Skip to content
/ FASTGate-RCE Public
forked from taviso/rbndr

Fastweb FASTGate root-RCE and CGN bypass [PoC]

License

GPL-3.0 license
1 star 80 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dark-vex/FASTGate-RCE

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

53 Commits
fastgate
fastgate
 
 
hint
hint
 
 
toolkit
toolkit
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
README_python.md
README_python.md
 
 
README_rbndr.md
README_rbndr.md
 
 
README_toolkit.md
README_toolkit.md
 
 
exploit.coffee
exploit.coffee
 
 
exploit.html
exploit.html
 
 
rebinder.c
rebinder.c
 
 
rebinder.html
rebinder.html
 
 
setup.py
setup.py
 
 

Repository files navigation

FASTGate targeted root-RCE and CGN bypass [PoC]

This is the combination of already available exploit and attack techniques.

Local demonstration

Serve exploit.html as the index of a local webserver. Craft a tailored payload.shell to verify the execution. Open a web browser and visit 7f000001.c0a801fe.rbndr.us (switch between localhost and 192.168.1.254).

Notes

Nothing prevents remote exploitation, root is gained. Shell shoveling and verification is voluntarily omitted.

See exploit.coffee to inspect the code.

Links

About

Fastweb FASTGate root-RCE and CGN bypass [PoC]

Resources

Readme

License

GPL-3.0 license
Activity

Stars

1 star

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • C 38.3%
  • Python 26.5%
  • HTML 19.5%
  • CoffeeScript 8.4%
  • Shell 7.3%