I got a comment from Mr. nos_com71 about 3 Italy's firmware for u-12.
The download link is to Mediafire, which definitely is not my favorite place to pick up something I'd like to run on any of my computers. But if you think you can handle it, go for https://www.mediafire.com/?jut00ju7uov988z to get it.
Little bit of FMK:ing revealed, that 3 Italy is using a classic V100R001C12SP104 (see the article about 3 Denmark's firmware with exactly the same version). The important thing is, that he pointed out that the SSH passwords are stored unencrypted in /var/sshusers.cfg. This is exactly like my version does.
So, those people who are able to use the exploit, are able to know what the SSH-passwords are. A command like
B593cmd.pl "cat /var/sshusers.cfg" will give you immediate answer and a regular
ssh admin@-the-IP-here- /bin/sh will do the rest. As I previously stated, the thing is, you need to know the admin password to the web-console and old enough firmware to have the exploit in it to be table to any of that.
Mon | Tue | Wed | Thu | Fri | Sat | Sun |
---|---|---|---|---|---|---|
← Back | December '24 | |||||
1 | ||||||
2 | 3 | 4 | 5 | 6 | 7 | 8 |
9 | 10 | 11 | 12 | 13 | 14 | 15 |
16 | 17 | 18 | 19 | 20 | 21 | 22 |
23 | 24 | 25 | 26 | 27 | 28 | 29 |
30 | 31 |
C532 on :
My firmware is V100R001C58SP060 and I'm thinking about giving a try to this new version
Jari Turkia on :
If you do check the firmware, can you please drop us a comment. What we're most interested is to update Mr. Grønli's spreadsheet with the details (see: https://onedrive.live.com/view.aspx?resid=B483589C2FD81F7D!207).
C532 on :
Jari Turkia on :
About the spreadsheet. It is maintained by a fellow hacker, Mr. Bjørn Grønli from Norway. Hopefully he'll pick up your comments and update the list.
nos_com71 on :
another good news,another new firmware from a Polish operator ,which you can find all SSH passwords in the same track by FTPing ur set ,
https://www.nortonzone.com/pickup/128753?key=3tsx2QZyPtGNSRA3FSnpeZWAN7vmnKFnmaDdF_umtuS9pxsuORCW5Vctsrbt9I9I&src=url
see u.
Jari Turkia on :
nos_com71 on :
if u have a problem with the port in HTTPS ,u suppose better than me in solving this problem.
suggest another site to upload it.
its release is V100R001C69SP103
try to google it.
thanks
Jari Turkia on :