Unauthenticated information disclosure such as configuration, credentials and camera snapshots of a vulnerable Hikvision IP Camera
Description
Many Hikvision IP cameras have improper authorization logic that allows unauthenticated information disclosure of camera information, such as detailed hardware and software configuration, user credentials, and camera snapshots. The vulnerability has been present in Hikvision products since 2014. In addition to Hikvision-branded devices, it affects many white-labeled camera products sold under a variety of brand names. Hundreds of thousands of vulnerable devices are still exposed to the Internet at the time of publishing (shodan search: "App-webs" "200 OK"). This module allows the attacker to retrieve this information without any authentication. The information is stored in loot for future use.
Author(s)
- Monte Crypto
- h00die-gr3y <h00die.gr3y@gmail.com>
Development
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':
msf > use auxiliary/gather/hikvision_info_disclosure_cve_2017_7921
msf auxiliary(hikvision_info_disclosure_cve_2017_7921) > show actions
...actions...
msf auxiliary(hikvision_info_disclosure_cve_2017_7921) > set ACTION < action-name >
msf auxiliary(hikvision_info_disclosure_cve_2017_7921) > show options
...show and set options...
msf auxiliary(hikvision_info_disclosure_cve_2017_7921) > run 
- Collect and share all the information you need to conduct a successful and efficient penetration test
- Simulate complex attacks against your systems and users
- Test your defenses to make sure they’re ready
- Automate Every Step of Your Penetration Test
Time is precious, so I don’t want to do something manually that I can automate. Leveraging the Metasploit Framework when automating any task keeps us from having to re-create the wheel as we can use the existing libraries and focus our efforts where it matters.
– Jim O’Gorman | President, Offensive Security