Skip to content

R
routersploit
Switch branch/tag
Find file
BlameHistoryPermalink
test_dsl_2750b_rce.py 1.03 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 
from unittest import mock
from routersploit.modules.exploits.routers.dlink.dsl_2750b_rce import Exploit


@mock.patch("routersploit.modules.exploits.routers.dlink.dsl_2750b_rce.shell")
def test_check_success(mocked_shell, target):
    """ Test scenario - successful exploitation """

    route_mock1 = target.get_route_mock("/login.cgi", methods=["GET"])
    route_mock1.return_value = (
        "TEST"
    )

    route_mock2 = target.get_route_mock("/ayefeaturesconvert.js", methods=["GET"])
    route_mock2.return_value = (
        """
        (..)
        var AYECOM_PRIVATE="private";
        var AYECOM_AREA="EU";
        var AYECOM_FWVER="1.01";
        var AYECOM_HWVER="D1";
        var AYECOM_PRIVATEDIR="private";
        var AYECOM_PROFILE="DSL-2750B";
        var FIRST_HTML="";
        var BUILD_GUI_VERSIOIN_EU="y";
        // BUILD_GUI_VERSIOIN_AU is not s
        (..)
        """
    )

    exploit = Exploit()
    exploit.target = target.host
    exploit.port = target.port

    assert exploit.check()
    assert exploit.run() is None