From 86cd52ae4b2fbf498f898d8504af2aaa218b652a Mon Sep 17 00:00:00 2001
From: William Vu <William_Vu@rapid7.com>
Date: Fri, 2 Mar 2018 04:39:17 -0600
Subject: [PATCH] Update doc with real info

---
 .../linux/telnet/netgear_telnetenable.md      | 38 ++++++++++++++++++-
 1 file changed, 36 insertions(+), 2 deletions(-)

diff --git a/documentation/modules/exploit/linux/telnet/netgear_telnetenable.md b/documentation/modules/exploit/linux/telnet/netgear_telnetenable.md
index 6b95f4e5b7..0753bf20d1 100644
--- a/documentation/modules/exploit/linux/telnet/netgear_telnetenable.md
+++ b/documentation/modules/exploit/linux/telnet/netgear_telnetenable.md
@@ -8,8 +8,9 @@ There are many devices which contain this daemon, for a full list see [OpenWrt](
 
 This module has been successfully tested against:
 
- - N300 WNR2000 v3
-
+ - AC1450 in whatever version I bought it with (TCP)
+ - AC1450 latest V1.0.0.36_10.0.17 (UDP)
+ - N300 WNR2000 v3 (TCP)
 
 ## Setup
 
@@ -18,6 +19,39 @@ A MAC address is required for exploitation.  To determine the MAC address of the
 1. Ping the device to force an ARP lookup: ```ping -c 1 [IP]```
 2. Get the MAC: ```arp -an [IP]```
 
+## Targets
+
+**0 (TCP)**
+
+Older devices usually listen on TCP.
+
+**1 (UDP)**
+
+Newer devices usually listen on UDP.
+
+## Options
+
+**MAC**
+
+Set this to the MAC address of the device. You can use `ping` and `arp`
+to find it.
+
+**USERNAME**
+
+If this is an older device, it'll take the value of `super_username` in
+`nvram`. `Gearguy` is usually correct.
+
+If this is a newer device, it'll take the web UI username, which is
+usually unchanged from `admin`.
+
+**PASSWORD**
+
+If this is an older device, it'll take the value of `super_passwd` in
+`nvram`. `Geardog` is usually correct.
+
+If this is a newer device, it'll take the web UI password, which is
+usually unchanged from `password`.
+
 ## Exploitation 
 
 1. Make sure you have a vulnerable device