Showing 1 - 3 of 3

Files Date: 2015-09-27

Webfig Terminal Offline Brute Force Attack: Posted Sep 27, 2015; Authored by Jonas; The encryption scheme used by Mikrotik's Webfig terminal software as seen on the RB750GL running RouterOS version 6.18 is susceptible to offline brute force attacks that allow a third party to recover login credentials (username and password) as well as full decryption of the terminal session. Full write up and proof of concept tools are included in this archive.; tags | exploit, proof of concept; SHA-256 | d0d1affb518b37657fed9af631a57aa3813a11d020ea75cb33748ab31aba0ae0; Download | Favorite | View

Mango Automation 2.6.0 Cross Site Scripting: Posted Sep 27, 2015; Authored by LiquidWorm | Site zeroscience.mk; Mango Automation version 2.6.0 is prone to a reflected cross site scripting vulnerability due to a failure to properly sanitize user-supplied input to the 'username' POST parameter in the 'login.htm' script. Attackers can exploit this issue to execute arbitrary HTML and script code in a user's browser session.; tags | exploit, arbitrary, xss; SHA-256 | 41ab244aefa7fced98821ec993549932a6899a590c057be0463567b385b9e724; Download | Favorite | View

Mango Automation 2.6.0 User Enumeration: Posted Sep 27, 2015; Authored by LiquidWorm | Site zeroscience.mk; Mango Automation version 2.6.0 suffers from a user enumeration weakness vulnerability.; tags | exploit; SHA-256 | 537cc8a30faefec691fd5f8e0974b8ccb201b1d73876b4069c8f983045648729; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days