TUCoPS :: HP Unsorted M :: va2022.htm

Multiple XSRF in DD-WRT (Remote Root Command Execution)
Multiple XSRF in DD-WRT (Remote Root Command Execution)
Multiple XSRF in DD-WRT (Remote Root Command Execution)


Author: Michael Brooks (!!!!)

I usually don't like posting my leet exploits to bugtraq because it is so unprofessional. You guys usually malform my exploits so they are totally useless,  even to someone trying to write a patch! You also tend to get the wrong name!  Michael Brooks wrote this!

Exploits tested on the newest stable version:
Firmware: DD-WRT v24-sp1 (07/27/08) micro
Product Homepage:http://dd-wrt.com/ 

Impact:
1)Remote root command execution /bin/sh
2)Change web administration password and enable remote administration
3)create new Port Forwarding rules to bypass NAT.


       
               
       
       Remote root command execution /bin/sh

action="http://192.168.1.1/apply.cgi" id=1> 
               
               
               
               
               
               
               
       



       enable remote administration and change login to root:password

action="http://192.168.1.1/apply.cgi"> 
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
               
       



       Change Port Forwarding to byass NAT protection.

action="http://192.168.1.1/apply.cgi">

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH