[SOLVED] Is this a backdoor account in zte router ?

[mina_7]

i found these when i opened the router config file using router pass view tool from nirsoft.

I can login using the username admin and the blurred password(my password).

But i can't login using these

although the enable value = 1
the only difference i see is the app ID
What would that be ? Why are they there ?

 

[nigelivey]

Tin foil hat required!! Not understanding why it is there doesnt make it nefarious. Have you researched this on the internet and found any hint of this? If you found this using readily available software I'd suggest the answer is no........people make a living out of finding this stuff!!

 

[mina_7]

Have you researched this on the internet and found any hint of this?

i have searched but found no one talking about it other than a post that said he doesn't get what these are !

 

[nigelivey]

i have searched but found no one talking about it other than a post that said he doesn't get what these are !

How many user accounts can be set up from within the GUI if you are an administrator? There is nothing to say this part of the firmware isn't valid on this device.

 

[mina_7]

How many user accounts can be set up from within the GUI if you are an administrator?

only the admin account

but when i edit a bit in the html of the page
changing this value to one .. changes the username from admin to user making the number anyhigher doesn't do anything

i can change the username but can't get it to be enabled

the fetch request of that change

fetch("http://192.168.1.1/getpage.gch?pid=1002&nextpage=manager_aduser_conf_t.gch", {"credentials":"include","headers":{"accept":"text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9","accept-language":"en-US,en;q=0.9,ar;q=0.8,ru;q=0.7","cache-control":"max-age=0","content-type":"application/x-www-form-urlencoded","upgrade-insecure-requests":"1"},"referrer":"http://192.168.1.1/getpage.gch?pid=1002&nextpage=manager_aduser_conf_t.gch","referrerPolicy":"no-referrer-when-downgrade","body":"IF_ACTION=apply&IF_ERRORSTR=SUCC&IF_ERRORPARAM=SUCC&IF_ERRORTYPE=-1&IF_INDEX=1&Type=NULL&Enable=NULL&Username=user&Password=testtest&Right=NULL&Type0=1&Enable0=1&Username0=admin&Password0=******&Right0=1&Type1=1&Enable1=0&Username1=user&Password1=******&Right1=2&OldPassword=user&_SESSION_TOKEN=9812267521418555","method":"POST","mode":"cors"});

the page html code
https://pastebin.com/cULjHziC

 

[mina_7]

There is nothing to say this part of the firmware isn't valid on this device.

yup you are right ....... i asked the support but they avoided to answer me !
@nigelivey