当前位置:主页 > 资料 >

RouterSploit: The Metasploit For Routers!
栏目分类:资料   发布日期:2017-05-28   浏览次数:

导读:本文为去找网小编(www.7zhao.net)为您推荐的RouterSploit: The Metasploit For Routers!,希望对您有所帮助,谢谢! There are exploitation frameworks and then there is Metasploit. Though it has a few modules targeted towa

本文为去找网小编(www.7zhao.net)为您推荐的RouterSploit: The Metasploit For Routers!,希望对您有所帮助,谢谢! 去找(www.7zhao.net欢迎您



There are exploitation frameworks and then there is Metasploit. Though it has a few modules targeted towards embedded devices, it is your “general purpose” framework. If you are looking at a comprehensive embedded devices/router exploitation framework you now have RouterSploit !

内容来自www.7zhao.net

RouterSploit: The Metasploit for Routers!

What is RouterSploit?

The RouterSploit Framework is an open-source exploitation framework coded in Python, dedicated to embedded devices like routers. As of now, it allows you to target FTP, SSH, TELNET, HTTP BASIC AUTH, HTTP DIGEST AUTH, HTTP FORM AUTH and SNMP. It can also be installed in a Docker container. Post exploitation, you can even get a reverse connection shell. When it comes to exploitation, you can target devices from the following manufacturers: 欢迎访问www.7zhao.net

  • Cameras : Brickcom, D-Link, Grandsteam, Honeywell, Netwave and VideoIQ.
  • Routers : 2wire, 3com, Asmax, Asus, Belkin, BHU, Billion, Cisco, Comtrend, D-Link, Fortinet, Huawei, IPFire, Juniper, Linksys, Movistar, Netcore/Netis, Netgear, Netsys, Shuttle, Technicolor, Thomson, TP-Link, Ubiquiti, Zte, Zyxel and RomPager.
  • Miscellaneous devices : Asus, Miele and WePresent.

RouterSploit consists of various modules that aids penetration testing operations such as exploits – to take advantage of identified vulnerabilities,  creds – to test credentials against network services and

www.7zhao.net

scanners – to check if a target is vulnerable to any exploit. The creds module allows you to run default dictionary or bruteforce attacks against the above mentioned network services. Now to the juicy part! These are the exploits that you can currently use with this router exploitation framework: copyright www.7zhao.net

Cameras: 内容来自www.7zhao.net

D-Link DCS Cameras Authentication Bypass 本文来自去找www.7zhao.net

JVC & Vanderbilt & Honeywell IP-Camera Path Traversal

copyright www.7zhao.net

Netwave IP Camera – Password Disclosure 去找(www.7zhao.net欢迎您

Honeywell IP-Camera HICC-1100PT Password Disclosure copyright www.7zhao.net

VideoIQ Camera Path Traversal 欢迎访问www.7zhao.net

Grandsteam GXV3611_HD – SQL Injection copyright www.7zhao.net

Brickcom Corp Network Camera Conf Disclosure

欢迎访问www.7zhao.net

Miscellaneous devices:

