关联漏洞
标题:
Cisco Linksys SMART WiFi固件信息泄露漏洞
(CVE-2014-8244)
描述:Cisco Linksys SMART WiFi firmware on EA2700和EA3500等是美国思科(Cisco)公司的运行于EA系列路由器中的固件。 Cisco Linksys SMART WiFi固件中存在安全漏洞。远程攻击者可借助JNAP/ HTTP请求上的JNAP操作利用该漏洞获取敏感信息或修改数据。以下版本受到影响:EA2700和EA3500设备上的Linksys SMART WiFi固件,E4200v2和EA4500设备上的Linksys SMART WiFi固件2.1.41 bu
描述
Python3 script to scan for Linksys smart wifi devices that are vulnerable to CVE-2014-8244
介绍
# LinksysLeaks
Python3 script to scan for Linksys smart wifi devices that are vulnerable to CVE-2014-8244
This script was created to help me find vulnerable smart wifi devices that leak sensitive information,known as CVE-2014-8244.
You have the option to either scan a single ip or a text file with multiple IPs. optional arguements includes port to scan, timeout, save found devices to a text file, and check admin password.
At the moment the script only checks if it finds a device and if its default password "admin" is in use. Other leak functions and arguements will be added later.(Device info such as fw date/version, connected devices, DDNS status, and more)
I created this for educational purposes so please keep it that way when you use it, only test on your network or a network you have permission to test on.
Usage:
single IP - python3 main.py --target 10.0.0.1
file IPs - python3 main.py --file fileName.txt
文件快照
[4.0K] /data/pocs/b0e8730a2b906d1b0ff7baabcdb1d0499997ee2f
├── [6.7K] deviceleaks.py
├── [1.8K] main.py
├── [ 934] README.md
├── [ 99] requirements.txt
└── [ 586] setArgs.py
0 directories, 5 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。