Intro This article covers the two CVE’s we found during our thesis work earlier this year. The devices concerned are two D-Link IP cameras. In the table below you can see the names and models and respectively their hardware and software versions. Manufacturer Model Software Version Hardware Version D-Link DCS-5000L 1.05 A D-Link DCS-932L 2.17 B Table 1 – Software and Hardware Versions The setup Our testing setup was pretty simple. In this scenario we connected the two cameras, a client running MacOS and evil client running Linux to a router. For an exact setup see Figure 1. Affected http://CAMERA_IP:80 (CVE-2021-41504) http://CAMERA_IP/video.cgi (CVE-2021-41503) Reproducibility This section contains the step necessary…
-
-
5 tips for personal cyber security
Hello there. In this post I will talk about five simple tips that can increase your personal awareness when it comes to cyber security. 1. Update your software Well that point is kind of no brainer. Usually software updates carry fixes for different problems and bugs. If there is any found vulnerability most of the time, the developers of the software would make a patch and send an update as soon as they can. Not all updates carry security stuff inside but actually you are not loosing anything. Also you can check in the description box what the update will include. That applies for all your electronics or platforms that…
-
Protection ByPass and Brute Force attack – Bludit v. 3.9.2
So this post will describe a how to bypass protection in Bludit CMS v. 3.9.2 that is if you have a username. After managing to find the password I will discuss what metasploit module can help you to get a reverse shell. So, lets begin. If we check the documentation that Bludit provides we can see how they are preventing brute force attacks. Here is a screenshot and the link if you want to read through the whole documentation. https://docs.bludit.com/en/security/brute-force-protection After some googling I found a script that I just edited. I will post the script here and the link to the original article. https://rastating.github.io/bludit-brute-force-mitigation-bypass/ What you will need to…
-
Reverse Shell vs Bind Shell
Reverse Shell Hello guys and girls. This post will just explain the difference between this two types of shell. In a later post I will provide a demo, that you can follow along. This shell is initiated from the target host to the attacker’s machine. The attackers machine should be into listening state to be able to pick up the shell connection. Why use reverse shell and not bind shell? Well reverse shells solve several issues that can be encountered. With reverse shells there is no need of a listener on the target machine. This type of shells can use commonly used and open ports like 80 or 443 –…
-
Using public Wi-Fi and what can go wrong?
Working from a coffee shop is a good way to change your day to day working experience. Many people do it. Many people also take meetings in coffee shops or study there with friends. You can see where I am going with that. Are coffee stores wi-fi safe to connect to. This article will not be limited to coffee shops but they are one of the best examples in my opinion for public Wi-Fi usage. I will split the explanation into two different categories. Let’s call them Cat. 1, Cat. 2 and Cat. 3 Cat. 1 will be about when you are sitting and using the wifi in the coffee…