GET /../../../../../../../mnt/mtd/ijhe HTTP/1.1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:43.0) Gecko/20100101 Firefox/43.0
I saw this request come in and thought it was interesting. With some help google searching wondering if it's an attempt to exploit a DVR or security camera of some sort with perhaps a known file path traversal web vulnerability such as this DVR File Path Traversal vulnerability which would in theory allow the attacker to access the administrative credentials file in plain text and output it to their web browser.
More about neonprimetime
Top Blogs of all-time
Top Github Contributions
Copyright © 2016, this post cannot be reproduced or retransmitted in any form without reference to the original post.