Uirlisí Linux

RódaireSploit – Treoir Chreat Saothraithe Críochnaithe [2020]

RódaireSploit is an amazing exploitation framework made specifically for embedded devices.

This tool can be used by pentester to scan the security of cameras and routers.

RouterSploit Highlights:

  • Coded in Python.
  • Command-line interface.
  • Docker support.
  • Modular Tools.

Supported OS:

  1. MacOS.
  2. Linux.
  3. Android Phone.
  4. Windows.

Installing RouterSploit:

Riachtanais:

  • future
  • requests
  • paramiko
  • pysnmp
  • pycrypto

Optional:

  • bluepy – bluetooth low energy

Installing in Kali Linux:

Follow the commands below:

apt-get install python3-pip
git clone https://www.github.com/threat9/routersploit
cd routersploit
python3 -m pip install -r requirements.txt
python3 rsf.py

Bluetooth Low Energy support:

apt-get install libglib2.0-dev
python3 -m pip install bluepy
python3 rsf.py

Installing in Ubuntu:

Follow the commands below:

sudo add-apt-repository universe
sudo apt-get install git python3-pip
git clone https://www.github.com/threat9/routersploit
cd routersploit
python3 -m pip install setuptools
python3 -m pip install -r requirements.txt
python3 rsf.py

Bluetooth Low Energy support:

apt-get install libglib2.0-dev
python3 -m pip install bluepy
python3 rsf.py

Installing on MacOS:

Follow the commands below:

git clone https://www.github.com/threat9/routersploit
cd routersploit
sudo python3 -m pip install -r requirements.txt
python3 rsf.py

Installing on Docker:

Follow the commands below:

git clone https://www.github.com/threat9/routersploit
cd routersploit
docker build -t routersploit .
docker run -it --rm routersploit

How to Update RouterSploit?

You need to update RouterSploit often to avoid inconvenience.

New modules are shipped almost every day.

cd routersploit
git pull

How to use RouterSploit?

Usage

root@kalidev:~/git/routersploit# ./rsf.py
 ______            _            _____       _       _ _
 | ___ \          | |          /  ___|     | |     (_) |
 | |_/ /___  _   _| |_ ___ _ __\ `--. _ __ | | ___  _| |_
 |    // _ \| | | | __/ _ \ '__|`--. \ '_ \| |/ _ \| | __|
 | |\ \ (_) | |_| | ||  __/ |  /\__/ / |_) | | (_) | | |_
 \_| \_\___/ \__,_|\__\___|_|  \____/| .__/|_|\___/|_|\__|
                                     | |
       Exploitation Framework for    |_|   by Threat9
            Embedded Devices
  
 Codename   : I Knew You Were Trouble
 Version    : 3.3.0
 Homepage   : https://www.threat9.com/ - @threatnine
 Join Slack : routersploit.slack.com

 Join Threat9 Beta Program - https://www.threat9.com/

 Exploits: 128 Scanners: 4 Creds: 165 Generic: 4 Payloads: 32 Encoders: 6

rsf >

Exploits:

To preform the Exploitation, just pick the module and set the target:

rsf > use exploits/
exploits/2wire/ exploits/asmax/ exploits/asus/ exploits/cisco/ exploits/dlink/ exploits/fortinet/ exploits/juniper/ exploits/linksys/ exploits/multi/ exploits/netgear/
rsf > use exploits/dlink/dir_300_600_rce
rsf (D-LINK DIR-300 & DIR-600 RCE) >

For completion use tab key.

To display options, type show:

rsf (D-LINK DIR-300 & DIR-600 RCE) > show options

Target options:


   Name       Current settings     Description                                
   ----       ----------------     -----------                                
   target                          Target address e.g. http://192.168.1.1     
   port       80                   Target Port

Use runexploit command to exploit the target:

rsf (D-LINK DIR-300 & DIR-600 RCE) > run
[+] Target is vulnerable
[*] Invoking command loop...
cmd > whoami
root

To set options:

rsf (D-LINK DIR-300 & DIR-600 RCE) > set target http://192.168.1.1 [+] {'target': 'http://192.168.1.1'}

It’s possible to check if the target is vulnerable to particular exploit:

rsf (D-LINK DIR-300 & DIR-600 RCE) > check
[+] Target is vulnerable

Run show info to display info about the exploit.

Scanning for Vulnerable Targets:

Scanners allow quickly to verify if the target is vulnerable to any exploits.

Use the same commands to display/set options, and also to run.

rsf (D-Link Scanner) > run
[+] exploits/dlink/dwr_932_info_disclosure is vulnerable
[-] exploits/dlink/dir_300_320_615_auth_bypass is not vulnerable
[-] exploits/dlink/dsl_2750b_info_disclosure is not vulnerable
[-] exploits/dlink/dns_320l_327l_rce is not vulnerable
[-] exploits/dlink/dir_645_password_disclosure is not vulnerable
[-] exploits/dlink/dir_300_600_615_info_disclosure is not vulnerable
[-] exploits/dlink/dir_300_600_rce is not vulnerable

[+] Device is vulnerable!
- exploits/dlink/dwr_932_info_disclosure

Official RouterSploit

Léigh freisin: 1337x proxy

Final Words:

RódaireSploit is an amazing tool to use.

If you face any issues regarding the RódaireSploit. Make sure to comment down below. Our team CSHAWK will be in touch with you asap.

An Suyash

Seo Suyash ón India. Duine díograiseach CyberSecurity, Youtuber, Bhlagadóir, Saoránach agus pentester. De ghnáth scríobhann sé ailt chun a chuid eolais a roinnt leis an domhan mór.

Recent Posts

Aipeanna agus Bogearraí is Fearr do Cheoltóirí Óga

Leis an méadú ar threochtaí teicneolaíochta go leor, tá na buntáistí ag baint le gach tionscal. Different technologies

12 months ago

Barr 9 Leideanna chun Tú Féin a Choinneáil Sábháilte agus Cearrbhachas Ar Líne

Is é cearrbhachas ar líne an gnáthchearrbhachas is déanaí i saol digiteach luas tapa an lae inniu. The internet now offers

1 year ago

Buntáistí agus Míbhuntáistí a bhaineann le Síneadh Cánach a Fháil do Do Ghnó Fintech

Séasúr cánach: tráth den bhliain tá faitíos ar go leor daoine aonair agus gnólachtaí. The weight of ensuring

1 year ago

Barr 5 Games Which Became Most Popular in 2023 – Detailed Review!

As we enter in the final months of 2023, we can talk more clearly about

1 year ago

An mbeidh Finscéal Minecraft saor in aisce riamh?

Ó scaoileadh i 2011, Minecraft has become one of the most played video games

1 year ago

An féidir Minecraft Java a Imirt Le Xbox?

Tá Minecraft gníomhach le breis agus deich mbliana anuas, and in that time it has

1 year ago

This website uses cookies.