Home page logo

nmap-dev logo Nmap Development mailing list archives

Re: [NSE] Script for Netgear WNR1000v3 Credential Harvesting Exploit
From: Paul AMAR <aos.paul () gmail com>
Date: Fri, 14 Mar 2014 16:24:09 +0100

Hi there,

Did you think about adding this to the current revision ?


2014-02-11 22:02 GMT+01:00 Paul AMAR <aos.paul () gmail com>:

Good evening,

I developed the NSE script regarding the exploit : *Netgear WNR1000v3
Credential Harvesting Exploit* discovered by c1ph04.
This has been released the 26th of January 2014.

Here are few references :

- http://www.securelist.com/en/advisories/56330
- http://secunia.com/community/advisories/56330
and obviously :

I have a Netgear WNR1000 at home so I could try it by myself with the
default settings.
Command line to launch the script :

*./nmap -p80 -n -Pn --script http-vuln-wnr-1000 -d*

Output :

NSE: Script scanning
NSE: Starting runlevel 1 (of 1) scan.
NSE: Starting http-vuln-wnr-1000 against
Initiating NSE at 21:49
NSE: username : admin
NSE: password : password
NSE: Finished http-vuln-wnr-1000 against
Completed NSE at 21:49, 0.27s elapsed

Paul A.

Sent through the dev mailing list
Archived at http://seclists.org/nmap-dev/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]