Cgi login


I am trying to do a sales demonstration regarding DVR systems and one of the things that is very common about all DVR systems is that they use the exact same login methods as routers do, Netgear, Linksys, etc which is simply CGI scripts. So it would be:


If I try to get into a page without logging in get a blank page, no code. When I hit a wrong username it just refreshes. What I have been told is that CGI isn’t all that difficult to break so I am trying to find a way or any resource of how to bypass the login and manipulate the cameras so I can show this to the customer. Can anyone help? I been checking google but haven’t found anything.

All I know is that they are running BOA 0.94.14rc21 webserver.

Their code for logging in:

                        <td width="110" rowspan="2" align="right"><input type="button" class="btn_login" onclick="auto_submit()" value="LOGIN"></td>

                        <td height="22" class="se"><strong>PASSWORD</strong></td>
                        <td align="center"><input class="i_text01" name="login_pwd" type="password" type="text" size="15" onKeyPress="if(event.keyCode == '13') check_form();"></td>

What are you actually trying to do here? Upload files to a server? Or alter web pages? Or … [sorry if I’m just missing the obvious :slight_smile: ]

So you are doing sales demonstrations of these systems, but need to break in to be able to do this - interesting way of doing business…

I am trying to gain access to the .cgi scripts that control the DVR bypassing the login, so essentially where it says login I can bypass it somehow or at least alter the CGI files somehow without having login credentials or a way for me to figure out the user and password.

well no, i wouldn’t be trying to sell the same system while at the same time trying to demonstrate its lack of security, that be nonsensical. I am trying to show the insecurity of a rival system, we have a different login method.

Forgive me if I sound harsh, but you want to show that something is not secure based on what you “heard”, but can’t because it’s too secure for you?

IMHO you should give up on trying to show something else’s failings and instead focus on how what you’re selling is secure. i.e. Focus on positives not negatives.

I know it is insecure cause I seen it being hacker before problem is that the person isn’t around at the moment and this is pretty critical.

For what it’s worth, the code you provided doesn’t show anything except a form. It doesn’t illustrate anything except that you enter a password and click a button that fires the JS function “auto_submit()”.

Not that I think it’ll help, but what is the code of that JS function?

function status_clock() { theTime = window.setTimeout(“runClock()”, 1000); v -

that’s the other code, but then is there any other sources of getting access?