POC详情: c12c4c33bcf9bcb4a0d58cba15fb8adfe72b85f6

来源
https://github.com/gwolfs/CVE-2018-9995-ModifiedByGwolfs
关联漏洞
标题: TBK DVR4104和DVR4216 安全漏洞 (CVE-2018-9995)
描述:TBK DVR4104和DVR4216都是高清数字录像机设备。 TBK DVR4104和DVR4216中存在安全漏洞。远程攻击者可借助Cookie: uid=admin包头利用该漏洞绕过身份验证。
介绍
### statement
This tool is an improved version of the CVE-2018-9995 wrote by gwolfs,and is for learning use only。Do not use for illegal purposes,all the consequences resulting from this are your own.The orginal version is wrote by ezelf and is on https://github.com/ezelf/CVE-2018-9995_dvr_credentials.
Thanks ezelf.
### Exploit:
1.get the SHODAN_APIKEY from shodan.io
2.open the search.rc and replace the $API_KEY to your SHODAN_APIKEY 
3.run startup.sh


4.(Optional)open the search.rc and replace the login.rsp to other query phrase.
文件快照

 [4.0K]  /data/pocs/c12c4c33bcf9bcb4a0d58cba15fb8adfe72b85f6
├── [ 34K]  LICENSE
├── [ 541]  README.md
├── [ 141]  search.sh
└── [  96]  startup.sh

0 directories, 4 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。