Ismartviewpro 1.5 device alias buffer overflow Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2018-08-08 |
Type : local |
Platform : windows_x86-64
This exploit / vulnerability Ismartviewpro 1.5 device alias buffer overflow is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: iSmartViewPro 1.5 - 'Device Alias' Buffer Overflow
# Author: Rodrigo Eduardo Rodriguez
# Discovery Date: 2018-08-07
# Vendor Homepage: https://securimport.com/
# Software Link: https://securimport.com/university/videovigilancia-ip/software/493-software-ismartviewpro-v1-5
# Tested Version: 1.5
# Vulnerability Type: Buffer Overflow Local
# Tested on OS: Windows 10 Pro x64 es
# Steps to Produce the BoF:
# 1.- Run python code : python generatepaste.py
# 2.- Open generate.txt and copy content to clipboard
# 3.- Open iSmartViewPro
# 4.- clic button "+"
# 5.- Select "add device manually"
# 6.- paste ClipBoard on "Device Alias"
# 7.- DNS/IP/DID -> "0.0.0.0"
# 8.- acount -> "admin"
# 9.- password -> "admin"
# 10.- Save
# 11.- BoF