Dustin Noe dustinnoe
dustinnoe
/ heartbleed.py
Last active
January 23, 2018 16:44
— forked from eelsivart/heartbleed.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/python | |
| # Modified by Dustin Noe dustinnoe.com | |
| # Last Updated: 5/28/15 | |
| # | |
| # -added option to perform a regular expression cleaned output with cheap base64 detection/decode | |
| # Modified by Travis Lee | |
| # Last Updated: 4/21/14 | |
| # Version 1.16 |
dustinnoe
/ SRN-x WebViewer DOS Vulnerability
Created
August 8, 2019 14:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| > [Suggested description] | |
| > An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s | |
| > 1.07_190502 devices, and other SRN-x devices before 2019-05-03. A | |
| > system crash and reboot can be achieved by submitting a long username | |
| > in excess of 117 characters. The username triggers a buffer overflow | |
| > in the main process controlling operation of the DVR system, rendering | |
| > services unavailable during the reboot operation. A repeated attack | |
| > affects availability as long as the attacker has network access to the | |
| > device. | |
| > |