readme ;)

README.md

@@ -1 +1,58 @@
-# APCUPS
+# APC UPS/USV
+
+## APCUPSD Information Leak
+
+### What is it?
+
+This script abuses an unauthenticated information leak in the apcupsd daemon. 
+The apcupsd daemon is part of the APC UPS/USV chain, it's job is to shutdown or keep your
+servers surviving, as long as it has battery power left.
+
+### What information can be gathered?
+
+* Operating System
+* Version of APCUPSD
+* Battery Status
+* SerialNumber
+* Firmware Version
+* USV Model
+* Shutdown times
+
+and some more :)
+
+### Usage
+
+There are two different supported modes in the daemon. Those are:
+* status 
+* events
+
+While status have detailed information about the daemon and its configuration itself, events covers power failures and alike.
+
+./apcupsd_disclosure.py -h
+usage: apcupsd_disclosure.py 0.1 dash@undisclose.de June 2019
+       [-h] [-m MODE] -t TARGET [-p PORT]
+
+Lil' tool for Information Disclosure of apcupsd
+
+optional arguments:
+  -h, --help            show this help message and exit
+  -m MODE, --mode MODE  define the mode, two modes exist: "status" and
+                        "events", default is "status"
+  -t TARGET, --target TARGET
+                        define the target
+  -p PORT, --port PORT  define the target port
+
+Get the status information (you do not need the -m option as status is default):
+./apcupsd_disclosure.py -t 127.0.0.1 -m status
+
+Get the events:
+./apcupsd_disclosure.py -t 127.0.0.1 -m events
+
+### Shodan
+
+Search: https://www.shodan.io/search?query=port%3A3551
+Result: 26,000
+
+## Disclaimer
+
+Don't do evil.