The RouterSploit Framework is an open-source exploitation framework devoted to embedded devices. It includes various modules that aid penetration testing operations:

  • exploits – modules that take advantage of identified vulnerabilities
  • creds – modules designed to test credentials against network services
  • scanners – modules that check if a target is vulnerable to any exploit

Requirements

  • gnureadline (OSX only)
  • requests
  • paramiko
  • beautifulsoup4
  • pysnmp

Installation

[email protected]:~# apt-get install routersploit

Usage Exploits

The routersploit a similar tool like Metasploit, very easy to create more modules. Anyone can extend the tool easily with the help of exploit databases.

To get the code skeleton.

Also Read    p0f – Passive Traffic Analysis OS Fingerprinting and Forensics Penetration Testing Tool.

Checking for Misfortune Cookie vulnerability:

It is a critical vulnerability which allows an attacker to take remote control of a router connected to the Internet and it can be fixed only by hardware vendors.

[email protected]:~# routersploit rsf > use exploits/multi/misfortune_cookie rsf (Misfortune Cookie) > show options

Scanner

Scanner Quickly checks the target is vulnerable to any exploit, here we are to use autopwn scanner which for all vulnerabilities.

rsf use scanner/autopwn rsf (Autopwn) > show options rsf (Autopwn) > set target IP rsf (Autopwn) > run

Exploitation Framework for Embedded devices - RouterSploit

Exploitation Framework for Embedded devices - RouterSploit

CREDS

RouterSploit has various creds modules that can brute force various services, including HTTP, SSH, and Telnet.

Services supported:

  • ftp
  • ssh
  • telnet
  • http basic auth
  • http digest auth
  • http form auth
  • snmp

As like every brute force tool you should prepare a wordlist, every service two modules for reference (ftp_bruteforce,ftp_default)

ftp_default as the name indicates it will check for default credentials and the process will be completed in minutes.

ftp_bruteforce do a dictionary account over single or multiple user accounts with credentials provided in the list.

You can find the video Tutorial in Github page.

  • Author: Reverse Shell Security
  • License: BSD-3-clause

Also Read