Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix better detection of vulnerable router for linksys/eseries_themoon_rce exploit #734

Merged
merged 2 commits into from
May 19, 2024

Conversation

bobby753
Copy link
Contributor

Status

**READY

Description

Better detection of vulnerable router in the exploit routers/linksys/eseries_themoon_rce
The exploit checks whether the returned response code is 200,301 or 302 but some webpages uses custom 404 which makes them look as 200 OK so the exploit assumes the machine is vulnerable but it is not.

Verification

  1. Start ./rsf.py
  2. use exploits/routers/linksys/eseries_themoon_rce
  3. set target 192.168.1.1
  4. check

##Note
My router wasn't vulnerable to it but it returned as vulnnerable even autopwn also returned vulnerable

@bobby753 bobby753 changed the title Better detection of vulnerable router Fix better detection of vulnerable router Mar 17, 2021
@bobby753 bobby753 changed the title Fix better detection of vulnerable router Fix better detection of vulnerable router for linksys/eseries_themoon_rce exploit Mar 17, 2021
@lucyoa lucyoa merged commit 59b6159 into threat9:master May 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants