Showing 1 - 6 of 6

Files from Alessandro Di Pinto

Email address	alessandro.dipinto at emaze.net
First Active	2013-08-06
Last Active	2014-04-24

Sitecom WLR-4000 / WLR-4001 Weak Encryption / Predictable WPA Key: Posted Apr 24, 2014; Authored by Roberto Paleari, Alessandro Di Pinto; Sitecom WLR-4000 and WLR-4004 both v1 001 suffer from weak firmware encryption and have a predictable WPA key.; tags | advisory; SHA-256 | 1859ad139fce73986b747a807e4df86ff957af3afdcef4c65e307925c5dee454; Download | Favorite | View

D-Link DIR-505 Bypass / Privilege Escalation/ Traversal / Code Injection: Posted Sep 10, 2013; Authored by Alessandro Di Pinto; D-Link DIR-505 devices suffer from privilege escalation issues due to hard-coded credentials, path traversal, command injection, weak encryption, and authentication bypass vulnerabilities. Firmware versions 1.06 and below are affected.; tags | exploit, vulnerability; SHA-256 | 8a8599ba9b468a620142f74a018497ca8ea2d269edd81b4c2d50dd77216b232d; Download | Favorite | View

Sitecom N300 / N600 Access Bypass: Posted Aug 19, 2013; Authored by Roberto Paleari, Alessandro Di Pinto; Sitecom N300 and N600 devices suffer from multiple issues that allow for access bypass. These include an undocumented telnet service, weak WPA2 password generation, and hard-coded credentials.; tags | exploit, bypass; SHA-256 | 99804c0b7e1c70777811daae7e8627c0958d447242528aba044f1060b71f0b4d; Download | Favorite | View

HP Data Protector Arbitrary Remote Command Execution: Posted Aug 7, 2013; Authored by Alessandro Di Pinto, Claudio Moletta; This python script allows execution of a command with an arbitrary number of arguments. The trick calls 'perl.exe' interpreter installed with HP Data Protector inside the directory {install_path}/bin/. The main goal of the script is to bypass the limitation of executing only a single command without any parameter, as provided by already existing exploits. It is possible to exploit the security issue in order to run any command inside the target system.; tags | exploit, arbitrary, perl, python; advisories | CVE-2011-0923, OSVDB-72526; SHA-256 | f3af687e6ae93d7108daba5565a341cceceb6c51dd70cc03120b8c1910bc8e5c; Download | Favorite | View

HP Data Protector Arbitrary Remote Command Execution: Posted Aug 7, 2013; Authored by Alessandro Di Pinto, Claudio Moletta | Site metasploit.com; This Metasploit module allows execution of a command with an arbitrary number of arguments on Microsoft Windows operating systems. The trick calls a perl.exe interpreter installed with HP Data Protector inside the directory {install_path}/bin/. The main goal of the script is to bypass the limitation of execute only a single command without parameters, as provided by already existing exploits. It is possible to exploit the security issue in order to run any command inside the target system.; tags | exploit, arbitrary, perl; systems | windows; advisories | CVE-2011-0923, OSVDB-72526; SHA-256 | 5f0f9f62015fe421d3fb88ace93c276d32b36986aa82809a47927f87e8803536; Download | Favorite | View

Huawei B153 3G/UMTS Router WPS Weakness: Posted Aug 6, 2013; Authored by Roberto Paleari, Alessandro Di Pinto; The Huawei B153 3G/UMTS router suffers from a WPS weakness that allows for authentication bypass.; tags | advisory; SHA-256 | e1b8d9adad2ae18e4390edb89b02911dcc7c522de998b02c605cb12990494dc5; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days