Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-9995 PoC — TBK DVR4104和DVR4216 安全漏洞

Source
https://github.com/dearpan/cve-2018-9995
Associated Vulnerability
Title:TBK DVR4104和DVR4216 安全漏洞 (CVE-2018-9995)
Description:TBK DVR4104和DVR4216都是高清数字录像机设备。 TBK DVR4104和DVR4216中存在安全漏洞。远程攻击者可借助Cookie: uid=admin包头利用该漏洞绕过身份验证。
Readme
# cve-2018-9995
DVR,全称为Digital Video Recorder(硬盘录像机),即数字视频录像机,相对于传统的模拟摄像录像机,采用硬盘录像,故常常被称为硬盘录像机,也被称为DVR.
通过漏洞允许攻击者通过修改“Cookie: uid=admin” 之后访问 DVR 的控制面板,返回此设备的明文管理员凭证。

使用方法:
python3 cve-2018-9995.py <ip> <port>
File Snapshot

 [4.0K]  /data/pocs/b04b890c26fb226cb2f2b1b05380cfb0ae8dd6e7
├── [1.7K]  cve-2018-9995.py
└── [ 409]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.