20 comments on “Hacking Ubiquiti AirOS with Metasploit

  1. Hi, nice work!

    I want to enter in a Nanostation M900, i know the user but i dont know the password, is there anyway i can bruteforce it?

    Thanks!

  2. Hello, help please, after entering the run appear “segmentation fault” on exit metasploit.
    how to solve this problem? thanks

    • @Shme, Is your system 32bit or 64 bit. Is your handler setup. You will normally get this error when you don’t have a handler setup. So restart Metasploit and try again. Inform me if the problem persists.

      • @kanishka10 Hi !

        Thanks for the help me !!

        My system kali linux install vmware workstation 12.

        Linux kali 4.6.0-kali-amd64 #1 SMP Debian 4.6.4-1kali1 (2016-07-21) x86_64 GNU/Linux.

        metasploit restart it did not help. the problem persists, run appear “segmentation fault” on exit metasploit.

        Thank you!

  3. I get:
    [*] Uploading /etc/passwd
    [*] Uploading /etc/dropbear/authorized_keys
    [*] Logging in as iebzzgkp
    [+] Logged in as iebzzgkp
    [*] Found shell.
    [*] Command shell session 6 opened (xxx.xxx.xxx.xxx:1033 -> xxx.xxx.xxx.xxx:22) at 2016-12-12 22:17:03 +0200

    [*] 172.30.3.229 – Command shell session 6 closed. Reason: Died from EOFError

    I tried many different targets but I get the same EOFError.

    • @bomberb17, EOF error may occur due to many reasons. Can you just update your Metasploit and try once again.

  4. Where is the module . I cant load exploit ubiquito airos or i know.
    Where i download or how i can install it . Sorry for my english. Tks

  5. Segmentation fault..
    How i can solve this problem.
    and my username and password has been changed i cant login to my device right now

    • Hi Molecule. There are many reasons why this error occurs. They are the exploit does’nt work against your target, the exploit may be f- or a different version, the code of exploit may be wrong, the payload you use may not have an option to create an interactive session and the target configuration is wrong.Check which one you did wrong.

  6. I am having this issue.Please tell me to solve this problem.

    ] Uploading /etc/passwd
    [*] Uploading /etc/dropbear/authorized_keys
    [*] Logging in as hljalwkx
    [-] Exploit failed: NameError uninitialized constant Net::SSH::CommandStream
    [*] Exploit completed, but no session was created.

Leave a Reply

Your email address will not be published. Required fields are marked *