- Routersploit - Exploitation Framework for Embedded devices

The RouterSploit is an open-source devoted to devices. It includes various modules that aid penetration testing operations:

  • – modules that take advantage of identified vulnerabilities
  • creds – modules designed to test credentials against network services
  • scanners – modules that check if a target is vulnerable to any exploit

Requirements

  • gnureadline (OSX only)
  • requests
  • paramiko
  • beautifulsoup4
  • pysnmp

Installation

[email protected]:~# apt-get install routersploit

Usage Exploits

The routersploit a similar tool like Metasploit, very easy to create more modules. Anyone can extend the tool easily with the help of exploit databases.

To get the code skeleton.

Also Read    p0f – Passive Traffic Analysis OS Fingerprinting and Forensics Penetration Testing Tool.

Checking for Misfortune Cookie :

It is a critical vulnerability which allows an attacker to take remote control of a router connected to the Internet and it can be fixed only by hardware vendors.

[email protected]:~# routersploit
rsf > use exploits/multi/misfortune_cookie
rsf (Misfortune Cookie) > show options

- router1 - Exploitation Framework for Embedded devices

Scanner

Scanner Quickly checks the target is vulnerable to any exploit, here we are to use autopwn scanner which for all vulnerabilities.

rsf use scanner/autopwn
rsf (Autopwn) > show options
rsf (Autopwn) > set target IP
rsf (Autopwn) > run

Exploitation Framework for Embedded devices - RouterSploit  - router3 - Exploitation Framework for Embedded devices

Exploitation Framework for Embedded devices - RouterSploit  - router2 - Exploitation Framework for Embedded devices

CREDS

RouterSploit has various creds modules that can brute force various services, including HTTP, SSH, and Telnet.

Services supported:

  • ftp
  • ssh
  • telnet
  • http basic auth
  • http digest auth
  • http form auth
  • snmp

As like every brute force tool you should prepare a wordlist, every service two modules for reference (ftp_bruteforce,ftp_default)

ftp_default as the name indicates it will check for default credentials and the process will be completed in minutes.

ftp_bruteforce do a dictionary account over single or multiple user accounts with credentials provided in the list.

You can find the video Tutorial in Github page.

  • Author: Reverse Shell
  • License: BSD-3-clause

Also Read



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here