A collection of exploits for various vulnerabilities targeting Inteno IOPSYS devices

Go to file

Rasmus Moorats d0a95cb392 blacked code		2020-01-27 15:37:23 +02:00
README.md	blacked code	2020-01-27 15:37:23 +02:00
cve-2017-11361.js	Add CVE-2017-11361	2018-08-05 18:18:46 +03:00
cve-2017-17867.py	blacked code	2020-01-27 15:37:23 +02:00
cve-2018-10123-shell.py	blacked code	2020-01-27 15:37:23 +02:00
cve-2018-10123.py	blacked code	2020-01-27 15:37:23 +02:00
cve-2018-14533.py	blacked code	2020-01-27 15:37:23 +02:00
cve-2018-20487.py	blacked code	2020-01-27 15:37:23 +02:00

README.md

Proof of concepts and exploits for IOPSYS devices

This is a collection of scripts which abuse various vulnerabilities on devices running Inteno's IOPSYS. More details about each vulnerability can be found on my blog.

These scripts have only been tested on Linux, but they may also work on other operating systems.

Dependencies

The Python scripts require Python 3.6+ and the submodule websocket-client:

# pip install websocket-client

Furthermore, cve-2017-17867.py and cve-2018-14533.py also require the unix tool smbclient, which you can install using your distro's package manager.

Usage

Usage for each script is specified at the top of the script as a comment.