Hey folks Cisco posted this command to check whether an instance is vulnerable to the new 0day what does this command do? More specifically does it log the user out of the device or does it confirm the log out? (I know it fetches the hex value)
curl -k -X POST "https[:]//DEVICEIP/webui/logoutconfirm.html?logon_hash=1"
read indicator of compromise section, it explains what this command does for your network to identify presence of implant exploiting the vulnerability.
-hope this helps-
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.