This is my first hand written shellcode for linux which I wrote it for fun and exploration. I am a bit new to shellcoding in *nix environments. This shellcode changes the permission of the shadow file in linux/x86 system to 0777. According to the Linux programmer’s manual of chmod it takes two arguments.
int chmod(const char *path, mode_t mode);
For reporting a security issues related to their web application I got rewarded with a license key for VMware 10 and a nice cap.
Default Password Being Used (CVE-2014-4018)
In ZTE routers the username is a constant which is “admin” and the password by default is “admin”
ROM-0 Backup File Disclosure (CVE-2014-4019)
There is a rom-0 backup file contains sensitive information such as the passwords. There is a disclosure in which anyone can download that file without any authentication by a simple GET request.
http://192.168.1.1/rom-0 Continue reading
I think by now you know the security issues disclosed related to TP-Link routers. I’ve noticed that some ZTE and TP-Link routers have the same ADSL firmware which is “FwVer:126.96.36.199_TC3086 HwVer:T14.F7_5.0”. I was curious to test the web application and I found out that the embedded server which is “RomPager” cannot handle fairly large POST requests.
Found one POST XSS issue and I got rewarded by Rapid7 ♥
Thank you very much guys! Really love this 🙂 Continue reading
For reporting many web app sec issue I got mentioned in their hall of fame. So they also sent me a small t-shirt 😉
For reporting a CSRF issue I got rewarded by Docker.