out of the b0x 😉

 

downloaded a router online config apk , run it on LD Player and activated burp suite .

checking the request :

 

 

sent it to repeater and  ..

 

 

response got a filter

"0.0.0.0\n"

 

changed a bit in it and play again and i was able to remote command ! next i was thinking to get reverse shell and all failed ( i guess due to iptables )

this graps my attention

so did my key (ssh-keygen) locally and decided to inject it !

injecting ..

and volla !