;
var wlSsid2g = $('#wlSsid').val();
var wlSsid5g = $('#wlSsid5G').val();
var wlHiden2g = $('input[name=BroadRadio2G]:checked').val();
var wlHiden5g = $('input[name=BroadRadio5G]:checked').val();
var wlPSkey2g = $('#wlSecKey').val();
var wlPSkey5g = $('#wlSecKey5G').val();
if(CheckPrimaryGuestPWIsSame(wlPSkey2g))
{
$('.PasswordErrorMessage2G').hide();
$('#PasswordErrorMessage2G,.WifiSamePwd2G').show();
return changeBoth['TriggerClick']=false;
}
if(CheckPrimaryGuestPWIsSame(wlPSkey5g))
{
$('.PasswordErrorMessage5G').hide();
$('#PasswordErrorMessage5G,.WifiSamePwd5G').show();
return changeBoth['TriggerClick']=false;
}
var CI = 0;// Current Interface
if((!checkIsChange("ACL")) && !checkIsChange("Basic")){
waitTimeScreen("../wifi_page/WirelessSecurity.html",1,"c_43","wait-massage");
return;
}
//note:the BandMode here is BssEnable for primary SSID,not real BandMode
for(var i=0; i<MacArray24G[CI].length; i++){
if(MacArray24G[CI][i] == "")
MacArray24G[CI][i] = "00:00:00:00:00:00";
}
for(var i=0; i<MacArray5G[CI].length; i++){
if(MacArray5G[CI][i] == "")
MacArray5G[CI][i] = "00:00:00:00:00:00";
}
var data = {
'fun': 321,
'wlBandMode2g':wlBandMode2g, 'wlBandMode5g':wlBandMode5g,
'wlSsid2g':wlSsid2g, 'wlSsid5g':wlSsid5g,
'wlHiden2g':wlHiden2g, 'wlHiden5g':wlHiden5g,
'wlPSkey2g':wlPSkey2g, 'wlPSkey5g':wlPSkey5g,
'wlSecurity2g':wlSecurity2g, 'wlSecurity5g':wlSecurity5g,
'wlWpaalg2g':wlWpaalg2g, 'wlWpaalg5g':wlWpaalg5g,
'WiFiAccessMode': $('input[name=2GMacFilter]:checked').val(),
'DeviceName_2G_01':DeviceNameArray24G[CI][ 0], 'DeviceName_2G_02':DeviceNameArray24G[CI][ 1],
'DeviceName_2G_03':DeviceNameArray24G[CI][ 2], 'DeviceName_2G_04':DeviceNameArray24G[CI][ 3],
'DeviceName_2G_05':DeviceNameArray24G[CI][ 4], 'DeviceName_2G_06':DeviceNameArray24G[CI][ 5],
'DeviceName_2G_07':DeviceNameArray24G[CI][ 6], 'DeviceName_2G_08':DeviceNameArray24G[CI][ 7],
'DeviceName_2G_09':DeviceNameArray24G[CI][ 8], 'DeviceName_2G_10':DeviceNameArray24G[CI][ 9],
'DeviceName_2G_11':DeviceNameArray24G[CI][10], 'DeviceName_2G_12':DeviceNameArray24G[CI][11],
'DeviceName_2G_13':DeviceNameArray24G[CI][12], 'DeviceName_2G_14':DeviceNameArray24G[CI][13],
'DeviceName_2G_15':DeviceNameArray24G[CI][14], 'DeviceName_2G_16':DeviceNameArray24G[CI][15],
'MAC_2G_By_01_08':(MacArray24G[CI][ 0]+MacArray24G[CI][ 1]+MacArray24G[CI][ 2]+MacArray24G[CI][ 3]+MacArray24G[CI][ 4]+MacArray24G[CI][ 5]+MacArray24G[CI][ 6]+MacArray24G[CI][ 7]).replace(/:/g,''),
'MAC_2G_By_09_16':(MacArray24G[CI][ 8]+MacArray24G[CI][ 9]+MacArray24G[CI][10]+MacArray24G[CI][11]+MacArray24G[CI][12]+MacArray24G[CI][13]+MacArray24G[CI][14]+MacArray24G[CI][15]).replace(/:/g,''),
'DeviceName_5G_01':DeviceNameArray5G[CI][ 0], 'DeviceName_5G_02':DeviceNameArray5G[CI][ 1],
'DeviceName_5G_03':DeviceNameArray5G[CI][ 2], 'DeviceName_5G_04':DeviceNameArray5G[CI][ 3],
'DeviceName_5G_05':DeviceNameArray5G[CI][ 4], 'DeviceName_5G_06':DeviceNameArray5G[CI][ 5],
'DeviceName_5G_07':DeviceNameArray5G[CI][ 6], 'DeviceName_5G_08':DeviceNameArray5G[CI][ 7],
'DeviceName_5G_09':DeviceNameArray5G[CI][ 8], 'DeviceName_5G_10':DeviceNameArray5G[CI][ 9],
'DeviceName_5G_11':DeviceNameArray5G[CI][10], 'DeviceName_5G_12':DeviceNameArray5G[CI][11],
'DeviceName_5G_13':DeviceNameArray5G[CI][12], 'DeviceName_5G_14':DeviceNameArray5G[CI][13],
'DeviceName_5G_15':DeviceNameArray5G[CI][14], 'DeviceName_5G_16':DeviceNameArray5G[CI][15],
'MAC_5G_By_01_08':(MacArray5G[CI][ 0]+MacArray5G[CI][ 1]+MacArray5G[CI][ 2]+MacArray5G[CI][ 3]+MacArray5G[CI][ 4]+MacArray5G[CI][ 5]+MacArray5G[CI][ 6]+MacArray5G[CI][ 7]).replace(/:/g,''),
'MAC_5G_By_09_16':(MacArray5G[CI][ 8]+MacArray5G[CI][ 9]+MacArray5G[CI][10]+MacArray5G[CI][11]+MacArray5G[CI][12]+MacArray5G[CI][13]+MacArray5G[CI][14]+MacArray5G[CI][15]).replace(/:/g,'')
};
var waitScreen = function(){
waitTimeScreen("",35,"c_43","wait-massage",updatesuccess);
setTimeout(function(){
CheckWifiStatus("wifi_page/WirelessSecurity.html");
}, 30 * 1000);
}
GlobalSt["waitTimeScreen"] = false;
ajaxSet(data,waitScreen,NoneAction,updateerror);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment