CVE-2017-8225 PoC — Wireless IP Camera (P2P) WIFICAM 安全漏洞

Source

https://github.com/K3ysTr0K3R/CVE-2017-8225-EXPLOIT

Associated Vulnerability

Title:Wireless IP Camera (P2P) WIFICAM 安全漏洞 (CVE-2017-8225)
Description:Wireless IP Camera (P2P) WIFICAM是一款远程网络摄像机。 Wireless IP Camera (P2P) WIFICAM设备存在安全漏洞，该漏洞源于程序没有正确的检查.ini文件的访问权限。攻击者可利用该漏洞绕过身份验证。

Description

A PoC exploit for CVE-2017-8225 - GoAhead System.ini Leak

Readme

# CVE-2017-8225 - GoAhead System.ini Leak

This vulnerability pertains to Wireless IP Camera (P2P) WIFICAM devices. It arises from a lapse in correctly validating .ini files, which store critical credentials. An adept attacker can exploit this by providing empty values for both the loginuse and loginpas parameters in the URI. Specifically, access is granted via the path: /system.ini?loginuse&loginpas.

# Exploit Details

For demonstration purposes, a Proof-of-Concept (PoC) exploit has been provided. However, it is essential to exercise extreme caution and ensure proper authorization before employing this exploit.

# Disclaimer

This PoC exploit is intended solely for educational and testing purposes. Unauthorized use may contravene legal regulations in your jurisdiction. The author bears no responsibility for any misuse or consequential damages arising from the application of this exploit.

File Snapshot


 [4.0K]  /data/pocs/b1cfe8e8877470d49437d2d1a956ae1126095f4a
├── [6.9K]  CVE-2017-8225.py
├── [ 903]  README.md
└── [  52]  requirements.txt

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!