You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -6,6 +6,6 @@ This exploit has been shared around a fair bit in the past, and probably has see
"callback.php" is the PentestMonkey reverse shell, stripped of some bits and such so that it works reliably. I can't find it currently but will upload it later. You are welcome to supply your own backconnect payload and alter the exploit appropriately.
Notes:
Originally committed in 2017 to this repo, some minor fixes in 2020 on a whim (replaced "requesocks" with "requests", removed Tor dependency).
Originally committed in 2017 to this repo, some minor fixes in 2020 on a whim (replaced "requesocks" with "requests", removed Tor dependency). Had originally spoken publicly about this bug at SteelCon in 2015, but forgot to release the code at the time.
Bug was found... Sometime around 2013 or so? Maybe a bit earlier? I can't be sure. Turns out theres a bug collission and someone else had also found it in 2012! - http://roberto.greyhats.it/advisories/20120208-dlink-rce.txt
Bug seems to have been used ITW to create a botnet by some weaboo - https://www.zdnet.com/article/for-8-years-a-hacker-operated-a-massive-iot-botnet-just-to-download-anime-videos/
