+++
title = "Exploiting the SFR Box + (NB6VAC)"
date = "2020-09-11"
author = "Aloïs Micard"
authorTwitter = "" #do not include @
cover = ""
tags = ["Pentest", "Security"]
keywords = ["", ""]
description = ""
showFullContent = false
draft = true
+++

# Enumeration phase

First of all, I have decided to run a simple nmap scan against the box:

```
PORT     STATE SERVICE     VERSION
53/tcp   open  domain      dnsmasq UNKNOWN
80/tcp   open  http        lighttpd
1287/tcp open  routematch?
1288/tcp open  ssh         Dropbear sshd 2014.65 (protocol 2.0)
MAC Address: 60:35:C0:27:C1:58 (SFR)
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernel
```

The scan report has shown 3 interesting services running on the box, lets get more details

## Port 80 (the web-ui)

## Port 1287 (what the hell?)

## Port 1288 (SSH access)

The SSH server running on port 1288 is running on `Dropbear sshd 2014.65`
at this time of writing (2020-09-11) there was no interesting exploit that I could use.