ZTExploit_Source
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|
parent directory.. | ||||
------------------------------------------------------------------------------ ZTE ZXV10 H108L Router with <= V1.0.01_WIND_A01 - Remote root RCE Exploit Copyright (c) 2013 Anastasios Stasinopoulos <stasinopoulos@unipi.gr> ------------------------------------------------------------------------------ ZTE ZXV10 H108L router with WIND Hellas's custom software (<= V1.0.01_WIND_A01) is vulnerable to OS Command injection attack. By using this vulnerability an attacker is able to execute system command with root privileges. Tested on ZTE: [*] Model name : ZXV10 H108L [*] Software Version : V1.0.01_WIND_A01 <WIND Hellas's *latest* software update> [*] Hardware Version : V1.1.00 [*] Boot Loader Version : V1.0.04 "Shell" is a bind shell binary, that compiled with "mips-linux-gnu-gcc" on Debian. anast@Debian:~/Desktop$ mips-linux-gnu-gcc --static shell.c -o shell anast@Debian:~/Desktop$ file shell shell: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, for GNU/Linux 2.6.18, with unknown capability 0x41000000 = 0xf676e75, with unknown capability 0x10000 = 0x70401, not stripped anast@Debian:~/Desktop$