Update CVE-2020-16139.md

WIP

documentation/modules/auxiliary/dos/cisco/CVE-2020-16139.md

@@ -1,27 +1,25 @@
 ## Vulnerable Application
 
-  1. Obtain a Cisco 7937G Conference Station.
+  [Cisco 7937G](https://www.cisco.com/c/en/us/support/collaboration-endpoints/unified-ip-conference-station-7937g/model.html) Conference Station.
-  2. Enable Web Access on the device (default configuration).
+  This module has been tested successfully against SCCP-1-4-5-5 and SCCP-1-4-5-7.
-  3. It has been observed that based on the firmware available from Cisco, all version are likely vulnerable.
+ 
+### Description
+ 
+This module exploits a bug in how the conference station handles executing a ping via it's web interface. By repeatedly executing the ping function without clearing out the resulting output, a DoS is caused that will reset the device after a few minutes. 
 
 ## Verification Steps
 
-  1. Start msfconsole
+  1. Obtain a Cisco 7937G Conference Station.
-  2. Do: `use auxiliary/dos/cisco/CVE-2020-16139`
+  2. Enable Web Access on the device (default configuration).
-  3. Do: `set RHOST 192.168.1.10`
+  3. Start msfconsole
-  4. Do: `run`
+  4. Do: `use auxiliary/dos/cisco/CVE-2020-16139`
-  5. The conference station should become inoperable and then power cycle itself.
+  5. Do: `set RHOST 192.168.1.10`
-
+  6. Do: `run`
-## Options
+  7. The conference station should become nonresponsive and then power cycle itself.
-
-  1. rhost (required) - Target addres
 
 ## Scenarios
 
-Because both successful and unsuccessful attacks result in the request timing out, there
+### Cisco 7937G SCCP-1-4-5-7
-is no way to be sure that the attack was completed. It is recommended to attempt a ping
-to the device immediately afterward to verify device is offline/reseting.
-
 ```
 [*] Starting server...
 [*] 192.168.110.209 - Sending DoS packets. Stand by.