However, searches related to “Android port 5555 exploit” did yield promising results. Searching for exploits relating to it was fruitless.
#Port 5555 freeciv for android
Next up was the service on port 5555, I first googled the name of the service as it was unfamiliar to me and found that freeciv is actually a video game for android phones. So the service on port 8080 was a dead end (please leave a comment if you found a way to leverage this service!). No exploitable JS objects, no weird network calls, nothing. Using the web dev tools of my browser as well as a a proxy that intercepted all my requests to the page before forwarding them I determined that there really were no other requests being made when I loaded the page besides the one requesting the root directory itself. But post requests to what page? The web page had no forms, nowhere where a user was entering any data nor were there any functions in the page that were visibly passing data to the back end. The page also mentioned something about POST requests. The web page consisted of a few lines of HTML, and said something written in broken English about a back door.
My first thought was to check out the web service on 8080 but after running a fuzz test on it as well as nikto, and getting some false positives, I decided to navigate to the page itself and see if there was potentially any vulnerabilities in the source code. An http-proxy service running on port 8080 and a service running on port 5555 called “freeciv”.
0 kommentar(er)
