iExploit

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Apply for Membership

Top Posters

Who's Online (1)

Powered by Vanilla. Made with Bootstrap.
Looking to introduce yourself? Look no further, and click here! We also have IRC! [irc.evilzone.org #iexploit]
Cross Router Command Execution
  • Xin
    Posts: 3,251
    I posted this in the private forums before the rollback so ill type it out again and hope we can get working on it.

    Every night i lie and think about possible exploits and vulnerabilities programs have, anyway heres what i thought...

    We always have the problem that when we wanna pwn some noob across the internet there behind a firewall with no open ports. However what if they were open?

    In theory, if you were to get the user to click on a javascript submit button on your website, and get the user to navigate to a range of router IP's from our backend router database and try default usernames and passwords as 70% of people dont change the password on the router.
    We could get the user to navigate to
    192.168.2.1/login.cgi?user=admin&pass=admin (in my case lol) then we using other javascript functions we could remotely open the ports.

    This would all be done with post requests and uses the fact that the client is making the requests so they can see the router and we cant.
    It would never get picked up by viruses and just relies on the user having a default username and password for the router.

    Im stilling working out how to identify the router model atm
    Xin
  • chroniccommand
    Posts: 1,389
    I feel as though this would work best with PHP instead of jscript.
  • Xin
    Posts: 3,251
    said:


    I feel as though this would work best with PHP instead of jscript.



    Yeah but PHP is server side the language needs to be client side to work
    Xin
  • chroniccommand
    Posts: 1,389
    said:


    said:


    I feel as though this would work best with PHP instead of jscript.



    Yeah but PHP is server side the language needs to be client side to work


    Ah yes I see your point. Wasn't thinking straight lol. I'm not the best at javascript :/
  • Xin
    Posts: 3,251
    said:


    said:


    said:


    I feel as though this would work best with PHP instead of jscript.



    Yeah but PHP is server side the language needs to be client side to work


    Ah yes I see your point. Wasn't thinking straight lol. I'm not the best at javascript :/


    Me neither unfortunately, i could easily do it in Silverlight as thats client side, but then like no-one uses silverlight lol
    Xin
Add a Comment