Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: 3COM Wireless router (3CRADSL72) information disclosure
From: "mccauley () gmx net" <mccauley () gmx net>
Date: Fri, 15 Oct 2004 14:15:43 +0200



The router gives you a web page with user name, password, primary and
secondary DNS, default gateway, etc, if you access
http://[routerIP]/app_sta.stm without athentification of any kind.

Router details:
   Runtime Code Version       1.05 (Jan 27 2004 14:58:25)
   Boot Code Version  V1.3d
   Hardware Version   01A
   ADSL Modem Code Version    13.9.38

The password given is the password that you use to connect to the
internet, not to the router.


Information 
Runtime Code Version:   v1.00 (Dec 11 2003 22:19:05) 
Boot Code Version:   V2.25 

http://192.168.0.1/app_sta.stm  (Works, but no information leak...)

WAN Status: 1
WAN Type: 39
MAC Address: 00-00-00-00-00-00
IP Address: 0.0.0.0
Subnet Mask: 0.0.0.0
Default Gateway: 0.0.0.0
Host Name:

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]