Nmap Development mailing list archives
[NSE] NSE Script for D-link DSR routers (CVE 2013-5945)
From: Paul AMAR <aos.paul () gmail com>
Date: Mon, 23 Dec 2013 14:11:23 +0100
Hi everybody, I created a NSE script for CVE 2013-5945 ( http://www.exploit-db.com/exploits/30062/). This script tries to do SQL injection on the login form to log as an admin using those credentials: *login* : admin *password* : ' or 'a'='a To try it : *./nmap -p 443 --script http-vuln-cve2013-5945.nse 127.0.0.1* To test it, I discussed with the author of those vulnerabilities (nu11) to try it and the script is working fine. Don't hesitate to test it and/or give me any feedback. Regards, Paul
Attachment:
http-vuln-cve2013-5945.nse
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] NSE Script for D-link DSR routers (CVE 2013-5945) Paul AMAR (Dec 23)
- Re: [NSE] NSE Script for D-link DSR routers (CVE 2013-5945) George Chatzisofroniou (Dec 28)