TUCoPS :: Network Appliances :: b06-4366.htm

2wire Gateway DoS
DoS 2wire Gateway
DoS 2wire Gateway


[Refer:http://www.mexhackteam.org/prethoonker/DoS_ADV_2Wire.txt]=0D 
=0D
####################################################          << Denegation of Service >>   =0D
###           2 w i r e   G a t e w a y=0D
###  =0D
###        Preth00nker [at] gmail [dot] com=0D
###                BY PRETH00NKER  =0D
### http://mexhackteam.org =0D 
###  =0D
###           Special dedication for my friends of:  =0D
### < < http://www.elhacker.net > > =0D 
###  =0D
######################################################  =0D
=0D
[ Introduction ]=0D
=0D
  (*) 2wire Gateway User Interface: It Work with the Modems / Routers =0D
of 2Wire, Inc., it take the work out of manage a local network. =0D
the Users see important information about the DSL connection, =0D
devices on the network, firewall logs, and more. Optional notification =0D
features let users know if there is a problem and guides them to a fix.=0D
=0D
  (*) CRLF: It's a special character or sequence of characters =0D
signifying the end of a line of text.=0D
=0D
   [Char] [ Complete name ] [Hex]  [ascii]=0D
     CR  = Carriage Return = \0A  =  10=0D
     LF  = Line_Feed       = \0D  =  13=0D
 =0D
[ Explanation ]=0D
=0D
When a evil request is maked and sended at 2wire Webserver=0D
and this can't process the request, result as a Denegation =0D
of service (DoS).=0D
The error comes at the moment of include a End_of_line (CRLF)=0D
into any variable, when we're using a GET method it's =0D
imposible (inside a normal situation), but, it's really true?..=0D
=0D
[ PoC ]=0D
=0D
http://www.mexhackteam.org/prethoonker/DoS%20%20.cpp

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH