FreePBX Credential Disclosure

Have freePBX running on a public IP, and don’t have the latest version? It may be vulnerable.

If you have an asterisk phone server running on a public IP, using the freePBX web GUI, and don’t have one of 
Read more

No Comments

FreePBX 2.10.0 Remote Command Execution / XSS

Product: FreePBX
Version: 2.10.0, 2.9.0 and perhaps earlier versions
Type: Remote Command Execution, XSS
Release Date: March 14, 2012
Vendor Notification Date: Jun 12, 2011
Author: Martin Tschirsich


A remote command execution vulnerability and some XSS in current 
Read more

No Comments

iptables port forwarding

port 80 forwarding from to

iptables -t nat -A PREROUTING -d -p tcp --dport 80 -j DNAT --to
iptables -t nat -A POSTROUTING -d -p tcp --dport 80 -j MASQUERADE

sip forwarding from … Read more

No Comments

Useful *nix commands

Some useful *nix commands for System debugging and administration.

, , ,

No Comments