DVR-Exploiter a Bash Script Program Exploit The DVR’s Based on CVE-2018-999.
[*] Exploit Title: DVR Credentials Exposed
[*] Date: 09/04/2018
[*] Exploit Author: Fernandez Ezequiel
[*] DVR-Exploiter By: Belahsan Ouerghi
[*] Contact: www.facebook.com/ouerghi.belahsan
[*] Youtube Tutorial: https://www.youtube.com/watch?v=vdnATjE_4II
[*] Dorks: intitle:"DVR Login"
html:"/login.rsp"
"Server: GNU rsp/1.1"
Tested In DVR
Novo
CeNova
QSee
Pulnix
XVR 5 in 1 (title: "XVR Login")
Securus, - Security. Never Compromise !! -
Night OWL
DVR Login
HVR Login
MDVR Login
DVR-Exploiter Installation
$ git clone https://github.com/TunisianEagles/DVR-Exploiter.git
$ cd DVR-Exploiter
$ ./DVR-Exploiter.s
Also ReadNmap-Bootstrap-XSL : A Nmap XSL implementation with Bootstrap
Details
[ After Running Choose The Host Example : 1 = 127.0.0.1 {IP } , / 2 = www.xxxxxxxx.com ]
- Don’t Forget To Install The Plugin Of The DVR
Screenshot