LeakIX - Host c60671a588d122101e4808db.keenetic.io

Domain c60671a588d122101e4808db.keenetic.io

Russia

JSC Selectel

Vulnerable HiSilicon family DVR

This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).

Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device

IP: 185.162.93.96
Domain: c60671a588d122101e4808db.keenetic.io
Port: 80
URL: http://c60671a588d122101e4808db.keenetic.io

First seen 2023-09-23 06:58
- Severity: high
  Fingerprint: 321975614123c6c05f83e99bf30ea5eb22cca46022cca46022cca46022cca460
```
Found HiSiliconDVR firmware:
Hardware: General AHB7008T-MHV2
Vulnerable to multiple issues : LFI, possibly RCE
```
  Found on 2023-09-23 06:58
Create report

Open service 2a00:ab00:1103:20::50:8443 · c60671a588d122101e4808db.keenetic.io

2024-09-08 22:10

HTTP/1.1 403 Forbidden
Server: NDM NDNS
Date: Sun, 08 Sep 2024 22:10:22 GMT
Content-Type: text/html
Content-Length: 975
Cache-Control: no-store, no-cache, max-age=0, private
X-Detail: Unclassified (0x34)
Set-Cookie: X-Detail=403 52; max-age=300
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">

<head>

  <base href="https://static.keenetic.net/kdns201/"/>

  <link rel="shortcut icon" href="favicon.ico" />
  <link rel="stylesheet" href="style.css" />
  <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&amp;subset=cyrillic" />
  <meta charset="utf-8" />
  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
  <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" />
  <meta http-equiv="Content-Security-Policy" content="
		default-src 'self' https://static.keenetic.net/kdns201/ ; 
		style-src 'self' 'unsafe-inline' https: ; 
		font-src 'self' https: ; 
		img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ;
		script-src 'self' https://static.keenetic.net/kdns201/  ;
	" />
  <script defer src="script.js"></script>
  <title>Error</title>
</head>

<body>
  <noscript>403</noscript>
  <main class="template" />
</body>

</html>

Found 2024-09-08 by HttpPlugin

Create report

Open service 95.213.212.50:443 · c60671a588d122101e4808db.keenetic.io

2024-09-08 22:10

HTTP/1.1 403 Forbidden
Server: Web server
Date: Sun, 08 Sep 2024 22:10:13 GMT
Content-Type: text/html
Content-Length: 553
Connection: close
X-Detail: 0x1284, no service

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>Web server</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->

Found 2024-09-08 by HttpPlugin

Create report

Open service 185.162.93.96:443 · c60671a588d122101e4808db.keenetic.io

2024-09-08 22:10

HTTP/1.1 403 Forbidden
Server: Web server
Date: Sun, 08 Sep 2024 22:10:12 GMT
Content-Type: text/html
Content-Length: 553
Connection: close
X-Detail: 0x1284, no service

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>Web server</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->

Found 2024-09-08 by HttpPlugin

Create report

Open service 2a00:ab00:1103:20::50:443 · c60671a588d122101e4808db.keenetic.io

2024-09-08 22:10

HTTP/1.1 403 Forbidden
Server: Web server
Date: Sun, 08 Sep 2024 22:10:21 GMT
Content-Type: text/html
Content-Length: 553
Connection: close
X-Detail: 0x1284, no service

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>Web server</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->

Found 2024-09-08 by HttpPlugin

Create report

Open service 185.162.93.96:8443 · c60671a588d122101e4808db.keenetic.io

2024-09-08 22:10

HTTP/1.1 403 Forbidden
Server: NDM NDNS
Date: Sun, 08 Sep 2024 22:10:14 GMT
Content-Type: text/html
Content-Length: 975
Cache-Control: no-store, no-cache, max-age=0, private
X-Detail: Unclassified (0x33)
Set-Cookie: X-Detail=403 51; max-age=300
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">

<head>

  <base href="https://static.keenetic.net/kdns201/"/>

  <link rel="shortcut icon" href="favicon.ico" />
  <link rel="stylesheet" href="style.css" />
  <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&amp;subset=cyrillic" />
  <meta charset="utf-8" />
  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
  <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" />
  <meta http-equiv="Content-Security-Policy" content="
		default-src 'self' https://static.keenetic.net/kdns201/ ; 
		style-src 'self' 'unsafe-inline' https: ; 
		font-src 'self' https: ; 
		img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ;
		script-src 'self' https://static.keenetic.net/kdns201/  ;
	" />
  <script defer src="script.js"></script>
  <title>Error</title>
</head>

