跳到主要內容

發表文章

目前顯示的是 4月, 2013的文章

Linksys WRT54GL backdoor

OS Command Injection The vulnerability is caused by missing input validation in the wan_hostname parameter and can be exploited to inject and execute arbitrary shell commands. With wget it is possible to upload and execute a backdoor to compromise the device. You need to be authenticated to the device or you have to find other methods for inserting the malicious commands. link here

tp-link back door

TP-Link 是流行的无线路由器。TP-Link的某些无线路由器设备实现上存在后门,通过发送特定的请求可以完全控制设备。向设备发送请求“ http://192.168.0.1/userRpmNatDebugRpm26525557/start_art.html ”(这里假设路由器IP为192.168.0.1),路由器会从发起请求的机器下载一个nart.out文件,并以root权限执行该文件。 TL-WR941N V6.0 patch link TL-WR743N V2.0 patch link TL-WDR4310/ 4320 V1.0 patch link from http://www.cnvd.org.cn/webinfo/show/3205   details from sekurak poland and here