search

nixawk / labs

Vulnerability Labs for security analysis
1.16k stars 440 forks source link

[Exploit] CVE-2017-17411 - Linksys WVBR0 25 Command Injection #17

Open nixawk opened 6 years ago

nixawk commented 6 years ago

Command Injection

echo "xxx.xxx.xxx.xxxUSER-AGENT" | md5sum

Send a http request with an command injection payload user-agent.

References

  1. https://www.thezdi.com/blog/2017/12/13/remote-root-in-directvs-wireless-video-bridge-a-tale-of-rage-and-despair
  2. https://thehackernews.com/2017/12/directv-wvb-hack.html
  3. https://github.com/nixawk/labs/blob/master/CVE-2017-17411/exploit-CVE-2017-17411.py