FreePBX Credential Disclosure


Have freePBX running on a public IP, and don’t have the latest version? It may be vulnerable.

If you have an asterisk phone server running on a public IP, using the freePBX web GUI, and don’t have one of 
Read more

No Comments

FreePBX 2.10.0 Remote Command Execution / XSS


Product: FreePBX
Version: 2.10.0, 2.9.0 and perhaps earlier versions
Type: Remote Command Execution, XSS
Release Date: March 14, 2012
Vendor Notification Date: Jun 12, 2011
Author: Martin Tschirsich

Overview:

A remote command execution vulnerability and some XSS in current 
Read more

No Comments

iptables port forwarding

port 80 forwarding from 172.64.64.8 to 172.64.64.23

iptables -t nat -A PREROUTING -d 172.64.64.8 -p tcp --dport 80 -j DNAT --to 172.64.64.23:80
iptables -t nat -A POSTROUTING -d 172.64.64.23 -p tcp --dport 80 -j MASQUERADE

sip forwarding from 172.64.64.8 … Read more

No Comments

Useful *nix commands

Some useful *nix commands for System debugging and administration.

, , ,

No Comments