Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code.
CVE-2017-17215 Usage: CVE-2017-12149py targetip:37215/ I am so poor that cant afford to but a HUAWEI router XD so it is not tested on any machine~ but the exp technically should be working I found this report blognewskysecuritycom/huawei-router-exploit-involved-in-satori-and-brickerbot-given-away-for-free-on-christmas-by-ac52fe5e4516 the payload was released 2
MiraiSecurity Mirai wwwcdxyme/?p=746 wwwfreebufcom/articles/network/119403html pastebincom/svH8tvd9 wwwfreebufcom/sectool/130091html wwwtuicoolcom/articles/qM7rMnb h4ckth4tsh1tcom/indexphp?u=/topic/18/ggsetup-a-mirai-botnet githubcom/rootblack45/Mirai-Source-Modded githubcom/Screamfox/-Mirai-Iot-BotNet
GreyNoise Intelligence Alpha API Summary: GreyNoise is a system that collects and analyzes data on Internet-wide scanners GreyNoise collects data on benign scanners such as Shodanio, as well as malicious actors like SSH and telnet worms The data is collected by a network of sensors deployed around the Internet in various datacenters, cloud providers, and regions URL: https:
Awesome CVE PoC A curated list of CVE PoCs Here is a collection about Proof of Concepts of Common Vulnerabilities and Exposures, and you may also want to check out awesome-web-security Please read the contribution guidelines before contributing This repo is full of PoCs for CVEs If you enjoy this awesome list and would like to support it, check out my Patreon page :
No description, website, or topics provided.
A new Gafgyt variant is adding vulnerable internet of things (IoT) devices to its botnet arsenal and using them to cripple gaming servers worldwide.
The newly-discovered variant is capable of launching a variety of denial-of-service (DoS) attacks against the Valve Source Engine, a video game engine developed by Valve Corp. that runs popular games such as Half-Life and Team Fortress 2. Other gaming servers have also been targeted by the botnet, such as those hosting widely-played game...
New samples of the Mirai malware have been identified, targeting an array of embedded processors and architectures within connected devices.
Researchers said that they discovered new Mirai samples in February 2019, capable of infecting IoT devices running Altera Nios II, OpenRISC, Tensilica Xtensa, and Xilinx MicroBlaze processors. Variants of Mirai have previously targeted CPU architectures like ARM and x86.
While it’s not the first time Mirai’s targeting of new processor archit...
Chinese kit slinger was told of UPnP flaw in 2013, didn't do too much about it
Exclusive Huawei bungled its response to warnings from an ISP's code review team about a security vulnerability common across its home routers – patching only a subset of the devices rather than all of its products that used the flawed firmware.
Years later, those unpatched Huawei gateways, still vulnerable and still in use by broadband subscribers around the world, were caught up in a Mirai-variant botnet that exploited the very same hole flagged up earlier by the ISP's review team.
A malware author has built a huge botnet comprised of over 18,000 routers in the span of only one day.
This new botnet has been spotted yesterday by security researchers from NewSky Security, and their findings have been confirmed today by Qihoo 360 Netlab, Rapid7, and Greynoise.
The botnet has been built by exploiting a vulnerability in Huawei HG532 routers, tracked as CVE-2017-17215.
Scans for this vulnerability, which can be exploited via port 37215, started yesterday mornin...
An Argentinian security researcher named Ezequiel Fernandez has published a powerful new tool yesterday that can easily extract plaintext credentials for various DVR brands and grant attackers access to those systems, and inherently the video feeds they're supposed to record.
The tool, named getDVR_Credentials, is a proof-of-concept for CVE-2018-9995, a vulnerability discovered by Fernandez at the start of last month.
Fernandez discovered that by accessing the control panel of sp...
The operators of a gaming server rental business are believed to have built an IoT DDoS botnet, which they are now offering as part of the server rental scheme.
The prime and pretty obvious clue that ties this new IoT botnet — named JenX— with the gaming server rental service is the IoT's command-and-control server, located at skids.sancalvicie.com.
The botnet's C&C server is found on the same server and domain used by the gaming server rental business —San Calvicie (sancal...
Researchers at Radware have discovered a new botnet that uses vulnerabilities linked with the Satori botnet and is leveraging the Grand Theft Auto videogame community to infect IoT devices.
Satori is a derivative of Mirai, the notorious botnet that in 2016 infamously managed to take down Dyn, a DNS hosting provider that supports some of the world’s largest websites.
The vulnerabilities in question are CVE-2014-8361 and CVE-2017-17215, which affect certain Huawei and Realtek routers...
Researchers at NewSky Security say the hacker behind a Mirai malware variant called Satori, also known as Mirai Okiru, is the same hacker behind two new Mirai variants called Masuta and PureMasuta.
Based on source code for Masuta malware recently found on the dark web, researchers at NewSky Security said they were able to connect the dots between Satori and Masuta. The hacker is identified as Nexus Zeta.
Last month researchers first identified Nexus Zeta as the principle behind a ser...
A new variant of the Satori botnet has sprung back to life, and this one is hacking into Claymore mining rigs and replacing the device owner's mining credentials with the attacker's own.
The attacks started on January 8, a Qihoo 360 Netlab security researcher has told Bleeping Computer. Analysis of the malware's code suggests the same person behind the original Satori bot is behind this new wave as well.
The Satori botnet appeared in early December 2017 and was a heavily modified ver...
Exploit code used in the Mirai malware variant called Satori, which was used to attack hundreds of thousands of Huawei routers over the past several weeks, is now public. Researchers warn the code will quickly become a commodity and be leveraged in DDoS attacks via botnets such as Reaper or IOTrooper.
Ankit Anubhav, researcher at NewSky Security first identified the code on Monday that was posted publicly on Pastebin.com. The code is the zero-day vulnerability CVE- 2017-17215 used by a hac...
Researchers have identified a vulnerability in a Huawei home router model that is being exploited by an adversary to spread a variant of the Mirai malware called Mirai Okiru, also known as Satori.
Researchers at Check Point published a report Thursday, and said the flaw is in Huawei’s router model HG532. It said it is tracking hundreds of thousands of attempts to exploit the vulnerability in the wild.
Okiku/Satori was first identified by Check Point researchers on November 23. Lead...
A so-called "script kiddie" is behind the recently discovered Satori botnet that has scared security researchers because of its rapid rise to a size of hundreds of thousands of compromised devices.
Researchers say that a hacker named Nexus Zeta created Satori, which is a variant of the Mirai IoT malware that was released online in October 2016.
Satori, which is also tracked under the name of Mirai Okiru, came to life around November 23, when the malware started spreading on the Inter...