From 1a904ccf7dbe96ed07611e12a67800b0ca432ee6 Mon Sep 17 00:00:00 2001
From: m-1-k-3 <github@s3cur1ty.de>
Date: Sun, 19 May 2013 20:37:46 +0200
Subject: [PATCH] tftp download

---
 modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb b/modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb
index 411460112d..eb7751b1c5 100644
--- a/modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb
+++ b/modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb
@@ -23,7 +23,8 @@ class Metasploit3 < Msf::Exploit::Remote
 					Some Linksys Routers are vulnerable to an authenticated OS command injection.
 				Default credentials for the web interface are admin/admin or admin/password. Since
 				it is a blind os command injection vulnerability, there is no output for the
-				executed command when using the cmd generic payload. A ping command against a
+				executed command when using the cmd generic payload. This module was tested on a 
+				Linksys WRT160n version 2 - firmware version v2.0.03. A ping command against a
 				controlled system could be used for testing purposes. The exploit uses the tftp
 				client from the device to download the payload.
 			},