Search the Community
Showing results for tags 'seagate'.
#!/usr/bin/python # seagate_ftp_remote_root.py # # Seagate Central Remote Root Exploit # # Jeremy Brown [jbrown3264/gmail] # May 2015 # # -Synopsis- # # Seagate Central by default has a passwordless root account (and no option to change it). # One way to exploit this is to log into it's ftp server and upload a php shell to the webroot. # From there, we can execute commands with root privileges as lighttpd is also running as root. # # -Fixes- # # Seagate scheduled it's updates to go live on April 28th, 2015. # # Tested Firmware Version: 2014.0410.0026-F # import sys from ftplib import FTP por
Seagate, over the weekend, confirmed the zero-day vulnerability in its Seagate Business Storage 2-Bay NAS boxes disclosed March 1. But in the same breath, told customers exposed to the vulnerability that a patch is still two months away. “For those customers who choose to keep their networks open, Seagate will be issuing a software patch for download expected May 2015,” said a statement emailed to Threatpost. Seagate said that after analyzing the vulnerability, it has determined the zero-day to be low risk because it affects only those customers to expose the NAS boxes to the Internet. “With f
Compania rusa de securitate cibernetica Kaspersky a descoperit un program de spionaj american pus in HDD-urile Seagate si Western Digital. In ultimii 5 ani piata HDD-urilor a vazut cateva modificari importante si numarul a scazut de la 3 producatori la 2. Din acest motiv umbla cateva suspiciuni. In prezent avem doi mari producatori americani: Seagate si WD. La randul lor acestia au preluat si alte divizii precum Hitachi, Samsung, Toshiba sau HGST. Potrivit Kaspersky, agentia americana de supraveghere cibernetica NSA a introdus in HDD-uri un cod de spionaj. Acesta executa datele primare, fisier