POC详情: 94e0dfec43ebf6ee9d1a4fc9d9d00aff3e5fba66

来源
https://github.com/Yozarseef95/CVE-2023-31595
关联漏洞
标题: IC Realtime ICIP-P2012T 安全漏洞 (CVE-2023-31595)
描述:IC Realtime ICIP-P2012T是IC Realtime公司的一款 200 万像素的相机。 IC Realtime ICIP-P2012T 2.420版本存在安全漏洞,该漏洞源于容易通过未经身份验证的端口访问受到不正确的访问控制。
描述
IC Realtime ICIP-P2012T is vulnerable to Incorrect Access Control via an open port
介绍
# CVE-2023-31595
IC Realtime ICIP-P2012T is vulnerable to Incorrect Access Control via an open port

IC Realtime IP PTZ Dome Camera ICIP-P2012 software version: 2.420

An exposed port (9989) responds with a live snapshot at the time of request, by using a script, it could be leveraged to have a live feed image every x second. This vulnerability critically affects confidentiality of data and could be used in reconnaissance phase (identify people, passwords etc.) for any threats.

# Exploit - Proof of Concept (POC)

1- Scan camera's IP to check if port 9989 is open.

2- If port is open, run capture.sh 

  ``` sudo chmod +x capture.sh ```

  ``` ./capture.sh <IP> ```

A snapshot every 2 seconds is saved to a file with camera IP's name

N.B: you can change duration by changing the sleep value at the end of script

![image](https://github.com/Yozarseef95/CVE-2023-31595/assets/128100303/2bcd6f42-497e-43b6-8d02-458daaf3fee4)

![image](https://github.com/Yozarseef95/CVE-2023-31595/assets/128100303/6c15c5a8-ea40-4272-bff2-bc8ddd568904)

[Discoverer]
> Youssef Mohamed - Cloud Consultancy for Digitalization & Security
文件快照

 [4.0K]  /data/pocs/94e0dfec43ebf6ee9d1a4fc9d9d00aff3e5fba66
├── [ 590]  capture.sh
└── [1.1K]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。