支持本站 — 捐款将帮助我们持续运营

目标:1000 元,已筹:752

75.2%
立即捐款

POC详情: 4980ca9afeaeb9186b75657b860dc2f97320669a

来源
https://github.com/0xDamian/CVE-2018-9995-rs
关联漏洞
标题:TBK DVR4104和DVR4216 安全漏洞 (CVE-2018-9995)
描述:TBK DVR4104和DVR4216都是高清数字录像机设备。 TBK DVR4104和DVR4216中存在安全漏洞。远程攻击者可借助Cookie: uid=admin包头利用该漏洞绕过身份验证。
描述
POC of CVE-2018-9995 written in Rust.
介绍
## Overview

This repository contains a proof-of-concept (PoC) exploit implemented in Rust targeting CVE-2018-9995. The code is for research and educational purposes only.

## CVE Details

- Identifier: `CVE-2018-9995`
    
- Summary: Proof-of-concept exploit demonstrating the vulnerability (see public advisories for technical details).

## Requirements

- Rust toolchain (stable) — `rustc` and `cargo`.
    
- Linux or any platform supported by Rust.

## Usage

The repository is a PoC. Typical usage (example):

```bash
cargo run -- IP PORT
```

Eg:
```bash
cargo run -- 0.0.0.0 85
```

Defaults to port `80` if port isn't specified.


<img width="1367" height="769" alt="how-it-works" src="https://github.com/user-attachments/assets/1d293806-b937-493f-961b-f21af02f38ff" />

---

## Finding Vulnerable Devices

### Google Dork

```
intitle:"DVR Login"
```
<img width="1036" height="573" alt="googlePOC" src="https://github.com/user-attachments/assets/939995ea-0858-4d27-862b-464232dc193a" />

### Shodan (shodan.io)

```
"Server GNU rsp/1.0"
```
<img width="1347" height="599" alt="image" src="https://github.com/user-attachments/assets/12f2a968-e05c-4140-828a-56975a444bb1" />

### Zoomeye (zoomeye.ai)
```
"/login.rsp"
```
<img width="1200" height="594" alt="image" src="https://github.com/user-attachments/assets/94fe9d05-2114-4a2e-b33d-5709b2adab2a" />


## Watching Live Feeds

To watch live feeds from compromised CCTV cameras, you need a browser that supports ActiveX. 
All modern browsers have dropped support for ActiveX, so one of the few ways to watch live feeds is to use Internet Explorer.
You can either install a Windows 7 VM or use "IE Mode" in Edge on Windows 10/11.

<img width="1367" height="769" alt="image" src="https://github.com/user-attachments/assets/52c11891-c4ba-4480-bc57-36fcd8f02e76" />


---
## Credits

- Author: 0xDamian, [@damnsec1](https://x.com/damnsec1) on Twitter
    
- References: https://nvd.nist.gov/vuln/detail/cve-2018-9995 (CVE Database), https://github.com/ezelf/CVE-2018-9995_dvr_credentials (Python POC)
文件快照

 [4.0K]  /data/pocs/4980ca9afeaeb9186b75657b860dc2f97320669a
├── [ 37K]  Cargo.lock
├── [ 298]  Cargo.toml
├── [2.0K]  README.md
└── [4.0K]  src
    ├── [4.3K]  lib.rs
    └── [ 642]  main.rs

2 directories, 5 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。