CVE-2017-7921

This PoC decrypts Hikvision camera configuration files obtained via CVE-2017-7921, an authentication bypass vulnerability. It uses a static AES key and XOR operations to reveal sensitive credentials stored in the config file.

This PoC exploits an improper authentication vulnerability in Hikvision devices (CVE-2017-7921) by bypassing authentication via a crafted 'auth' parameter to retrieve sensitive configuration files containing plaintext credentials. The exploit decrypts and processes the configuration file to extract user credentials.

This repository contains a Go-based PoC for CVE-2017-7921, targeting Hikvision devices with unauthenticated access and credential extraction. It includes modules for vulnerability detection, password brute-forcing, and exploitation via AES decryption of configuration files.

This PoC exploits CVE-2017-7921, an information disclosure vulnerability in Hikvision devices, by extracting encrypted configuration files and decrypting credentials. It also captures snapshots from vulnerable devices.

This repository contains a Python-based scanner that leverages Shodan to discover and enumerate Hikvision devices (DVRs, NVRs, and cameras) with default credentials. It does not exploit CVE-2017-7921 but instead scans for vulnerable devices using a known default credential (admin:12345).

This repository contains a Go-based exploit for CVE-2017-7921, targeting Hikvision devices. The exploit decrypts configuration files to extract credentials, leveraging AES-ECB decryption and XOR operations.

This PoC exploits CVE-2017-7921, an authentication bypass vulnerability in Hikvision cameras, to extract user credentials, configuration files, and snapshots. It includes functionality to decrypt configuration files and enumerate user accounts.

This repository contains a multi-threaded scanner to identify HikVision devices vulnerable to CVE-2017-7921 by checking the /onvif-http/snapshot?auth=YWRtaW46MTEK endpoint. It verifies vulnerability by checking for a 200 status code and a content length greater than 100 bytes.

This repository contains a working PoC for CVE-2017-7921, targeting HKVision cameras with unauthenticated configuration file download and snapshot capture via hardcoded credentials. The scripts automate mass exploitation and include a decryption tool for extracted configuration files.

This repository contains a Python-based toolkit for detecting and exploiting CVE-2017-7921, an authentication bypass vulnerability in Hikvision IP cameras. It automates the process of downloading encrypted configuration files, decrypting them using hardcoded keys, and extracting credentials.

This repository contains a scanner for multiple Hikvision vulnerabilities, including CVE-2022-28171, which is a blind SQL injection vulnerability. The scanner checks for the presence of vulnerabilities by sending crafted requests and analyzing responses.

This repository contains a functional Python exploit for CVE-2017-7921, which targets an authentication bypass vulnerability in Hikvision cameras. The exploit retrieves user credentials and snapshots by leveraging a hardcoded authentication token and AES-XOR decryption.

This PoC exploits CVE-2017-7921, an authentication bypass vulnerability in Hikvision IP cameras and DVRs, to extract admin credentials by decrypting and XORing configuration files. It includes multi-threading for scanning multiple targets.

This repository contains a working exploit for CVE-2017-7921, targeting Hikvision devices. It includes a script to check for vulnerability, extract configuration files, and decrypt credentials using a known backdoor authentication bypass.

This is a functional exploit for CVE-2017-7921, an authentication bypass vulnerability in Hikvision cameras. It includes methods to check for vulnerability, extract credentials via OpenSSL decryption, and capture snapshots using the magic auth bypass.

This PoC exploits CVE-2017-7921, an information disclosure vulnerability in Hikvision devices, by extracting encrypted configuration files and decrypting credentials. It also captures snapshots from vulnerable devices.

This repository contains a Python script to decrypt configuration files from Hikvision IP cameras vulnerable to CVE-2017-7921, an authentication bypass flaw. The script uses AES-ECB decryption with a static key and XOR operations to extract sensitive information from the downloaded config file.

This PoC exploits CVE-2017-7921, an authentication bypass vulnerability in certain devices, to extract admin credentials by decrypting configuration files. It checks for vulnerability status and retrieves usernames and passwords if the target is vulnerable.

This Python script exploits CVE-2017-7921, an authentication bypass vulnerability in Hikvision cameras, to download a snapshot image without credentials. It constructs a URL with hardcoded admin credentials and attempts to save the image locally.

This PoC exploits CVE-2017-7921 to extract admin credentials from vulnerable cameras by decrypting configuration files and downloading snapshots. It includes functionality to convert images into a video and supports Tor for anonymity.

This PoC exploits an improper authentication vulnerability in Hikvision devices (CVE-2017-7921) by bypassing authentication via a crafted 'auth' parameter. It retrieves and decrypts configuration files containing plaintext credentials using a static encryption key.

This PoC decrypts Hikvision camera configuration files obtained via CVE-2017-7921, an authentication bypass vulnerability. It uses a static AES key and XOR operations to reveal sensitive credentials stored in the config file.

This repository provides a detailed technical analysis of CVE-2025-65753, a TLS certificate validation flaw in Gryphon Guardian access points. It describes the vulnerability, exploitation methods (MitM/DNS spoofing), and includes step-by-step instructions for creating a malicious payload to achieve remote code execution.

The repository contains a functional exploit for CVE-2017-7921, an authentication bypass vulnerability in Hikvision IP cameras and DVRs. The script automates the process of retrieving encrypted configuration files, decrypting them, and extracting admin credentials.

This Metasploit module exploits an improper authentication logic flaw in Hikvision IP cameras (CVE-2017-7921) to perform an unauthenticated password reset for any user account, granting administrative access.

This Metasploit module exploits an unauthenticated information disclosure vulnerability in Hikvision IP cameras (CVE-2017-7921) to retrieve sensitive data such as credentials, configuration details, and snapshots. It decrypts the camera's configuration file using AES-128-ECB and XOR operations to extract plaintext passwords and other sensitive information.