Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Re - Linking all of my old ' guest ' pastebins to one main account so i dont have to search for all of them through google
- Main PasteBin Link -> http://pastebin.com/urSwn6db
- -------------------------------------------------------------------------------------------------------
- Xerox WorkCentre Exploit
- By:Hex00010
- 03/12/2012
- What is Xerox WorkCentre?
- in very very very very quick easy to use term its a printer
- yeah you see printer everyone is like okay whats the big deal about this?
- its a fucking printer for christ sakes?
- True it is BUT when this software is deployed onto client machines it also adds a service
- this service runs through the whole network as think of it as a " root admin "
- this root admin can alter the entire network through simple methods.
- The Severity of this exploit is that of a local root exploit
- Major companies use this software such as
- -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- NorthwesTel -
- For over 60 years, Northwestel has served the largest operating area in the Western hemisphere and played a large hand in transforming communications in Northern Canada.
- As part of our 2011 Vision, we will focus on offering innovative technology to our customers - making connections happen in their lives.
- United States Houston Texas , University Of Houston
- University of Alaska
- United States Foley Mebtel Communications
- Brazil Campina Grande Universidade Federal De Campina Grande
- etc etc etc etc
- -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- Note that this is just a quick type up to show people and what not - All of this will be re-posted in the upcoming days in a more better detailed , and graphed explanation
- Below is just random copy / paste i decided to show that this exploit reveals to you once executed
- -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- Protocols -
- AppleTalk
- NetWare
- TCP/IP
- SNMP
- SSDP
- LPR/LPD
- Raw TCP/IP Printing
- IPP
- SMTP Server
- LDAP Directory
- HTTP
- { Example Copy / paste text on page LDAP Directory
- Server Information Name or IP Address: IP Address
- Host Name
- Primary LDAP Host Name and Port: :
- Alternate LDAP Host Name and Port:
- LDAP Access
- Search Directory Root: ou=business units,dc=*******Deleted TEXT******linprofac,dc=com
- Login Credentials to Access LDAP Server :
- LDAP Bind
- Bind Method : Anonymous
- Simple
- Login Name: <---------- Allows you to update account information
- Password:
- Retype Password:
- Select to save new password
- Append base DN:
- { Example Copy / paste text on page SMTP
- Server Information
- Name or IP Address: IP Address
- Host Name
- SMTP Host Name and Port: smtptor.snclav********** DELETED TEXT *****.com :
- SMTP Server Authentication: Server Requires SMTP Authentication
- Login Name: prof******\********xerox2
- DNS SETTINGS
- TCP/IP General
- Protocol: Enable
- Physical Connection: Ethernet
- Host Name:
- IP Address Resolution:
- Machine IP Address:
- Subnet Mask:
- Gateway Address:
- DNS Settings Domain Name:
- Primary DNS Server:
- Secondary DNS Server:
- Dynamic DNS Registration: Enable
- Primary WINS Server:
- Secondary WINS Server:
- SLP Configuration Protocol: Enable
- Port Number: 427
- Character Set: US-ASCII
- Directory Agent:
- Scope 1:
- Scope 2:
- Scope 3:
- Message Type:
- Multicast Radius: (0-255)
- MTU:
- -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
- Services -
- Authentication Setup
- Add new user accounts - Email Accounts
- Even got Printer Settings on this bitch lol
- Font Number:
- Symbol Set:
- Font Pitch:
- Font Height:
- Lines Per Form:
- Line Termination:
- Machine Name: Customer ID Name:
- Fax Number: Customer ID Number:
- Ring To Answer: Times Prefix Dial:
- Redial Term: Minutes Discard Size: mm
- Redial Count: Times Stamp Receiver Name:
- Speaker: ECM Mode:
- Ringer: Auto Report:
- Receive Mode: Rx Reduction:
- Fax Duplex: Auto Clear Timeout: Sec
- Sending Confirmation:
- Anyways - This exploit is available for sell
- What you will get
- 1. Script to Detect International Systems using this software
- 2. Exploit + Method to gain full root internal access
- This is just a draft type up so dont expect a lot to be typed in here and what not i will do the real paper later on
- Anyways with that said Hope you liked it :)
- Proof of Concept -> http://i41.tinypic.com/29239ki.png
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement