Rapid7 VulnDB

Binom3 Web Management Login Scanner, Config and Password File Dump

Back to Search

Binom3 Web Management Login Scanner, Config and Password File Dump

Created
05/30/2018

Description

This module scans for Binom3 Multifunctional Revenue Energy Meter and Power Quality Analyzer management login portal(s), and attempts to identify valid credentials. There are four (4) default accounts - 'root'/'root', 'admin'/'1', 'alg'/'1', 'user'/'1'. In addition to device config, 'root' user can also access password file. Other users - admin, alg, user - can only access configuration file. The module attempts to download configuration and password files depending on the login user credentials found.

Author(s)

  • Karn Ganeshen <KarnGaneshen@gmail.com>

Development

References

Module Options

To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

msf > use auxiliary/scanner/http/binom3_login_config_pass_dump
msf auxiliary(binom3_login_config_pass_dump) > show actions
    ...actions...
msf auxiliary(binom3_login_config_pass_dump) > set ACTION < action-name >
msf auxiliary(binom3_login_config_pass_dump) > show options
    ...show and set options...
msf auxiliary(binom3_login_config_pass_dump) > run 

Time is precious, so I don’t want to do something manually that I can automate. Leveraging the Metasploit Framework when automating any task keeps us from having to re-create the wheel as we can use the existing libraries and focus our efforts where it matters.

– Jim O’Gorman | President, Offensive Security

;