<body>
  <noscript>403</noscript>
  <main class="template" />
</body>

</html>

Found 2024-09-08 by HttpPlugin

Create report

Open service 95.213.212.50:8443 · c60671a588d122101e4808db.keenetic.io

2024-09-08 22:10

HTTP/1.1 403 Forbidden
Server: NDM NDNS
Date: Sun, 08 Sep 2024 22:10:14 GMT
Content-Type: text/html
Content-Length: 975
Cache-Control: no-store, no-cache, max-age=0, private
X-Detail: Unclassified (0x33)
Set-Cookie: X-Detail=403 51; max-age=300
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">

<head>

  <base href="https://static.keenetic.net/kdns201/"/>

  <link rel="shortcut icon" href="favicon.ico" />
  <link rel="stylesheet" href="style.css" />
  <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&amp;subset=cyrillic" />
  <meta charset="utf-8" />
  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
  <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" />
  <meta http-equiv="Content-Security-Policy" content="
		default-src 'self' https://static.keenetic.net/kdns201/ ; 
		style-src 'self' 'unsafe-inline' https: ; 
		font-src 'self' https: ; 
		img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ;
		script-src 'self' https://static.keenetic.net/kdns201/  ;
	" />
  <script defer src="script.js"></script>
  <title>Error</title>
</head>

<body>
  <noscript>403</noscript>
  <main class="template" />
</body>

</html>

Found 2024-09-08 by HttpPlugin

Create report

Open service 2a03:21c0:0:227::96:443 · c60671a588d122101e4808db.keenetic.io

2024-09-08 22:10

HTTP/1.1 403 Forbidden
Server: Web server
Date: Sun, 08 Sep 2024 22:10:21 GMT
Content-Type: text/html
Content-Length: 553
Connection: close
X-Detail: 0x1284, no service

Page title: 403 Forbidden

<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>Web server</center>
</body>
</html>
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->

Found 2024-09-08 by HttpPlugin

Create report

Open service 2a03:21c0:0:227::96:8443 · c60671a588d122101e4808db.keenetic.io

2024-09-08 22:10

HTTP/1.1 403 Forbidden
Server: NDM NDNS
Date: Sun, 08 Sep 2024 22:10:22 GMT
Content-Type: text/html
Content-Length: 975
Cache-Control: no-store, no-cache, max-age=0, private
X-Detail: Unclassified (0x34)
Set-Cookie: X-Detail=403 52; max-age=300
Connection: close

Page title: Error

<!DOCTYPE html>
<html lang="en">

<head>

  <base href="https://static.keenetic.net/kdns201/"/>

  <link rel="shortcut icon" href="favicon.ico" />
  <link rel="stylesheet" href="style.css" />
  <link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Roboto+Condensed:400,700&amp;subset=cyrillic" />
  <meta charset="utf-8" />
  <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" />
  <meta http-equiv="Referrer-Policy" content="origin-when-cross-origin" />
  <meta http-equiv="Content-Security-Policy" content="
		default-src 'self' https://static.keenetic.net/kdns201/ ; 
		style-src 'self' 'unsafe-inline' https: ; 
		font-src 'self' https: ; 
		img-src 'self' data: 'unsafe-eval' 'unsafe-inline' https: ;
		script-src 'self' https://static.keenetic.net/kdns201/  ;
	" />
  <script defer src="script.js"></script>
  <title>Error</title>
</head>

<body>
  <noscript>403</noscript>
  <main class="template" />
</body>

</html>

Found 2024-09-08 by HttpPlugin

Create report

*.keenetic.iokeenetic.io

Fingerprint:

cb9674aca44e34729379c9758dd3a2755eba50069c72967503963481c6c5098c

CN:

keenetic.io

Key:

ECDSA-384

Issuer:

Not before:

2024-06-23 10:17

Not after:

2024-09-21 10:17

*.c60671a588d122101e4808db.keenetic.ioc60671a588d122101e4808db.keenetic.io

Fingerprint:

9eb3b4730d7c413d6fa7e8034251a555acec20173eddf1d7966c290be4ef1494

CN:

c60671a588d122101e4808db.keenetic.io

Key:

RSA-2048

Issuer:

R10

Not before:

2024-09-08 21:11

Not after:

2024-12-07 21:11

*.keenetic.iokeenetic.io

Fingerprint:

d38d6b81201db03d4822ca294b8f0ab54e322c8b53da0bc100ea1f4da69557fc

CN:

keenetic.io

Key:

ECDSA-384

Issuer:

Not before:

2024-08-29 08:55

Not after:

2024-11-27 08:55

Domain summary

c60671a588d122101e4808db.keenetic.io 8

1 recorded

IP summary

2a00:ab00:1103:20::50 1 95.213.212.50 1 185.162.93.96 1 2a03:21c0:0:227::96 1

4 recorded

Domain c60671a588d122101e4808db.keenetic.io

Russia

Vulnerable HiSilicon family DVR

*.keenetic.iokeenetic.io

*.c60671a588d122101e4808db.keenetic.ioc60671a588d122101e4808db.keenetic.io

*.keenetic.iokeenetic.io

Domain summary

IP summary