Skip to content

A PoC exploit for CVE-2017-8225 - GoAhead System.ini Leak

Notifications You must be signed in to change notification settings

K3ysTr0K3R/CVE-2017-8225-EXPLOIT

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
 
 
 
 
 
 

Repository files navigation

CVE-2017-8225 - GoAhead System.ini Leak

This vulnerability pertains to Wireless IP Camera (P2P) WIFICAM devices. It arises from a lapse in correctly validating .ini files, which store critical credentials. An adept attacker can exploit this by providing empty values for both the loginuse and loginpas parameters in the URI. Specifically, access is granted via the path: /system.ini?loginuse&loginpas.

Exploit Details

For demonstration purposes, a Proof-of-Concept (PoC) exploit has been provided. However, it is essential to exercise extreme caution and ensure proper authorization before employing this exploit.

Disclaimer

This PoC exploit is intended solely for educational and testing purposes. Unauthorized use may contravene legal regulations in your jurisdiction. The author bears no responsibility for any misuse or consequential damages arising from the application of this exploit.