关联漏洞
标题:
多款Hikvision产品安全漏洞
(CVE-2017-7921)
描述:Hikvision DS-2CD2xx2F-I Series等都是中国海康威视(Hikvision)公司的网络摄像头产品。 多款Hikvision产品中存在身份验证漏洞。攻击者可利用该漏洞提升权限,获取敏感信息的访问权限。以下产品和版本受到影响:Hikvision DS-2CD2xx2F-I Series 5.2.0 build 140721版本至5.4.0 build 160530版本;DS-2CD2xx0F-I Series 5.2.0 build 140721版本至5.4.0 Build 16040
描述
Test For CVE-2017–7921;
介绍
# HikVision-CVE-2017-7921
**Identify potential vulnerabilities with CVE-2017-7921 exploit checks or by testing the /onvif-http/snapshot?auth=YWRtaW46MTEK URI on target IP addresses using a multi-threaded approach for faster results.**
# Requirements
```
python3
Python Pacakges => requests, Fake_useragent, colorama
```
# Installation
> You can just install the dependencies using pip: pip install -r requirements.txt
> If you prefer to manually install the required packages, you can use the `pip install` command followed by the package names listed in `requirements.txt`.
> [!TIP]
> Ensure Python 3 is installed and added to your system path.
## Linux
```
cd /HikVision-CVE-2017-7921
pip3 install -r requirements.txt
Add ips to targets.txt and then
python3 main.py
Then Check; vulnerable.txt
```
### ScreenShot Of The Tool
## Features And Issues
>Report any problems you find or suggest features you'd like to see.
>Telegram : @uz3er
>Telegram Channel: @undergroundcy
文件快照
[4.0K] /data/pocs/50b9db261522b5753669fb905a25b5f69fece2b2
├── [1.6K] main.py
├── [1.0K] README.md
├── [ 34] requirements.txt
├── [ 44K] targets.txt
└── [ 0] vulnerable.txt
0 directories, 5 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。