Nmap Development mailing list archives
Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others
From: Paulino Calderon <paulino () calderonpale com>
Date: Thu, 17 May 2012 20:29:35 -0500
On 17/05/2012 08:03 p.m., Paulino Calderon wrote:
Hi list,Here is my NSE script for detecting and extracting information from vulnerable Huawei modems. I know that these modems are popular in México (Over 2 million devices here), Spain, Italy, Ecuador and other countries in south america but let me know if you know other ISPs using them. I also know Colombia have a lot of them but they have patched versions over there. This vulnerability was reported a long time ago but ISPs don't seem interested in fixing it any time soon.description = [[Detects Huawei modems models HG530x, HG520x, HG510x and possibly others that are vulnerable to a remote credential and information disclosure vulnerability. It also extracts the PPPoE credentialsand other interesting configuration values.Attackers can query the URIs "/Listadeparametros.html" and "/wanfun.js" to extract sensitive information including PPPoE credentials, firmware version, model, gateway, dns servers and active connections among other values.This vulnerability was discovered and reported by Adiaz from Comunidad Underground de Mexico (http://underground.org.mx).]] --- -- @usage nmap -p80 --script huawei-ppp-pwd.nse <target> -- @usage nmap -sV huawei-ppp-pwd.nse <target> _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Here is the fixed version. UTF-8 characters got replaced somehow. Cheers. -- Paulino Calderón Pale Website: http://calderonpale.com Twitter: http://twitter.com/calderpwn
Attachment:
huawei-hg5xx-info.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others Paulino Calderon (May 17)
- Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others Paulino Calderon (May 17)
- Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others Aleksandar Nikolic (May 17)
- Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others Paulino Calderon (May 18)
- Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others David Fifield (May 18)
- Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others Aleksandar Nikolic (May 17)
- Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others David Fifield (May 22)
- Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others Paulino Calderon (May 24)
- Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others David Fifield (May 24)
- Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others Paulino Calderon (May 24)
- Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others Paulino Calderon (May 27)
- Re: NSE: Credential disclosure in modems Huawei HG510, HG520x, HG530 and possibly others Paulino Calderon (May 17)