diff --git a/content/posts/exploiting-sfr-box.md b/content/posts/exploiting-sfr-box.md
new file mode 100644
index 0000000..1d02829
--- /dev/null
+++ b/content/posts/exploiting-sfr-box.md
@@ -0,0 +1,37 @@
++++
+title = "Exploiting the SFR Box + (NB6VAC)"
+date = "2020-09-11"
+author = "Aloïs Micard"
+authorTwitter = "" #do not include @
+cover = ""
+tags = ["Pentest", "Security"]
+keywords = ["", ""]
+description = ""
+showFullContent = false
+draft = true
++++
+
+# Enumeration phase
+
+First of all, I have decided to run a simple nmap scan against the box:
+
+```
+PORT     STATE SERVICE     VERSION
+53/tcp   open  domain      dnsmasq UNKNOWN
+80/tcp   open  http        lighttpd
+1287/tcp open  routematch?
+1288/tcp open  ssh         Dropbear sshd 2014.65 (protocol 2.0)
+MAC Address: 60:35:C0:27:C1:58 (SFR)
+Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
+```
+
+The scan report has shown 3 interesting services running on the box, lets get more details
+
+## Port 80 (the web-ui)
+
+## Port 1287 (what the hell?)
+
+## Port 1288 (SSH access)
+
+The SSH server running on port 1288 is running on `Dropbear sshd 2014.65`
+at this time of writing (2020-09-11) there was no interesting exploit that I could use.