关联漏洞
标题:
Tenda N300 资源管理错误漏洞
(CVE-2020-35391)
描述:Tenda N300是中国腾达(Tenda)公司的一款路由器。 Tenda N300 F3 12.01.01.48 存在安全漏洞,该漏洞允许远程攻击者可利用该漏洞通过直接请求cgi-bin DownloadCfg RouterCfm获取敏感信息(可能包括http密码行)。
描述
A Python tool for exploiting CVE-2020-35391 on Tenda F3 V3 and F3 V4 routers, allowing unauthorized access to config, flash, and syslog files. Automates the process of downloading hidden files from the router.
介绍
# Tenda F3 Router Exploit & File Downloader
This project is a tool for downloading various files from the Tenda F3 router (v3/v4) through an unauthenticated vulnerability (CVE-2020-35391). It allows you to get the configuration file, system log, and flash dump from a vulnerable router.
## Overview
The script exploits a vulnerability found in the Tenda F3 router, enabling an attacker to download sensitive files without authentication. Specifically, the following files can be downloaded (I'm working on adding the possibility to change the password):
- Configuration file `RouterCfm.cfg` (that contains everything in plain text)
- System log file `RouterSystem.log`
- Flash memory dump `RouterFlash.bin`
## Features
- **Download the configuration file**: Fetches the router's configuration file.
- **Download the system log file**: Fetches the router's system log file.
- **Download the flash dump**: Dumps the router's flash memory.
## Requirements
- Python 3.x
- `socket` and `optparse` libraries (usually included with Python)
## Usage
```
python3 tendaF3-tool.py --target <target_ip> [options]
```
### Options:
- `-t, --target` : Specify the target IP address (required).
- `-c, --config` : Download the configuration file (`RouterCfm.cfg`).
- `-l, --log` : Download the system log file (`RouterSystem.log`).
- `-f, --flash` : Download the flash dump (`RouterFlash.bin`).
Example usage:
```
python3 tendaF3-tool.py -t 192.168.0.1 --config
```
This will download the configuration file from the target router.
## License
This repository is licensed under the MIT License. See the [LICENSE](LICENSE) file for more information.
---
**Note**: This tool is intended for educational purposes only. Please ensure you have proper authorization before testing any network or device.
文件快照
[4.0K] /data/pocs/cf0787b361d52409c3fc4aebfae672be8865c5bd
├── [1.0K] LICENSE
├── [1.8K] README.md
└── [2.0K] tendaF3-tool.py
0 directories, 3 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。