CVE-2019-13101 PoC — D-Link DIR-600M 访问控制错误漏洞

Source

https://github.com/halencarjunior/dlkploit600

Associated Vulnerability

Title:D-Link DIR-600M 访问控制错误漏洞 (CVE-2019-13101)
Description:D-Link DIR-600M是中国台湾友讯（D-Link）公司的一款无线路由器。 D-Link DIR-600M中存在访问控制错误漏洞，该漏洞源于用户无需身份验证便可直接访问wan.htm文件。攻击者可利用该漏洞泄露信息或更改页面的数据字段。

Description

Simple Python script for D-Link vulnerability scan and test [CVE-2019-13101]

Readme

# DLKPloiT600.py
Simple Python script for D-Link vulnerability scan and test 

- [CVE-2019-13101]
- (https://nvd.nist.gov/vuln/detail/CVE-2019-13101)
- (https://www.cvedetails.com/cve/CVE-2019-13101/)
- (https://us.dlink.com/en/security-advisory)
- (https://www.dlink.com/en/security-bulletin)


[![License: GPL v3](https://img.shields.io/badge/License-GPL%20v3-blue.svg)](http://www.gnu.org/licenses/gpl-3.0)

## Requirements:

- python3.x
- requests

  * $ pip install -r requirements.txt

## Usage:

$ python3 dlkploit600.py -H [target] --range [ip-range] -p [port] [OPTIONS]

Options:

-H, --host
-s, --scan
--range (Use this format: 192.168.0.1-254)
-r --scannerdlrange


help, --help, -h

File Snapshot


 [4.0K]  /data/pocs/922bd6bad2b52917cdbd10b5bbbab13df2642fce
├── [3.4K]  dlkploit600.py
├── [ 270]  ip.py
├── [ 34K]  LICENSE
├── [ 694]  README.md
└── [   8]  requirements.txt

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!