Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Marc-Adrian Napoli (marcadriancia.com.au)
Date: Tue Jul 03 2001 - 01:57:45 CDT
i cant seem to recreate this exploit on any of my 1900/2900/2500/2600's?
ip http server
ip http authentication local
i have a little /bin/sh that does the following:
i get auth failed on all of them! anyone?
Connect infobahn Australia
+61 2 92120387
> You can also run configuration commands. :)
> http://169.254.0.15/level/42/configure/-/banner/motd/LINE, etc.
> Start with http://169.254.0.16/level/xx/configure and go from there.
> A malicious user could use:
> to get, for instance, vty 0 4 acl information and then add an ACL for
> his/her source ip.
> I tested creating a banner. I assume other configure commands will work
> as well. This was tested on a Cisco switch. Anyone?