DVR-Exploiter : DVR-Exploiter a Bash Script Program Exploit The DVR’s
DVR-Exploiter a Bash Script Program Exploit The DVR’s Based on CVE-2018-999.
[*] Exploit Title: DVR Credentials Exposed
[*] Date: 09/04/2018
[*] Exploit Author: Fernandez Ezequiel
[*] DVR-Exploiter By: Belahsan Ouerghi
[*] Contact: www.facebook.com/ouerghi.belahsan
[*] Youtube Tutorial: https://www.youtube.com/watch?v=vdnATjE_4II
[*] Dorks: intitle:"DVR Login"
html:"/login.rsp"
"Server: GNU rsp/1.1"
![](data:image/svg+xml;charset=utf-8,<svg height="379px" width="478px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
Tested In DVR
Novo
CeNova
QSee
Pulnix
XVR 5 in 1 (title: "XVR Login")
Securus, - Security. Never Compromise !! -
Night OWL
DVR Login
HVR Login
MDVR Login
DVR-Exploiter Installation
$ git clone https://github.com/TunisianEagles/DVR-Exploiter.git
$ cd DVR-Exploiter
$ ./DVR-Exploiter.s
Also ReadNmap-Bootstrap-XSL : A Nmap XSL implementation with Bootstrap
Details
[ After Running Choose The Host Example : 1 = 127.0.0.1 {IP } , / 2 = www.xxxxxxxx.com ]
- Don’t Forget To Install The Plugin Of The DVR
Screenshot
![](data:image/svg+xml;charset=utf-8,<svg height="354px" width="789px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="465px" width="787px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="310px" width="742px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="295px" width="728px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="295px" width="737px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="315px" width="732px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="314px" width="725px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="322px" width="748px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="330px" width="764px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="543px" width="1084px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="492px" width="742px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="546px" width="325px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
![](data:image/svg+xml;charset=utf-8,<svg height="40px" width="141px" xmlns="http://www.w3.org/2000/svg" version="1.1"/>)
Recent Posts
SpyAI : Intelligent Malware With Advanced Capabilities
SpyAI is a sophisticated form of malware that leverages advanced technologies to capture and analyze…
Proxmark3 : The Ultimate Tool For RFID Security And Analysis
The Proxmark3 is a versatile, open-source tool designed for radio-frequency identification (RFID) security analysis, research,…
Awesome Solana Security : Enhancing Program Development
The "Awesome Solana Security" collection is a comprehensive resource designed to help developers build more…
IngressNightmare-POCs : Understanding The Vulnerability Exploitation Flow
The "IngressNightmare" vulnerabilities, disclosed in March 2025, represent a critical set of security issues affecting…
AdaptixC2 : Enhancing Penetration Testing With Advanced Framework Capabilities
AdaptixC2 is an advanced post-exploitation and adversarial emulation framework designed specifically for penetration testers. It…
Bincrypter : Enhancing Linux Binary Security through Runtime Encryption And Obfuscation
Bincrypter is a powerful Linux binary runtime crypter written in BASH. It is designed to…