SitePoint Sponsor

User Tag List

Results 1 to 9 of 9

Thread: cgi login

  1. #1
    SitePoint Evangelist
    Join Date
    Feb 2009
    Posts
    412
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    cgi login

    Hello,

    I am trying to do a sales demonstration regarding DVR systems and one of the things that is very common about all DVR systems is that they use the exact same login methods as routers do, Netgear, Linksys, etc which is simply CGI scripts. So it would be:

    http://url/cgi-bin/record_camera.cgi
    http://url/cgi-bin/login_proc.cgi

    If I try to get into a page without logging in get a blank page, no code. When I hit a wrong username it just refreshes. What I have been told is that CGI isn't all that difficult to break so I am trying to find a way or any resource of how to bypass the login and manipulate the cameras so I can show this to the customer. Can anyone help? I been checking google but haven't found anything.

    All I know is that they are running BOA 0.94.14rc21 webserver.

    Their code for logging in:

    <td width="110" rowspan="2" align="right"><input type="button" class="btn_login" onclick="auto_submit()" value="LOGIN"></td>
    </tr>

    <tr>
    <td height="22" class="se"><strong>PASSWORD</strong></td>
    <td align="center"><input class="i_text01" name="login_pwd" type="password" type="text" size="15" onKeyPress="if(event.keyCode == '13') check_form();"></td>

  2. #2
    It's all Geek to me silver trophybronze trophy
    ralph.m's Avatar
    Join Date
    Mar 2009
    Location
    Melbourne, AU
    Posts
    24,319
    Mentioned
    462 Post(s)
    Tagged
    8 Thread(s)
    What are you actually trying to do here? Upload files to a server? Or alter web pages? Or ... [sorry if I'm just missing the obvious ]

  3. #3
    SitePoint Wizard silver trophy Crazybanana's Avatar
    Join Date
    Mar 2003
    Location
    In tha fruit cellar
    Posts
    1,379
    Mentioned
    32 Post(s)
    Tagged
    1 Thread(s)
    So you are doing sales demonstrations of these systems, but need to break in to be able to do this - interesting way of doing business...
    Who's to doom when the judge himself is dragged before the bar


  4. #4
    SitePoint Evangelist
    Join Date
    Feb 2009
    Posts
    412
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by ralph.m View Post
    What are you actually trying to do here? Upload files to a server? Or alter web pages? Or ... [sorry if I'm just missing the obvious ]
    I am trying to gain access to the .cgi scripts that control the DVR bypassing the login, so essentially where it says login I can bypass it somehow or at least alter the CGI files somehow without having login credentials or a way for me to figure out the user and password.

  5. #5
    SitePoint Evangelist
    Join Date
    Feb 2009
    Posts
    412
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Crazybanana View Post
    So you are doing sales demonstrations of these systems, but need to break in to be able to do this - interesting way of doing business...
    well no, i wouldn't be trying to sell the same system while at the same time trying to demonstrate its lack of security, that be nonsensical. I am trying to show the insecurity of a rival system, we have a different login method.

  6. #6
    Programming Team silver trophybronze trophy
    Mittineague's Avatar
    Join Date
    Jul 2005
    Location
    West Springfield, Massachusetts
    Posts
    17,255
    Mentioned
    196 Post(s)
    Tagged
    2 Thread(s)
    Forgive me if I sound harsh, but you want to show that something is not secure based on what you "heard", but can't because it's too secure for you?

    IMHO you should give up on trying to show something else's failings and instead focus on how what you're selling is secure. i.e. Focus on positives not negatives.

  7. #7
    SitePoint Evangelist
    Join Date
    Feb 2009
    Posts
    412
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Mittineague View Post
    Forgive me if I sound harsh, but you want to show that something is not secure based on what you "heard", but can't because it's too secure for you?

    IMHO you should give up on trying to show something else's failings and instead focus on how what you're selling is secure. i.e. Focus on positives not negatives.
    I know it is insecure cause I seen it being hacker before problem is that the person isn't around at the moment and this is pretty critical.

  8. #8
    Chive On FFCus's Avatar
    Join Date
    Feb 2006
    Location
    Connecticut
    Posts
    542
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    For what it's worth, the code you provided doesn't show anything except a form. It doesn't illustrate anything except that you enter a password and click a button that fires the JS function "auto_submit()".

    Not that I think it'll help, but what is the code of that JS function?

  9. #9
    SitePoint Evangelist
    Join Date
    Feb 2009
    Posts
    412
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by FFCus View Post
    For what it's worth, the code you provided doesn't show anything except a form. It doesn't illustrate anything except that you enter a password and click a button that fires the JS function "auto_submit()".

    Not that I think it'll help, but what is the code of that JS function?
    function status_clock() { theTime = window.setTimeout("runClock()", 1000); v - Pastebin.com

    that's the other code, but then is there any other sources of getting access?


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •