module
F5 BIG-IP SSH Private Key Exposure
Disclosed | Created |
---|---|
Jun 11, 2012 | May 30, 2018 |
Disclosed
Jun 11, 2012
Created
May 30, 2018
Description
F5 ships a public/private key pair on BIG-IP appliances that allows
passwordless authentication to any other BIG-IP box. Since the key is
easily retrievable, an attacker can use it to gain unauthorized remote
access as root.
passwordless authentication to any other BIG-IP box. Since the key is
easily retrievable, an attacker can use it to gain unauthorized remote
access as root.
Author
egypt egypt@metasploit.com
Platform
Unix
Architectures
cmd
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.