A collection of exploits for various vulnerabilities targeting Inteno IOPSYS devices
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
Rasmus Moorats d0a95cb392 blacked code 3 years ago
README.md blacked code 3 years ago
cve-2017-11361.js Add CVE-2017-11361 5 years ago
cve-2017-17867.py blacked code 3 years ago
cve-2018-10123-shell.py blacked code 3 years ago
cve-2018-10123.py blacked code 3 years ago
cve-2018-14533.py blacked code 3 years ago
cve-2018-20487.py blacked code 3 years ago


Proof of concepts and exploits for IOPSYS devices

Code style: black

This is a collection of scripts which abuse various vulnerabilities on devices running Inteno's IOPSYS. More details about each vulnerability can be found on my blog.

These scripts have only been tested on Linux, but they may also work on other operating systems.


The Python scripts require Python 3.6+ and the submodule websocket-client:

# pip install websocket-client

Furthermore, cve-2017-17867.py and cve-2018-14533.py also require the unix tool smbclient, which you can install using your distro's package manager.


Usage for each script is specified at the top of the script as a comment.