Ubuthathaka obuthathu buchongiwe kwi-firmware ye-NETGEAR DGN-2200v1 izixhobo zochungechunge, ezidibanisa imisebenzi ye-modem ye-ADSL, i-router kunye ne-wireless access point, ekuvumela ukuba wenze nayiphi na imisebenzi kwi-interface yewebhu ngaphandle kokuqinisekiswa.
Ubuthathaka bokuqala bubangelwa ukuba ikhowudi yomncedisi we-HTTP inamandla ombane onzima ukufikelela ngokuthe ngqo kwimifanekiso, i-CSS kunye nezinye iifayile ezincedisayo, ezingadingi ukuqinisekiswa. Ikhowudi iqulethe itshekhi yesicelo ngokusebenzisa iimaski zamagama efayile eziqhelekileyo kunye nezandiso, eziphunyezwe ngokukhangela umtya ongezantsi kwi-URL yonke, kubandakanywa kwiiparameters zesicelo. Ukuba kukho umtya osezantsi, iphepha linikezelwa ngaphandle kokujonga ukungena kujongano lwewebhu. Uhlaselo lwezixhobo lwehla ekongezeni igama elikhoyo kuluhlu kwisicelo; umzekelo, ukufikelela kwizicwangciso zojongano lweWAN, ungathumela isicelo "https://10.0.0.1/WAN_wan.htm?pic.gif" .
Ubuthathaka besibini bubangelwa kusetyenziso lomsebenzi we-strcmp xa uthelekisa igama lomsebenzisi kunye negama lokugqitha. Kwi-strcmp, uthelekiso lwenziwa ngomlingiswa de kubekho umahluko okanye umlinganiswa onekhowudi ye-zero efikelelekayo, echaza ukuphela komgca. Umhlaseli unokuzama ukuqikelela igama eligqithisiweyo ngokuzama abalinganiswa inyathelo ngenyathelo kunye nokuhlalutya ixesha de kubonakaliswe impazamo yokuqinisekisa - ukuba ixabiso linyukile, ngoko ke umlinganiswa ochanekileyo ukhethiwe kwaye ungaqhubela phambili ukuqikelela umlinganiswa olandelayo. emtya.
Ubuthathaka besithathu bukuvumela ukuba ukhuphe igama lokugqitha kwindawo yokulahla uqwalaselo olugciniweyo, olunokufunyanwa ngokuthatha ithuba lokuba sesichengeni sokuqala (umzekelo, ngokuthumela isicelo βhttp://10.0.0.1:8080/NETGEAR_DGN2200.cfg?pic? .gif)β. Igama eligqithisiweyo likhona kwindawo yokulahla kwifom efihliweyo, kodwa i-encryption isebenzisa i-algorithm ye-DES kunye nesitshixo esisisigxina "NtgrBak", esinokukhutshwa kwi-firmware.
Ukuxhaphaza ubuthathaka, kufuneka kwenzeke ukuthumela isicelo kwi-port yenethiwekhi apho i-interface yewebhu isebenza khona (ukusuka kwinethiwekhi yangaphandle, uhlaselo lunokwenziwa, umzekelo, usebenzisa "i-DNS rebinding" ubuchule). Iingxaki sele zilungisiwe kwi-firmware update 1.0.0.60.
umthombo: opennet.ru