Professional Documents
Culture Documents
Lab 897
Lab 897
Lab 897
Level:
Easy
Description:
This module attempts to find d-link devices running alpha networks web interfaces affected by the backdoor
found on the user-agent header for authentication bypassing. This module has been tested successfully on a
dir-100 device with firmware version v1.13.Find the user-agent header.
URL:
Link to Lab
Lab Steps:
Note: (Copy-Paste functions on Kali Machine are to be performed using Clipboard, Clipboard feature can
be used from the floating menu present in the Left Side of the Screen)
3. Once Kali Machine is started, Go to the Menu Option down below , Select Usual Applications,
Accessories and Click on Terminal Emulator.
4. Once Terminal is started , Start Metasploit Framework to find the user agent header.
msfconsole
use auxiliary/scanner/http/dlink_user_agent_backdoor
exploit
You will see that the target is vulnerable to auth bypass from headers.
To complete the Lab paste User-Agent Header in the Submit Answer Field.