Home > Blog > Sitecom Proof of Concept Reverse Shell Exploit

Sitecom Proof of Concept Reverse Shell Exploit

Gepubliceerd door admin on september 11, 2012

We have received some feedback on the slew of vulnerabilities we disclosed in Sitecom and Conceptronic consumer NAS devices. More than once we heard the comment: "Show me a shell or it didn't happen". It seems that vulnerability outlets like Secunia, OSVDB et al. share a similar view resulting in a severity rating of "less critical".

While we think the details that we disclosed in our advisories are more than disturbing, we thought we'd take it one step further and give you what you have asked for.




In under 200 lines of Python code (comments excluded)  we show you how to turn the two "less critical" vulnerabilities described in advisory AA-007 and AA-008 into a fully functional, reverse connecting remote root shell. The astute reader will probaly notice this PoC code requires network access to the device's web GUI. This is intentionally done to prevent script kiddies from using this code for nefarious purposes. It is left as an exercise for the reader to think of the possibilities of a browser drive-by-attack gaining instant access to the crown jewels of many families relying on a very poorly secured Internet-connected consumer device.