关联漏洞
标题:
多款Hikvision产品安全漏洞
(CVE-2017-7921)
描述:Hikvision DS-2CD2xx2F-I Series等都是中国海康威视(Hikvision)公司的网络摄像头产品。 多款Hikvision产品中存在身份验证漏洞。攻击者可利用该漏洞提升权限,获取敏感信息的访问权限。以下产品和版本受到影响:Hikvision DS-2CD2xx2F-I Series 5.2.0 build 140721版本至5.4.0 build 160530版本;DS-2CD2xx0F-I Series 5.2.0 build 140721版本至5.4.0 Build 16040
描述
Hikvision IP camera access bypass exploit, developed by golang.
介绍
# Hikvision bypass exploit
## Requirements
1. github.com/levigross/grequests
2. github.com/msterzhang/gpool
3. golang.org/x/net
4. github.com/go-vgo/robotgo
## Build
```
git clone https://github.com/MisakaMikato/cve-2017-7921-golang.git
cd cve-2017-7921-golang/src/cve-2017-7921-golang
go build .
```
## Usage
```
cve-2017-7921 [-e] [-b] [--password password] [-t target] [--thread thread] [-timeout time]
Options:
-b Use burte force model
-e Use cve-2017-7921 exploit model
-o string
Set the output path, if it's empty, the result will be outputed to stdout.
-password string
Set the password if using burte force model, or password file path with syntax 'file:<path>' (default "12345")
-t string
Exploited target, ip:port or file path, example: 127.0.0.1, or target file path with syntax 'file:<path>'
-thread int
The number of concurrent threads (default 1)
-timeout int
Give up on target after this long. (default 5)
Press 'w' to get progress info :)
```
Example
```
cve-2017-7921 -e -t 192.168.1.0/24 --thread 10 -o ./res.txt
cve-2017-7921 -b --password file:./pwds.txt -t 192.168.1.0/24 --thread 10
```
文件快照
[4.0K] /data/pocs/7350e4dc3098d5fd9fc4510bc7af54c8655931ee
├── [ 299] go.mod
├── [6.2K] go.sum
├── [1.0K] LICENSE
├── [1.1K] README.md
└── [4.0K] src
├── [4.0K] aesebc
│ ├── [1.8K] aesebc.go
│ └── [2.2K] aesebc_test.go
├── [4.0K] cve-2017-7921-golang
│ ├── [7.2K] main.go
│ ├── [5.6K] main_test.go
│ └── [2.3K] output.go
└── [4.0K] gip
├── [2.2K] gip.go
└── [ 769] gip_test.go
4 directories, 11 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。