The signal from my broadband router is pretty poor by the time it reaches the bedroom at the other end of the apartment, so a number of years ago I bought a BT Homespot 600 (mini edition). It does the job, though various devices (mostly those by a certain fruit company) think that they should connect to the router when they’re in the bedroom, and to the extension access point when they’re next to the router; go figure.
I wanted to try flipping the AP to broadcast as the main AP name, to see if the fruit devices get any smarter about which one to connect to based on signal strength. To do this, I needed to log in to the device. Step 1, find the damn thing on the network – it’s not DHCPd, and I’d forgotten where it lives. BT provide some software that must listen to network broadcasts, because it found the AP controller almost instantly.
Step 2 – log in. I haven’t changed the (terrible) password, so load up http://ip.addr.es.s/ of the AP controller, type in the password, tick the remember me box (because why not), and I’m … not in. Ok, why is this thing failing to even respond to the request; Firefox’s development tools say it pretty much RSTd the connection after trying to process the password. Wait, why is the password being stored in a cookie, along with the username? Why does it have client side Javascript that automatically makes logins from the same network use the admin account? Why can I get some of the password protected pages to render in the browser without having a cookie from the AP controller?
Thankfully, this thing is just a WiFi access point that piggybacks on the apartment power infrastructure to provide a better strength wireless connection in the back half of the apartment. It’s very tempting to see if I can make it cough up access without actually having the password.