Nmap Development mailing list archives
[NSE] Script for Netgear WNR1000v3 Credential Harvesting Exploit
From: Paul AMAR <aos.paul () gmail com>
Date: Tue, 11 Feb 2014 22:02:29 +0100
Good evening, I developed the NSE script regarding the exploit : *Netgear WNR1000v3 Credential Harvesting Exploit* discovered by c1ph04. This has been released the 26th of January 2014. Here are few references : - http://www.securelist.com/en/advisories/56330 - http://secunia.com/community/advisories/56330 and obviously : http://c1ph04text.blogspot.dk/2014/01/mitrm-attacks-your-middle-or-mine.html I have a Netgear WNR1000 at home so I could try it by myself with the default settings. Command line to launch the script : *./nmap -p80 -n -Pn --script http-vuln-wnr-1000 192.168.1.1 -d* Output : NSE: Script scanning 192.168.1.1. NSE: Starting runlevel 1 (of 1) scan. NSE: Starting http-vuln-wnr-1000 against 192.168.1.1:80. Initiating NSE at 21:49 NSE: username : admin NSE: password : password NSE: Finished http-vuln-wnr-1000 against 192.168.1.1:80. Completed NSE at 21:49, 0.27s elapsed Cheers, Paul A.
Attachment:
http-vuln-wnr-1000.nse
Description:
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Script for Netgear WNR1000v3 Credential Harvesting Exploit Paul AMAR (Feb 11)
- Re: [NSE] Script for Netgear WNR1000v3 Credential Harvesting Exploit Paul AMAR (Mar 14)