[+] Search areas for command injections
[+] Found directories and files used for web scripts:
/cgi (drwxrwxr-x 117 125)
/cgi/admin/update.cgi (-rw-r--r-- 117 125) -> Executable script
[+] Found $(.*$.*) in /cgi/admin/update.cgi (-rw-r--r-- 117 125)
[+] $(echo "$models" | grep "$Model_ss" >/dev/null 2>/dev/null) || return 1
[+] HWMAJOR=$(echo "$HWVERSION" | cut -d'.' -f1)
[+] HWMajor=$(echo "$HWVersion" | cut -d'.' -f1)
[+] echo $(( $major*100 + $minor*10 + $sub ))
[+] eval $("$out" info) || return 1
[+] if [ -n "$(echo \"$PACKAGE\" | grep \"webfs\")" ]; then
[+] major=$(echo "$1" | cut -d'.' -f1) || major=0
[+] minor=$(echo "$1" | cut -d'.' -f2) || minor=0
[+] models=$(cat $dir/certificate.info | grep Models | cut -d":" -f 2)
[+] now=$(getWeight "$Version_ss" 2> /dev/null) || return 1
[+] sub=$(echo "$1" | cut -d'.' -f3 | cut -d'-' -f1) || sub=0
[+] then=$(getWeight "$VERSION" 2> /dev/null) || return 1
[+] scenario=$(basename $0 | cut -d'.' -f1)
[+] Found '.*$.*' in /cgi/admin/update.cgi (-rw-r--r-- 117 125)
[+] buildNO=`tdb get System Version_ss | awk -F"-" '{ print $2 }'`
/cgi/admin/tools_firmware.cgi (-rw-r--r-- 117 125) -> Executable script
/cgi/admin/tools_leveloftrust.cgi (-rw-r--r-- 117 125) -> Executable script
/cgi/logout.cgi (-rw-r--r-- 117 125) -> Executable script
/cgi/admin/logout.cgi (-rw-r--r-- 117 125) -> Executable script
/cgi/admin/index.cgi (-rw-r--r-- 117 125) -> Executable script
/cgi/admin (drwxrwxr-x 117 125)
/cgi/admin/update.cgi (-rw-r--r-- 117 125) -> Executable script
[+] Found $(.*$.*) in /cgi/admin/update.cgi (-rw-r--r-- 117 125)
[+] $(echo "$models" | grep "$Model_ss" >/dev/null 2>/dev/null) || return 1
[+] HWMAJOR=$(echo "$HWVERSION" | cut -d'.' -f1)
[+] HWMajor=$(echo "$HWVersion" | cut -d'.' -f1)
[+] echo $(( $major*100 + $minor*10 + $sub ))
[+] eval $("$out" info) || return 1
[+] if [ -n "$(echo \"$PACKAGE\" | grep \"webfs\")" ]; then
[+] major=$(echo "$1" | cut -d'.' -f1) || major=0
[+] minor=$(echo "$1" | cut -d'.' -f2) || minor=0
[+] models=$(cat $dir/certificate.info | grep Models | cut -d":" -f 2)
[+] now=$(getWeight "$Version_ss" 2> /dev/null) || return 1
[+] sub=$(echo "$1" | cut -d'.' -f3 | cut -d'-' -f1) || sub=0
[+] then=$(getWeight "$VERSION" 2> /dev/null) || return 1
[+] scenario=$(basename $0 | cut -d'.' -f1)
[+] Found '.*$.*' in /cgi/admin/update.cgi (-rw-r--r-- 117 125)
[+] buildNO=`tdb get System Version_ss | awk -F"-" '{ print $2 }'`
/cgi/admin/tools_firmware.cgi (-rw-r--r-- 117 125) -> Executable script
/cgi/admin/tools_leveloftrust.cgi (-rw-r--r-- 117 125) -> Executable script
/cgi/admin/logout.cgi (-rw-r--r-- 117 125) -> Executable script
/cgi/admin/index.cgi (-rw-r--r-- 117 125) -> Executable script
/var/www (drwxrwxr-x 117 125)
/var/www/av2 (drwxrwxr-x 117 125)
/var/www/chn (drwxrwxr-x 117 125)
/var/www/chn/admin (drwxrwxr-x 117 125)
/var/www/cht (drwxrwxr-x 117 125)
/var/www/cht/admin (drwxrwxr-x 117 125)
/var/www/common (drwxrwxr-x 117 125)
/var/www/config (drwxrwxr-x 117 125)
/var/www/de (drwxrwxr-x 117 125)
/var/www/de/admin (drwxrwxr-x 117 125)
/var/www/eng (drwxrwxr-x 117 125)
/var/www/eng/admin (drwxrwxr-x 117 125)
/var/www/error (drwxrwxr-x 117 125)
/var/www/es (drwxrwxr-x 117 125)
/var/www/es/admin (drwxrwxr-x 117 125)
/var/www/event2 (drwxrwxr-x 117 125)
/var/www/fr (drwxrwxr-x 117 125)
/var/www/fr/admin (drwxrwxr-x 117 125)
/var/www/image (drwxrwxr-x 117 125)
/var/www/image2 (drwxrwxr-x 117 125)
/var/www/it (drwxrwxr-x 117 125)
/var/www/it/admin (drwxrwxr-x 117 125)
/var/www/m (drwxrwxr-x 117 125)
/var/www/m/a (drwxrwxr-x 117 125)
/var/www/m/b (drwxrwxr-x 117 125)
/var/www/m/i (drwxrwxr-x 117 125)
/var/www/m/m (drwxrwxr-x 117 125)
/var/www/onvif (drwxrwxr-x 117 125)
/var/www/play2 (drwxrwxr-x 117 125)
/var/www/pt (drwxrwxr-x 117 125)
/var/www/pt/admin (drwxrwxr-x 117 125)
/var/www/xsl (drwxrwxr-x 117 125)
/var/www/xsl/admin (drwxrwxr-x 117 125)
/var/www/xsl/images (drwxrwxr-x 117 125)
/var/www/xsl/js (drwxrwxr-x 117 125)
