trentbuck@gmail.com (Trent W. Buck) wrote:
Rohan McLeod <rhn@jeack.com.au> writes:
James Harper wrote:
NetComm ADSL2+ Router NB6_REV2_16M Software Version: 3.65p And I'm in. It's a shell, but can't tell what. ps shows a 'sh' process running. Actually: ps --help BusyBox v1.00 (2010.01.12-11:52+0000) multi-call binary So... not bash. thanks , interesting well that's a relief ! IMO this is not a reliable test.
I know of at least Thecus NAS installs which ship busybox, but include bash. Such a system would show the same "I'm busybox" output when running ps in bash, since it is not a bash builtin.
I don't know offhand of a reliable test. Off the top of my head, I'd suggest "echo $BASH_VERSION", which seems to be under --posix (which more-or-less correponds to invoking as argv[0] = "/bin/sh").
Probably the Right Thing would be to test for the actual vuln.
Thanks Trent: Well as mentioned I can only Telnet 192.168.1.1 to the login prompt; thus far can't find a working u/n and p/w combination to get me to the shell; definitely not the u/n "admin" and p/w "admin" (default) of the web interface; which seems to be the case for James. Actually now I notice the firmware for my Netcomm NB6Plus4W (iPrimus issued) is vs 3.65n wheras Jame's NetComm ADSL2+ Router NB6_REV2_16M is vs 3.65p iPrimus support nearly had a nervous breakdown when consulted; couldn't even tell me whether it was deliberately blocked ! Netcomm support are supposedly going to email me a working u/n and p/w and even gave me a reference number !; if something eventuates, I post the result regards Rohan McLeod
_______________________________________________ luv-main mailing list luv-main@luv.asn.au http://lists.luv.asn.au/listinfo/luv-main