Exploitation

RouterSploit – Router Exploitation Framework

Posted on

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices.

Requirements

  • gnureadline
  • requests
  • paramiko
  • beautifulsoup4

Installation

sudo apt-get install python-requests python-paramiko python-netsnmp
git clone https://github.com/reverse-shell/routersploit
./rsf.py

RouterSploit consists of various modules that aids penetration testing operations:

 

  • exploits

    modules that take advantage of identified vulnerabilities

    RouterSploit currently supports limited number of exploits out of the box but they can be extended easily from popular exploit database sites online. Creating Routesploit modules is very easy so that everyone can contribute to this excellent project.  Full process is described in RouterSploit Wiki.  In the wiki you can find a code skeleton and all the necessary classes for module development. Detailed process of creating RouterSploit modules is described through a very helpful example. Hopefully, over time, and through public contribution, this promising project will grow to become one of the best tools for home router security auditing.

    The exploit stage in RouterSploit works pretty similar to Metasploit, with all familiar exploit configuration sections and running steps in the process of your security analysis. Anyone who worked with Metasploit, or even just started it, will find himself at home with RouterSploit. Picking the desired exploit, eased with command completion leads to exploit configuration section after which we run our exploit. RouterSploit also provide info about the exploits and the short description. It is also possible to check if the target is vulnerable to particular exploit, before you start the exploitation process.

 

  • creds

    Modules designed to test credentials against network services

    Modules located under creds/ directory allow running dictionary attacks against various network services.

    Following services are currently supported:

    • ftp
    • ssh
    • telnet
    • http basic auth
    • http form auth
    • snmp

    Every service has been divided into two modules:

    • default (e.g. ssh_default) – this kind of modules use one wordlist with default credentials pairs login:password. Module can be quickly used and in matter of seconds verify if the device uses default credentials.
    • bruteforce (e.g. ssh_bruteforce) – this kind of modules perform dictionary attacks against specified account or list of accounts. It takes two parameters login and password. These values can be a single word (e.g. ‘admin’) or entire list of strings (file:///root/users.txt).

 

  • scanners

    Modules that check if target is vulnerable to any exploit

    Scanners allow quickly verify if the target is vulnerable to any exploits.

    Pick module

    rsf > use scanners/dlink_scan
rsf (D-Link Scanner) > show options

    After you set the target, RouterSploit will test your target and verify target vulnerability testingby  all available exploits for the specific target group.

 

 

Related Items:, , , ,

Recommended for you

To Top

Pin It on Pinterest

Share This