Changes for page Application_Webkit

Last modified by Nicolas Gregoire on 2012/01/14 17:48
From version Icon 14.1 Icon
edited by Nicolas Gregoire
on 2012/01/14 00:38
Change comment: Upload new attachment webos-root-backdoor.xml
To version Icon 15.1 Icon
edited by Nicolas Gregoire
on 2012/01/14 00:41
Change comment: There is no comment for this version

Summary

Details

Icon Page properties
Content
... ... @@ -47,3 +47,5 @@
47 47  
48 48  * [[webos-root-backdoor.xml>>attach:webos-root-backdoor.xml]] contains the configurable data (name and content of the destination file) and a processing instruction triggering the XSLT code
49 49  * [[webos-root-backdoor.xsl>>attach:webos-root-backdoor.xsl]] reads the XML file and create the requested file on disk. This version overwrites a script located in /etc/default/ with a version including a reverse-shell based on netcat
50 +
51 +Browsing the XML file from a vulnerable device is enough to trigger the exploit.