Snow
Forest
Mountains
Snow
Snow

Wireless Router – Cross-Site Scripting

Wireless Router – Cross-Site Scripting

 

Cross-Site Scripting discovered by ICSS team member Rahul Upadhyay who is presently working with us as a network administrator. It’s an achievement for Indian Cyber Security Solutions. The Exploit details are as follows:

 

Exploit Title: DIGISOL DG-HR3300 Wireless Router – Cross-Site Scripting

Date: 30-11-2019

Author: Rahul Upadhyay

 

Overview:

The Specified router founded as vulnerable to Cross-Site Scripting. This vulnerability is still a zero day, being 30th of November 2019. To exploit the vulnerability, the following steps were taken:

 

wireless cross site scripting

 

Reproduction Steps:

Goto your Wifi Router Gateway [i.e: http://192.168.2.1]

– Go to –> “General Setup” –> “Wireless” –> “Basic Settings”

– Open BurpSuite

– Change the SSID to <

– Burp will capture the intercepts.

– Now change the SSID to <script>alert(“hacked”)</script> and keep APSSID as it is

– Refresh the page, and you will get the “hacked” pop-up another browser

 

Watch Full steps Below:

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Ethical Hacking Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Certified Ethical Hacker Training in Hyderabad

Ethical Hacking Training in Hyderabad

Python Training in Bangalore

Python Training in Hyderabad

Python Training in Bhubaneswar

Microsoft Azure Training in Hyderabad

Microsoft Azure Training in Bangalore

Microsoft Azure Training in Bhubaneswar