Update doc with real info

2018-03-02 04:39:17 -06:00 · 2018-03-02 04:39:17 -06:00 · 86cd52ae4b
parent 7505e0e831
commit 86cd52ae4b
1 changed files with 36 additions and 2 deletions
--- a/documentation/modules/exploit/linux/telnet/netgear_telnetenable.md
+++ b/documentation/modules/exploit/linux/telnet/netgear_telnetenable.md
@ -8,8 +8,9 @@ There are many devices which contain this daemon, for a full list see [OpenWrt](

 This module has been successfully tested against:

- - N300 WNR2000 v3
-
+ - AC1450 in whatever version I bought it with (TCP)
+ - AC1450 latest V1.0.0.36_10.0.17 (UDP)
+ - N300 WNR2000 v3 (TCP)

 ## Setup

@ -18,6 +19,39 @@ A MAC address is required for exploitation.  To determine the MAC address of the
 1. Ping the device to force an ARP lookup: ```ping -c 1 [IP]```
 2. Get the MAC: ```arp -an [IP]```

+## Targets
+
+**0 (TCP)**
+
+Older devices usually listen on TCP.
+
+**1 (UDP)**
+
+Newer devices usually listen on UDP.
+
+## Options
+
+**MAC**
+
+Set this to the MAC address of the device. You can use `ping` and `arp`
+to find it.
+
+**USERNAME**
+
+If this is an older device, it'll take the value of `super_username` in
+`nvram`. `Gearguy` is usually correct.
+
+If this is a newer device, it'll take the web UI username, which is
+usually unchanged from `admin`.
+
+**PASSWORD**
+
+If this is an older device, it'll take the value of `super_passwd` in
+`nvram`. `Geardog` is usually correct.
+
+If this is a newer device, it'll take the web UI password, which is
+usually unchanged from `password`.
+
 ## Exploitation 

 1. Make sure you have a vulnerable device