It has marked the RoboVac as not active on the network even though my modem says it's definitely connected and I can definitely interact with it via the Eufy app. I assumed my PiHole would've been blocking any nefarious requests that the RoboVac may have been making but it looks like the PiHole thinks the RoboVac hasn't made any DNS queries recently. What kind of steps can I take to reduce any harm here? And I'm not sure what abyss is - I couldn't really find anything from my initial online searches.The IRC port seems extremely sus - why would a Robovac need to run IRC?.From a couple online searches, I see this post saying that freeciv is related to Civilization (the game). I have a PiHole running on the network as well as the DHCP server (and DHCP is disabled on the ISP modem/router - I had to do this since they wouldn't let me set the PiHole as the DNS server - that should be considered criminal imo but whatever).įor a totally unrelated reason, I ran nmap 192.168.1.0/24 on my network to find another device and noticed that the RoboVac has 3 ports open that seem super sus: Nmap scan report for RoboVacX8Hy-E506.lan (192.168.1.220) I have the RoboVac connected to the internet so that I can use their app to do things like set the schedule for the robovac etc. I'm using my ISP's combined modem/router device. My network is super beginner/unsophisticated. I have a RoboVac X8 Hybrid by Eufy and it's connected to my network. u/RoweDent created this awesome resource on network theory u/tht1kidd_ has created a suggestion post regarding information everyone needs to provide when asking a question about their network There have been some excellent guides written in this sub, and we're always looking for more! If you wish for your flair to be changed, please message the mods and we'll be happy to change it for you. Proof of at least 6 month's history of posting in this subredditĪs a result of this, users are now no longer able to edit their own flair. Your highest level of industry certification, or highest IT related job title held in the last 5 years to a comment you made in the last 6 months, helping someone in the community To obtain trusted flair for your account please message the mods of /r/HomeNetworking with the following info Trusted user flair has been added as a means of verification that a user has a substantial knowledge of networking. Please flair your posts as Solved, Unsolved, or simply Advice. If you can't find what you're looking for with the search function please feel free to post a new question after reading the posting guidelines Now we can find the root flag in /data/ use the search function to look for keywords related to what you want to ask before posting since most common issues have been answered. 5555, tcp, Freeciv versions up to 2.0, Hewlett-Packard Data Protector, McAfee EndPoint Encryption Database Server, SAP, Default for Microsoft Dynamics CRM. Then we can run the following: $ adb connect 127.0.0.1:5555 In a new kali terminal I ran this and provided the password: ssh -L 5555:127.0.0.1:5555 -N -f -p 2222 I looked up how we could connect to ADB remotely, so we can execute adb root or adb shell and I found articles on adb ssh tunneling. Now we can run python3 50070.py getFile 10.129.32.72 /storage/emulated/0/DCIM/creds.jpgĪnd we get hand written credentials of kristi: these credentials, we can login to ssh on port 222 and we are in! Doing some sleuthing around, we can find the user.txt in the sdcard root. Many other apps for getting apps do not seem to work. Running getDeviceInfo shows it is a VM box and we are on the /sdcard. Normally RPLAY requests are received on port 5555/udp and RPTP on 5556/tcp. With this exploit, we can run some commands. Port 5555 is used by the Android Debug Bridge. It also appears ES File Explorer uses port 59777 as well, so the minecraft fingerprint might be invalid. I looked into ES File Explorer and found a CVE for arbitrary file read. We have a file explorer open on 42135 and a Minecraft server on 59777 (?). Trying to connect to adb on this port times out. Some investigation reveals on android this port can be used for ADB. Port 5555 is a program called freeciv but the port is filtered. We have ssh open on port 2222 that just asks for a password. First android box, let’s get to it! Enumeration
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |