infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tftp download

unstable
m-1-k-3 2013-05-19 20:37:46 +02:00
parent aee5b02f65
commit 1a904ccf7d
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
modules/exploits/linux/http/linksys_wrt160nv2_apply_exec.rb
View File

@ -23,7 +23,8 @@ class Metasploit3 < Msf::Exploit::Remote
Some Linksys Routers are vulnerable to an authenticated OS command injection.
Default credentials for the web interface are admin/admin or admin/password. Since
it is a blind os command injection vulnerability, there is no output for the
executed command when using the cmd generic payload. A ping command against a
executed command when using the cmd generic payload. This module was tested on a
Linksys WRT160n version 2 - firmware version v2.0.03. A ping command against a
controlled system could be used for testing purposes. The exploit uses the tftp
client from the device to download the payload.
},