Loading
0

NetGear R系列多款路由器远程命令注入漏洞分析

if ( !strcmp((const char *)&v53, "POST") )
{
v37 = "/tmp/post_result";
}
else if ( !strcmp((const char *)&v53, "OPTIONS") )
{
v37 = "/tmp/options_result";
}
else
{
v37 = "/tmp/cgi_result";
}
v38 = fopen(v37, "r");
if ( v38 )
{
if ( acosNvramConfig_match((int)&unk_F0378, (int)"1") )
printf("\r\n###############%s(%d)\r\n", "netgear_commonCgi", 211);
while ( fgets((char *)&v44, 0xFFFF, v38) )
{
if ( acosNvramConfig_match((int)&unk_F0378, (int)"1") )
printf("\r\n###############%s(%d)\r\n", "netgear_commonCgi", 215);
v39 = strstr((const char *)&v44, "Status:");
if ( v39 )
{
strcpy((char *)&v49, v39 + 7);
v40 = strchr((const char *)&v49, 10);
if ( v40 )
*v40 = 0;
if ( acosNvramConfig_match((int)&unk_F0378, (int)"2") )
printf("\r\n###############%s(%d)status=%s\r\n", "netgear_commonCgi", 223, &v49);
sprintf((char *)&v43, "HTTP/1.1%s\r\n", &v49);
}
else
{
strcat((char *)&v43, (const char *)&v44);
}
}
fclose(v38);
}
strcat((char *)&v43, "\r\n");
if ( acosNvramConfig_match((int)&unk_F0378, (int)"1") )
printf("\r\n###############%s(%d)http_hdr=%s\r\n", "netgear_commonCgi", 276, &v43);
v41 = strlen((const char *)&v43);
sub_F9E0(v5, &v43, v41, 0);
if ( acosNvramConfig_match((int)&unk_F0378, (int)"2") )
printf("\r\n######======######%s(%d)\r\n", "netgear_commonCgi", 280);
v10 = 0;
LABEL_101:

分页阅读: 1 2 3 4 5 6 7 8 9
【声明】:8090安全小组门户(https://www.8090-sec.com)登载此文出于传递更多信息之目的,并不代表本站赞同其观点和对其真实性负责,仅适于网络安全技术爱好者学习研究使用,学习中请遵循国家相关法律法规。如有问题请联系我们:邮箱hack@ddos.kim,我们会在最短的时间内进行处理。