CVE-2018-9995

This exploit targets a credential exposure vulnerability in DVR devices by sending a crafted HTTP request to retrieve user credentials in JSON format. It parses and displays the extracted usernames, passwords, and role IDs in a table.

This repository contains a Python script that exploits CVE-2018-9995, an information disclosure vulnerability in various DVR devices. The exploit retrieves user credentials by sending a crafted HTTP request to the vulnerable endpoint.

This exploit targets CVE-2018-9995, an information disclosure vulnerability in DVR devices. It sends a crafted HTTP request to '/device.rsp?opt=user&cmd=list' to expose user credentials without authentication.

This is a Rust-based PoC exploit for CVE-2018-9995, which targets a credential disclosure vulnerability in DVR devices. It sends a crafted HTTP request to retrieve user credentials in JSON format.

This Python script exploits CVE-2018-9995, a vulnerability in DVR devices, by sending a crafted HTTP request to retrieve a list of user credentials. It automates the exploitation process and saves the output to a file.

This PoC exploits CVE-2018-9995, an authentication bypass vulnerability in various DVR devices. It sends a crafted request with a 'Cookie: uid=admin' header to retrieve sensitive credentials from the device's JSON response.

This exploit targets CVE-2018-9995, a vulnerability in DVR/NVR devices that allows unauthenticated credential disclosure. The PoC sends a crafted request to '/device.rsp?opt=user&cmd=list' to extract admin credentials.

This repository contains a batch scanning tool for CVE-2018-9995, a vulnerability in D-Link routers. The script uses asynchronous requests to scan multiple targets for the presence of the vulnerability.

This PoC exploits CVE-2018-9995, an information disclosure vulnerability in DVR devices, by retrieving hardcoded credentials from the device.rsp endpoint. It uses a simple HTTP request to extract username and password from the response.

This repository contains a Python script that exploits CVE-2018-9995, an information disclosure vulnerability in various DVR devices. The exploit retrieves user credentials by sending a crafted HTTP request to the vulnerable endpoint.

This repository provides a modified version of the CVE-2018-9995 exploit, which targets DVR credentials by leveraging Shodan for discovery. It includes scripts to search for vulnerable devices and extract credentials, but lacks direct exploit code for the vulnerability itself.

This repository contains a Python script to scan for CVE-2018-9995, a vulnerability in DVR series cameras. It checks for the presence of the vulnerable server header and logs vulnerable hosts to a file.

This repository contains a C# PoC for CVE-2018-9995, which exploits an authentication bypass vulnerability in DVR devices. The tool sends a crafted HTTP request to retrieve user credentials and device information without authentication.

This PoC exploits CVE-2018-9995, an information disclosure vulnerability in DVR devices, by sending a crafted HTTP request to retrieve user credentials without authentication. The script parses the JSON response and displays the extracted usernames, passwords, and roles in a table format.

This PoC exploits CVE-2018-9995, an information disclosure vulnerability in DVR devices, by retrieving exposed credentials via an unauthenticated HTTP request to '/device.rsp?opt=user&cmd=list'. The script automates the extraction of usernames and passwords from vulnerable devices.

This PoC exploits CVE-2018-9995, an authentication bypass vulnerability in DVR devices, to extract user credentials via a crafted request to the device.rsp endpoint. It supports multi-threading and proxy usage for batch exploitation.

This repository contains a Python script that exploits CVE-2018-9995 to retrieve DVR credentials by sending a crafted HTTP request to an exposed endpoint. The exploit leverages an authentication bypass vulnerability in various DVR systems.

This exploit targets CVE-2018-9995, an authentication bypass vulnerability in DVR devices. It sends a crafted HTTP request to retrieve user credentials without authentication.

This repository contains a functional Python script that exploits CVE-2018-9995, an information disclosure vulnerability in various DVR devices. The exploit retrieves user credentials by sending a crafted HTTP request to the vulnerable endpoint.

This repository is a documentation and installation guide for pyenv, a Python version management tool. It does not contain exploit code or a PoC for CVE-2028-9995.

This repository contains a Python-based scanner and exploit for CVE-2018-9995, which allows unauthorized extraction of credentials from vulnerable DVR systems via a crafted HTTP request with a spoofed admin cookie. The PoC includes both interactive and command-line modes for testing.

This repository contains a Python-based exploit for CVE-2018-9995, which leaks DVR credentials by sending a crafted HTTP request to an affected device. The exploit targets multiple DVR vendors and includes a script to automate credential extraction.

This script appears to be a partial or incomplete PoC for CVE-2018-9995, targeting a DVR device. It sends a request to a hardcoded IP and port to list users but lacks exploit functionality.

This script exploits CVE-2018-9995, an information disclosure vulnerability in DVR devices. It retrieves a list of users, including usernames, passwords, and roles, by sending a crafted HTTP request to the device's endpoint.

This exploit PoC targets CVE-2018-9995, an information disclosure vulnerability in DVR devices. It retrieves admin credentials by sending a crafted HTTP request to the vulnerable endpoint.

This PoC exploits CVE-2018-9995, an authentication bypass vulnerability in DVR devices, to retrieve user credentials via an unauthenticated HTTP request to the `/device.rsp?opt=user&cmd=list` endpoint. The script parses the JSON response to extract usernames, passwords, and role IDs.

This PoC exploits CVE-2018-9995, an authentication bypass vulnerability in DVR devices, by sending a crafted request with a modified 'Cookie: uid=admin' header to retrieve plaintext administrator credentials.

This repository contains a Python script that exploits CVE-2018-9995, an information disclosure vulnerability in various DVR devices. The exploit retrieves user credentials by sending a crafted HTTP request to the vulnerable endpoint.

This repository contains a Python script that exploits CVE-2018-9995, an information disclosure vulnerability in various DVR devices. The exploit retrieves user credentials by sending a crafted HTTP request to the vulnerable endpoint.

This repository contains a Python-based exploit for CVE-2018-9995, which targets DVR devices to extract credentials via an unauthenticated API endpoint. It includes two methods: one using Metasploit for Shodan queries and another using the Shodan API directly.

This repository contains the RouterSploit framework, which includes exploit modules for embedded devices, including a module for CVE-2018-9995. The framework is designed for penetration testing and includes functional exploit code.