CVE-2018-9995 PoC — TBK DVR4104和DVR4216 安全漏洞

Source

https://github.com/TateYdq/CVE-2018-9995-ModifiedByGwolfs

Associated Vulnerability

Title:TBK DVR4104和DVR4216 安全漏洞 (CVE-2018-9995)
Description:TBK DVR4104和DVR4216都是高清数字录像机设备。 TBK DVR4104和DVR4216中存在安全漏洞。远程攻击者可借助Cookie: uid=admin包头利用该漏洞绕过身份验证。

Readme

### state
This tools is an improved version of the CVE-2018-9995 wrote by gwolfs,and is for learning use only。Do not use for illegal purposes，all the consequences resulting from this are your own.The orginal version is wrote by ezelf and is on https://github.com/ezelf/CVE-2018-9995_dvr_credentials
Thanks ezelf.
### Exploit:
tow methods,you can read the README.md in the method1 or method2,I recommend the method1.

File Snapshot


 [4.0K]  /data/pocs/ece5267f6aa45b099076c4a2cd3701e98007fecb
├── [ 34K]  LICENSE
├── [4.0K]  methods1
│   ├── [2.6K]  getDVR_Credentials.py
│   ├── [ 613]  README.md
│   ├── [ 137]  search.sh
│   └── [  75]  startup.sh
├── [4.0K]  methods2
│   ├── [  57]  config.py
│   ├── [2.6K]  dvr.py
│   └── [ 613]  README.md
└── [ 419]  README.md

2 directories, 9 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!