Learning how to use exploit in BT4

Printable View

05-16-2010, 12:49 PM
edi318

Learning how to use exploit in BT4

Hi there,

at first i want to ask you to point any part of this text that you can't understand. English is not my language but i try my best to communicate with you.

I have router Sagem Fast, BT4 and EW-7318USg card. Succesfully cracked WEP and wanted to learn something new.

On milworm i found this Sagem Routers F@ST Remote CSRF Exploit

I copied text and saved as dhcpattack.py, changed eth0 to wlan0, installed scapy library, but still it doesn't work and i got the message that "Ether isn't defined"

Is the problem with library or should i change some options in router soft first?

Thanks for any help

bump with addition data.

This is what i got after typing

Code:

python dhcpattack.py -i wlan0 -t 192.168.1.1 -p "<IFRAME height=0 width=0 src='http://192.168.1.1/restoreinfo.cgi'></IFRAME>"

Code:

V: � Starting.... Traceback (most recent call last): File "dhcpattack.py", line 203, in <module> ether = Ether(src= srcmac,dst="ff:ff:ff:ff:ff:ff") NameError: name 'Ether' is not defined
05-17-2010, 12:02 PM
crweedon

Re: Learning how to use exploit in BT4

i think it's saying that the ethernet frame type is not defined, i didn't look to closely at the exploit code but check for fields to input the mac addys for your router, interface and general tcp packet/arp info
05-17-2010, 12:31 PM
Gitsnik

Re: Learning how to use exploit in BT4

Quote:

Originally Posted by crweedon

i think it's saying that the ethernet frame type is not defined

The perl programmer in me is reading that error message more along the lines that Ether() is not defined, probably that scapy is not properly loaded in fact. Could be wrong.
05-17-2010, 12:57 PM
purehate

Re: Learning how to use exploit in BT4

I agree with Gitsnik, Looks like Scapy is not properly loading the mac addy of the adapter so there fore Ether remains undefined.
05-18-2010, 07:12 PM
edi318

Re: Learning how to use exploit in BT4

thanks guys.

Indeed the problem was with scapy.

I changed the line

Code:

from scapy import *

to

Code:

from scapy.all import *

bacause i found that scapy devs changed that import command in newest version.

After that everything worked like a miracle.
05-20-2010, 12:49 AM
crweedon

Re: Learning how to use exploit in BT4

well done, that'll teach me to ctrl-f the code instead of just reading through it. thank you guys for the correction, like i said, i didn't look to closely at the code