The following Screenshots show how the TwonkyMedia Server can now be used to access all If successfull you could be able to take over the NAS device PHPSESSID cookie file discovery, the script will automatically test them against the WD api,.give you the ability to browse through all directories on the target.collect some information on the target (e.g.If a Keyword is discovered the line will be colored "RED".To browse through directories use "/" as delimiter, e.g.To /./ that allows from now on the discovery, indexing and download of all media files available on theĭevice and connected peripherals, e.g. Running twonky.py, will set the contentbase Parameter for the TwonkyMedia Server You're ready to go! Example usage twonky.py Media files in a variety of ways, and to “beam” those media files to other connected devices." -extract from Previous similar vulnerabilities Twonky Server’s web UI provides optimal capability for you to easily and reliably control and play back your for PCs/Macs) or an embedded server for devices such as NAS, routers/gateways and STBs. Twonky Server is used worldwide and is available as a standalone server Twonky Server is the industry leading DLNA/UPnP Media Server from Lynx Technology that enables sharing media contentīetween connected devices. Photos and music in your home, control them from mobile devices, and enjoy them on connected screens and speakers. "With Twonky from Lynx Technology, you can quickly discover your media libraries of digital videos, If successfull thisĬookies value could be used to take over the WD NAS device.ĭownloadFiles.py (experimental) can be used to perform bulk downloads of TwonkyMedia Server indexedĭirectories. Also, if a PHPSESSID cookie is discovered (usually in /tmp/ĭirectory) a check against the Western Digital Api is executed automatically. Furthermore, interesting system information Twonky.py can be used to comfortably browse devices running TwonkyMedia Server.Īlso, a feature is implemented which checks file and directory names against a built-inĮxtensible wordlist for keywords e.g. Security advisory released About the PoC's Responsibility to obey all applicable local, state and federal laws. Running twonky.py for attacking targets without prior mutual consent is illegal. The author will not be held responsible in the event any criminalĬharges be brought against any individuals misusing the information in this repository to break the law. Responsibility.The misuse of the information in this repository can result in criminal charges broughtĪgainst the persons in question. DisclaimerĪny actions and or activities related to the material contained within this repository is solely your Please make sure to switch off or protect your TwonkyMedia Server with a password, because noįix for this vulnerability is available. If your devices are affected by this vulnerability, expect all files on your device as no longer The TwonkyMedia Server accessible public. Your router may automatically forward the UPnP port (e.g. This is due to the fact that TwonkyMedia Server is pre-installed on Maybe you don't know that TwonkyMedia Server is running on your device nor you know that it'sĮxposed in the internet. Since a huge amount, around 24'000 TwonkyMedia Server instances rarely protected by a password,Īre reachable via the internet the researcher decided to publish this vulnerability. Not be protected by a password (which is the default setup). To exploit this vulnerability TwonkyMedia Server must List all files located on the device, that is running the TwonkyMedia Server platform independent.įurthermore, an attacker is able to download all media files (pictures, videos, and music) fromĪ device after exploiting this vulnerability. Exploiting this vulnerability allows an attacker to (and more)ĬVE-2018-7171 represents a directory/file traversal vulnerability in TwonkyMedia Server This is a GitHub repository keeping all relevant information about CVE-2018-7171. SharingIsCaring TwonkyMedia Server Pwnd CVE-2018-7171 Background information
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |