0day discovery System level access by Privilege Escalation of Huawei manufactured Airtel & Photon Dongles

  A few months back i found a vulnerability in Huawei Manufactured dongles that were run by Airtel and Photon datacards below is the detail for the same. Huawei Unified Terminal PC suite (UTPS), also known as Mobile Partner, runs… Continue Reading

Using Your Raspberry Pi for Pentesting

Recently i gave a presentation at null meets Mumbai regarding Raspberry Pi a portable pentesting lab . Here is the Link have fun

Dlink DIR-600L Hardware Version AX Firmware Version 1.00 CSRF Vulnerability

I agree Vulnerabilities Come out just about randomly . I was out at a friends place since my internet was not working stumbled upon their Wifi router . and lol a vulnerable interface . Here is the POC :

Dlink DIR-615 Hardware vE4 Firmware v5.10 – CSRF Vulnerability

Recently my office had bought a DLink Wireless Router , I thought to myself why not try testing it 😛 So started browsing the web interface of the Router . and managed to find CSRF flaws not only for the… Continue Reading

Watson Management Console 4.11.2.G Directory Traversal Vulnerability

Browsing through exploit-db I recollect i had found a Flaw in Watson Management Console . Its a Network Monitoring Tool. I could Browse in to locate the Passwd file .

Trendchip HG520 ADSL2+ Wireless Modem CSRF Vulnerability

Finally another Whitepaper got Selected on Exploit-db talks are going on with the Trendchip people to get the flaw fixed . Here is the link to Exploit-db : Here