VertXploit | Exploiting HID VertX and EDGE access control systems

 by   coldfusion39 Python Version: Current License: MIT

X-RayKey FeaturesCode SnippetsCommunity DiscussionsVulnerabilitiesInstallSupport

kandi X-RAY | VertXploit Summary

kandi X-RAY | VertXploit Summary

VertXploit is a Python library. VertXploit has no bugs, it has no vulnerabilities, it has build file available, it has a Permissive License and it has low support. You can download it from GitHub.

VertXploit is a tool that can be used to exploit HID VertX and EDGE access control systems. A vulnerability exists within the discoveryd service, which fails to sanitize user data before executing system calls. This allows for arbitrary code execution on HID VertX and EDGE access control systems without needing to be authenticated. See the Command Injection section for more information. VertXploit can unlock or lock doors connected to the access control system, download the databases containing all of the provisioned/cached access control cards, and execute arbitrary commands as root on the VertX system, if vulnerable. If the VertX controller's firmware has been recently updated, vertXploit will attempt to unlock or lock the doors through the web console by using the default, or user supplied, username and password.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              VertXploit has a low active ecosystem.
              It has 21 star(s) with 11 fork(s). There are 3 watchers for this library.
              OutlinedDot
              It had no major release in the last 6 months.
              There are 1 open issues and 0 have been closed. On average issues are closed in 836 days. There are no pull requests.
              It has a neutral sentiment in the developer community.
              The latest version of VertXploit is current.

            kandi-Quality Quality

              VertXploit has 0 bugs and 0 code smells.

            kandi-Security Security

              VertXploit has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              VertXploit code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              VertXploit is licensed under the MIT License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              VertXploit releases are not available. You will need to build from source code and install.
              Build file is available. You can build the component from source.
              Installation instructions, examples and code snippets are available.

            Top functions reviewed by kandi - BETA

            kandi has reviewed VertXploit and discovered the below as its top functions. This is intended to give you an instant insight into VertXploit implemented functionality, and help decide if they suit your requirements.
            • Manage door actions
            • Make a web request
            • Downloads the specified database
            • Print a status message
            • Split a string into chunks
            • Print an error message
            • Format the payload
            • Fetch information about a device
            • Discovers device information
            • Send a command to a device
            • Print a warning message
            • Print a good message
            • Parse the Access DB and Access DB entry
            • Send discovery request to Nmap
            • Return a list of Card objects
            • Send a raw command to the server
            • Print error message
            Get all kandi verified functions for this library.

            VertXploit Key Features

            No Key Features are available at this moment for VertXploit.

            VertXploit Examples and Code Snippets

            No Code Snippets are available at this moment for VertXploit.

            Community Discussions

            No Community Discussions are available at this moment for VertXploit.Refer to stack overflow page for discussions.

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install VertXploit

            To download the controller's card databases, run vertXploit with the download action argument and the controller's IP address. The controller must be vulnerable to the command injection vulnerability and you must be able to access the controller's web interface to download the two card databases. The default username 'root' and default password 'pass' are used for web authentication, or you can supply your own with the --username USERNAME and --password PASSWORD arguments.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Reuse Trending Solutions

            build-a-realtime-voice-to-image-generator-using-generative-ai
            build-a-realtime-voice-to-image-generator-using-generative-ai
            Build a Realtime Voice-to-Image Generator using Generative AI
            image-resizing-using-opencv-in-python
            image-resizing-using-opencv-in-python
            Image Resizing using OpenCV in Python
            build-your-own-gpt4all-content-generator
            build-your-own-gpt4all-content-generator
            Build your own Custom GPT Content Generator (Open-Source ChatGPT Alternative)
            validate-an-email-address-in-javascript
            validate-an-email-address-in-javascript
            How to Validate an Email Address in JavaScript
            age-calculator-using-javascript
            age-calculator-using-javascript
            Age Calculator using JavaScript
            addressing-bias-in-ai---toolkit-for-fairness,-explainability-and-privacy
            addressing-bias-in-ai---toolkit-for-fairness,-explainability-and-privacy
            Addressing Bias in AI - Toolkit for Fairness, Explainability and Privacy
            javascript-node-js-payment-processing
            javascript-node-js-payment-processing
            15 best JavaScript Node.js Payment libraries
            build-credit-risk-predictor-using-federated-learning
            build-credit-risk-predictor-using-federated-learning
            Build Credit Risk predictor using Federated Learning
            top-10-javascript-tours-and-guides-libraries-in-2023
            top-10-javascript-tours-and-guides-libraries-in-2023
            10 Best JavaScript Tours and Guides Libraries in 2023
            disease-predictor
            disease-predictor
            Disease Predictor using Pandas & Scikit
            python-face-recognition
            python-face-recognition
            28 best Python Face Recognition libraries

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/coldfusion39/VertXploit.git

          • CLI

            gh repo clone coldfusion39/VertXploit

          • sshUrl

            git@github.com:coldfusion39/VertXploit.git

            • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Open Weaver – Develop Applications Faster with Open Source

            kandi

            Community and Support

            Company

            Follow

            • © 2023 Open Weaver Inc.