CVE-2015-4624
published 2017-03-31CVE-2015-4624: Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens.
PriorityP355high7.5CVSS 3.0
AVAACHPRNUINSUCHIHAH
EXPLOIT
EPSS
36.95%
98.3th percentile
Hak5 WiFi Pineapple 2.0 through 2.3 uses predictable CSRF tokens.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| hak5 | wi-fi_pineapple_firmware | — | — |
| hak5 | wi-fi_pineapple_firmware | — | — |
| hak5 | wi-fi_pineapple_firmware | — | — |
| hak5 | wi-fi_pineapple_firmware | — | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.3MEDIUMAV:A/AC:H/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Hak5 WiFi Pineapple 2.4 - Preconfiguration Command Injection (Metasploit)
exploitdb·2016-10-20
CVE-2015-4624 Hak5 WiFi Pineapple 2.4 - Preconfiguration Command Injection (Metasploit)
Hak5 WiFi Pineapple 2.4 - Preconfiguration Command Injection (Metasploit)
---
##
# This module requires Metasploit: http://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
require 'msf/core'
class MetasploitModule 'Hak5 WiFi Pineapple Preconfiguration Command Injection',
'Description' => %q{
This module exploits a command injection vulnerability on WiFi Pineapples version 2.0 ['catatonicprime'],
'License' => MSF_LICENSE,
'References' => [[ 'CVE', '2015-4624' ]],
'Platform' => ['unix'],
'Arch' => ARCH_CMD,
'Privileged' => false,
'Payload' => {
'Space' => 2048,
'DisableNops' => true,
'Compat' => {
'PayloadType' => 'cmd',
'RequiredCmd' => 'generic python netcat telnet'
}
},
'Targets' => [[ 'WiFi Pineapple 2.0.0 - 2.3.0', {}]],
'DefaultTarget' =>
Metasploit
Hak5 WiFi Pineapple Preconfiguration Command Injection
metasploit
Hak5 WiFi Pineapple Preconfiguration Command Injection
Hak5 WiFi Pineapple Preconfiguration Command Injection
This module exploits a login/csrf check bypass vulnerability on WiFi Pineapples version 2.0 <= pineapple < 2.4. These devices may typically be identified by their SSID beacons of 'Pineapple5_....'; Provided as part of the TospoVirus workshop at DEFCON23.
Metasploit
Hak5 WiFi Pineapple Preconfiguration Command Injection
metasploit
Hak5 WiFi Pineapple Preconfiguration Command Injection
Hak5 WiFi Pineapple Preconfiguration Command Injection
This module exploits a command injection vulnerability on WiFi Pineapples version 2.0 <= pineapple < 2.4. We use a combination of default credentials with a weakness in the anti-csrf generation to achieve command injection on fresh pineapple devices prior to configuration. Additionally if default credentials fail, you can enable a brute force solver for the proof-of-ownership challenge. This will reset the password to a known password if successful and may interrupt the user experience. These devices may typically be identified by their SSID beacons of 'Pineapple5_....'; details derived from the TospoVirus, a WiFi Pineapple infecting worm.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/133052/WiFi-Pineapple-Predictable-CSRF-Token.htmlhttp://packetstormsecurity.com/files/139212/Hak5-WiFi-Pineapple-Preconfiguration-Command-Injection-2.htmlhttp://www.securityfocus.com/archive/1/536184/100/500/threadedhttps://www.exploit-db.com/exploits/40609/http://packetstormsecurity.com/files/133052/WiFi-Pineapple-Predictable-CSRF-Token.htmlhttp://packetstormsecurity.com/files/139212/Hak5-WiFi-Pineapple-Preconfiguration-Command-Injection-2.htmlhttp://www.securityfocus.com/archive/1/536184/100/500/threadedhttps://www.exploit-db.com/exploits/40609/
2017-03-31
Published