The RouterSploit Framework is an open-source exploitation framework devoted to embedded devices. It includes various modules that aid penetration testing operations:
The routersploit is a similar tool to Metasploit, very easy to create more modules. Anyone can extend the tool easily with the help of exploit databases.
To get the code skeleton.
Also Read p0f – Passive Traffic Analysis OS Fingerprinting and Forensics Penetration Testing Tool.
It is a critical vulnerability that allows an attacker to take remote control of a router connected to the Internet and it can be fixed only by hardware vendors.
root@kali:~# routersploit rsf > use exploits/multi/misfortune_cookie rsf (Misfortune Cookie) > show optionsScanner Quickly checks the target is vulnerable to any exploit, here we are to use autopwn scanners for all vulnerabilities.
rsf use scanner/autopwn rsf (Autopwn) > show options rsf (Autopwn) > set target IP rsf (Autopwn) > runRouterSploit has various creds modules that can brute force various services, including HTTP, SSH, and Telnet.
As like every brute force tool you should prepare a wordlist, every service has two modules for reference (ftp_bruteforce,ftp_default)
ftp_default as the name indicates will check for default credentials and the process will be completed in minutes.
ftp_bruteforce does a dictionary account over single or multiple user accounts with credentials provided in the list.
You can find the video Tutorial on the GitHub page.
Also, Read
A groundbreaking technique for Kerberos relaying over HTTP, leveraging multicast poisoning, has been recently detailed…
Since mid-2024, cybersecurity researchers have been monitoring a sophisticated Android malware campaign dubbed "Tria Stealer,"…
Proton, the globally recognized provider of privacy-focused services such as Proton VPN and Proton Pass,…
The cybersecurity landscape faces increasing challenges as Arcus Media ransomware emerges as a highly sophisticated…
Proofpoint researchers have identified a marked increase in phishing campaigns and malicious domain registrations designed…
A recent investigation by Unit 42 of Palo Alto Networks has uncovered a sophisticated, state-sponsored…
View Comments
I appreciate the article as it lays out the setup guide very nicely. Is the autopwn scanner passive? I would like to attempt to passively determine if the device is prone to the vulnerability rather than exploiting it.