Tin An Ninh Mạng

Có nhà nào dùng TPLINK WR740N/WR740ND không nhỉ? dễ dàng change password nhé.

1489939944shutterstock_hacker.jpg
# Exploit Title: TPLINK WR740N Multiple CSRF Vulnerabilities
# Date: 11/24/2013
# Author: SaMaN( @samanL33T )
# Vendor Homepage: http://tplink.com
# Category: Hardware/Wireless Router
# Firmware Version: 3.16.6 Build 130529 Rel.47286n and below
# Tested on: WR740N/WR740ND (May be possible on other models)
—————————————————

Technical Details
~~~~~~~~~~~~~~~~~~
TPLINK WIreless Router WR740N has a Cross Site Request Forgery Vulnerability in its Web Console. Attacker can easily change Wireless password,Reboot Router,Change Settings by simply making the user visit a CSRF link.

Application uses “HTTP-REFERER” check functionality to check for CSRF attacks. But it can easily be bypassed using the “Referer” parameter with value set to target’s I.P in the GET request.

Exploit Code
~~~~~~~~~~~~~

Change WPA/WPA2 password by CSRF
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#For Changing the Security to Open WEP, simply change “secType” value to 1.

Reboot Router by CSRF
~~~~~~~~~~~~~~~~~~~~~

Factory Reset the Router
~~~~~~~~~~~~~~~~~~~~~~~~


SaMaN
twitter : @samanL33T

Đăng ký liền tay Nhận Ngay Bài Mới

Subscribe ngay

Cám ơn bạn đã đăng ký !

Lỗi đăng ký !

Add Comment

Click here to post a comment

Đăng ký liền tay
Nhận Ngay Bài Mới

Subscribe ngay

Cám ơn bạn đã đăng ký !

Lỗi đăng ký !