Thunderstorm - Modular Framework To Exploit UPS Devices | Hacking Tools | Crax

Welcome To Crax.Pro Forum!

Check our new Marketplace at Crax.Shop

   Login! SignUp Now!
  • We are in solidarity with our brothers and sisters in Palestine. Free Palestine. To learn more visit this Page

  • Crax.Pro domain has been taken down!

    Alternatives: Craxpro.io | Craxpro.com

  • We have removed the leak section from the forum due to Ramadan.

Thunderstorm - Modular Framework To Exploit UPS Devices

Thunderstorm - Modular Framework To Exploit UPS Devices

LV
1
 

Flamengo

Member
Joined
Feb 3, 2023
Threads
15
Likes
12
Awards
4
Credits
1,898©
Cash
0$
1678459153419
hunderstorm is a modular framework to exploit UPS devices.

For now, only the CS-141 and NetMan 204 exploits will be available. The beta version of the framework will be released on the future.

CVE​

Thunderstorm is currently capable of exploiting the following CVE:

  • CVE-2022-47186 – Unrestricted file Upload # [CS-141]
  • CVE-2022-47187 – Cross-Site Scripting via File upload # [CS-141]
  • CVE-2022-47188 – Arbitrary local file read via file upload # [CS-141]
  • CVE-2022-47189 – Denial of Service via file upload # [CS-141]
  • CVE-2022-47190 – Remote Code Execution via file upload # [CS-141]
  • CVE-2022-47191 – Privilege Escalation via file upload # [CS-141]
  • CVE-2022-47192 – Admin password reset via file upload # [CS-141]
  • CVE-2022-47891 – Admin password reset # [NetMan 204]
  • CVE-2022-47892 – Sensitive Information Disclosure # [NetMan 204]
  • CVE-2022-47893 – Remote Code Execution via file upload # [NetMan 204]

Requirements​

  • Python 3
  • Install requirements.txt

Download​

It is recommended to clone the complete repository or download the zip file. You can do this by running the following command:

git clone https://github.com/JoelGMSec/Thunderstorm
Also, you probably need to download the original and the custom firmware. You can download all requirements from here: https://darkbyte.net/links/thunderstorm.php

Usage​

- To be disclosed
  • To be disclosed

License​

This project is licensed under the GNU 3.0 license - see the LICENSE file for more details.

Credits and Acknowledgments​

This tool has been created and designed from scratch by Joel Gámez Molina // @JoelGMSec

Contact​

This software does not offer any kind of guarantee. Its use is exclusive for educational environments and / or security audits with the corresponding consent of the client. I am not responsible for its misuse or for any possible damage caused by it.

For more information, you can find me on Twitter as @JoelGMSec and on my blog darkbyte.net.


Link:
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Tips
Tips

Similar threads

Top Bottom