Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix better detection of vulnerable router for linksys/eseries_themoon_rce exploit #734

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

bobby753
Copy link

Status

**READY

Description

Better detection of vulnerable router in the exploit routers/linksys/eseries_themoon_rce
The exploit checks whether the returned response code is 200,301 or 302 but some webpages uses custom 404 which makes them look as 200 OK so the exploit assumes the machine is vulnerable but it is not.

Verification

  1. Start ./rsf.py
  2. use exploits/routers/linksys/eseries_themoon_rce
  3. set target 192.168.1.1
  4. check

##Note
My router wasn't vulnerable to it but it returned as vulnnerable even autopwn also returned vulnerable

@bobby753 bobby753 changed the title Better detection of vulnerable router Fix better detection of vulnerable router Mar 17, 2021
@bobby753 bobby753 changed the title Fix better detection of vulnerable router Fix better detection of vulnerable router for linksys/eseries_themoon_rce exploit Mar 17, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

1 participant