Routerpwn - One click exploits, generators, tools, news, vulnerabilities, poc, alerts

A framework for identifying and launching exploits against internal network hosts. Works via WebRTC IP enumeration, WebSocket host scanning, and external resource fingerprinting.

mandatory

2015/09/15

Software

devttys0

Sasquatch is a modified unsquashfs utility that attempts to support as many hacked-up vendor-specific SquashFS implementations as possible.

devttys0

2014/06/21

One click

websecurity

D-Link DAP-1360 CSRF and information disclosure

MustLive

2014/06/21

One click

websecurity

D-Link DAP-1360 XSS & CSRF

MustLive

2015/06/08

One click

exploit-db

D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change

Dawid Czagan

2015/01/10

Advisory PoC

RedTeam Pentesting

OmniSwitch 6450, 6250, 6850E, 9000E, 6400, 6855 OmniSwitch Web Interface Weak Session ID

RedTeam Pentesting

2015/06/08

One click

search-lab

D-Link DSL-526B ADSL2+ AU_2.01 - Unauthenticated Remote DNS Change

Dawid Czagan

2015/05/27

Advisory

search-lab

Multiple vulnerabilities in D-LINK DNS-320, DNS-320l, DNS-327l, and DNR-326 devices

Gergely Eberhardt

2015/02/28

One click

websecurity

ASUS RT-G32 CSRF Add admin:admin account

MustLive

2015/06/28

Advisory

Tangible Security

D-Link DCS-930L DCS-931L DCS-932L DCS-933L DCS-931L - Allows Authenticated User Unrestricted File Upload - CSRF - FW 1.04 and Older

Allen Harper

2015/06/16

Advisory PoC

vulnerability-lab

ZTE ZXV10 W300 v3.1.0c_DR0 - UI Session Vulnerability

Hadji Samir

2014/05/16

Advisory PoC

Rapid7

Ubee DDW3611 & Ambit U10C019 Configuration disclosure via SNMP public string

Deral Heiland

2014/05/16

Advisory PoC

Rapid7

Motorola Netopia 3347 Configuration disclosure via SNMP public string

Deral Heiland

2010/12/27

Advisory PoC

seguridadwireless

NetGear WN2000RPT v2 Authentication Bypass Reboot

Boombox

2015/06/27

Advisory PoC

cxsecurity

NetGear ProSafe SRX5308 FVS336Gv3 FVS336Gv2 FVS318N v4.3.2-7 and v4.3.3-3 Cross Site Scripting / SQL Injection / Header Injection

Juan J. Güelfo

2015/05/28

Software

nirsoft

RouterPassView v1.57 - Recover lost password from router backup file. Remember to run in command line for full router support.

nirsoft

2015/06/10

Advisory PoC

8thbit.net

TP-Link W8961DN v3 rom0 download via C6 cookie

Koorosh Ghorbani

2015/04/10

Analysis PoC

/dev/ttys0

D-Link DAP-1522 revB, DAP-1650 revB, DIR-890L, DIR-880L, DIR-865L, DIR-860L revA, DIR-860L revB DIR-815 revB, DIR-300 revB, DIR-600 revB, DIR-645, TEW-751DR, TEW-733GR HNAP SOAPAction-Header Command Execution

Craig Heffner

2015/05/05

Metasploit module

Rapid7

D-Link DAP-1522 revB, DAP-1650 revB, DIR-880L, DIR-865L, DIR-860L revA, DIR-860L revB DIR-815 revB, DIR-300 revB, DIR-600 revB, DIR-645, TEW-751DR, TEW-733GR HNAP SOAPAction-Header Command Execution

Samuel Huntley, Craig Heffner, Michael Messner

2015/02/13

Advisory PoC

D-Link

D-Link DIR-645 FW 1.04b12 Command Injection

Samuel Huntley

2013/10/24

Analysis PoC

Shadow-file

NetGearD-Link wndr3700v4 Command Injection

Zach Cutlip

2015/02/11

Analysis PoC

Kernelpicnic

NetGear SOAPWNDR Authentication Bypass

Peter Adkins

2015/02/26

Advisory PoC

Kernelpicnic

TRENDnet Multiple vulnerabilities in D-Link and TRENDnet 'ncc2' service

Peter Adkins

2015/06/11

Advisory PoC

Kernelpicnic

D-Link Multiple vulnerabilities in D-Link and TRENDnet 'ncc2' service

Peter Adkins

2015/06/11

One click

Kernelpicnic

D-Link DSP-W110 (Rev A) v1.05b01 Information Disclosure WLAN SSID, MAC, Versions

Peter Adkins

2015/06/11

Advisory PoC

Kernelpicnic

D-Link DSP-W110 (Rev A) v1.05b01 Arbitrary command execution / SQL Injection / file upload

Peter Adkins

2015/06/29

One click

Daniel Cisa

ZTE F660 V2.22.21 Authentication Bypass Download config [SET IP]

Daniel Cisa

2015/01/30

Generator

sn4kebites

Pirelli Alice Telecom Italia SSID Alice-########

Dren

2015/01/30

One click

Routerpwn

D-Link DSL-2680 Authentication Bypass Reboot

Dren

2015/06/28

Generator

Websec

Alcatel-Lucent 240W - Vecinitum de fibra

Luis Colunga

2015/06/16

Hardware

Bus Pirate

Bus Pirate is a universal bus interface that talks to electronics from a computer serial terminal. Protocols 1-Wire, I2C, SPI, JTAG, asynchronous serial (UART), MIDI, PC keyboard, HD44780 LCDs, and generic 2- and 3-wire libraries for custom protocols.

Dangerous Prototypes

2015/05/21

Software

Rapid7

SSH-BADKEYS: A collection of static SSH keys (public and private) that have made their way into software and hardware products. Inspired by the Little Black Box project, but focused primarily on SSH (as opposed SSL) keys. Currently has Array Networks, Ceragon Fibeair, F5 BigIP, loadbalancer.org enterprise, quantum dxi v1000, vagrant and tandberg.

hdmoore

2015/05/28

Advisory

SEC Consult

D-Link DIR-615 C NetUSB Kernel Stack Buffer Overflow

SEC Consult Vulnerability Lab

2015/05/28

Advisory

SEC Consult

TP-LINK NetUSB Archer C2 V1.0 C5 V2.0 C7 V2.0 C8 C9 D2 D5 D7 D7B D9 VR200 TC-VG3XXX TC-W1XXX TD-W8XXX TD-W9XXX TL-WRXXXX TX-VG1530

SEC Consult Vulnerability Lab

2015/05/28