copyright www.7zhao.net

Asus B1M Projector RCE www.7zhao.net

Miele Professional PG 8528 Path Traversal 内容来自www.7zhao.net

WePresent WiPG-1000 RCE

本文来自去找www.7zhao.net

Routers: 本文来自去找www.7zhao.net

TP-Link Archer C2 & C20i Remote Code Execution 去找(www.7zhao.net欢迎您

TP-Link WDR740ND & WDR740N Path Traversal copyright www.7zhao.net

TP-Link WDR740ND & WDR740N Backdoor Remote Code Execution

去找(www.7zhao.net欢迎您

ZyXEL Eir D1000 Remote Code Execution

内容来自www.7zhao.net

ZyXEL ZyWALL USG Extract Hashes 去找(www.7zhao.net欢迎您

ZyXEL Eir D1000 WiFi Password Disclosure 去找(www.7zhao.net欢迎您

ZyXEL P660HN-T v2 Remote Code Execution 去找(www.7zhao.net欢迎您

ZyXEL P660HN-T v1 Remote Code Execution www.7zhao.net

D-Link DIR-645 & DIR-815 Remote Code Execution

欢迎访问www.7zhao.net

D-Link DCS-930L Auth Remote Code Execution

内容来自www.7zhao.net

D-Link DWR-932 Information Disclosure 内容来自www.7zhao.net

D-Link DSL-2740R DNS Change 去找(www.7zhao.net欢迎您

D-LINK DWR-932B Backdoor copyright www.7zhao.net

D-Link DSL-2780B & DSL-2730B & DSL-526B DNS Change

本文来自去找www.7zhao.net

D-Link Multi HNAP Remote Code Execution

去找(www.7zhao.net欢迎您

D-Link DWL-3200AP Password Disclosure 去找(www.7zhao.net欢迎您

D-LINK DNS-320L & DIR-327L Remote Code Execution

去找(www.7zhao.net欢迎您

D-Link DSP-W110 Remote Code Execution 去找(www.7zhao.net欢迎您

D-Link DSL-2750B Information Disclosure 本文来自去找www.7zhao.net

D-Link DIR-825 Path Traversal

本文来自去找www.7zhao.net

D-Link DVG-N5402SP Path Traversal 内容来自www.7zhao.net

D-Link DIR-300 & DIR-320 & DIR-600 & DIR-615 Information Disclosure copyright www.7zhao.net

D-Link DSL-2730U/2750U/2750E Path Traversal 去找(www.7zhao.net欢迎您

D-Link DSL-2640B DNS Change

本文来自去找www.7zhao.net

D-Link DIR-815 & DIR-850L Remote Code Execution copyright www.7zhao.net

D-Link DGS-1510 Add User 本文来自去找www.7zhao.net

D-Link DIR-300 & DIR-645 & DIR-815 UPNP Remote Code Execution www.7zhao.net

D-Link DIR-645 Password Disclosure

copyright www.7zhao.net

D-Link DIR-300 & DIR-320 & DIR-615 Auth Bypass copyright www.7zhao.net

D-LINK DIR-300 & DIR-600 Remote Code Execution 去找(www.7zhao.net欢迎您

BHU uRouter Remote Code Execution

去找(www.7zhao.net欢迎您

ZTE F609 Config Disclosure

内容来自www.7zhao.net

ZTE F6XX Default root

本文来自去找www.7zhao.net

ZTE ZXV10 Remote Code Execution

copyright www.7zhao.net

ZTE F460 & F660 Backdoor Remote Code Execution copyright www.7zhao.net

ZTE F660 Config Disclosure

本文来自去找www.7zhao.net

2Wire Gateway Auth Bypass 欢迎访问www.7zhao.net

2Wire 4011G & 5012NV Path Traversal 去找(www.7zhao.net欢迎您

Netgear Multi Password Disclosure 内容来自www.7zhao.net

Netgear DGN2200 Remote Code Execution www.7zhao.net

Netgear WNR500/WNR612v3/JNR1010/JNR2010 Path Traversal www.7zhao.net

Netgear ProSafe Remote Code Execution 欢迎访问www.7zhao.net

Netgear JNR1010 Path Traversal

copyright www.7zhao.net

Netgear DGN2200 Remote Code Execution

copyright www.7zhao.net

Netgear Multi Remote Code Execution 欢迎访问www.7zhao.net

Netgear R7000 & R6400 Remote Code Execution 欢迎访问www.7zhao.net

Netgear N300 Auth Bypass

欢迎访问www.7zhao.net

Movistar ADSL Router BHS_RTA Path Traversal 去找(www.7zhao.net欢迎您

FortiGate OS 4.x-5.0.7 Backdoor 本文来自去找www.7zhao.net

AirOS 6.x – Arbitrary File Upload

www.7zhao.net

Asus Informationsvr Backdoor Remote Code Execution 本文来自去找www.7zhao.net

Asus RT-N16 Password Disclosure

本文来自去找www.7zhao.net

Thomson TWG850 Password Disclosure

本文来自去找www.7zhao.net

Thomson TWG849 Information Disclosure 去找(www.7zhao.net欢迎您

Billion 7700NR4 Password Disclosure 内容来自www.7zhao.net

Billion 5200W-T Remote Code Execution www.7zhao.net

Asmax AR 804 Remote Code Execution 去找(www.7zhao.net欢迎您

Asmax AR1004G Password Disclosure 内容来自www.7zhao.net

Netsys Multi Remote Code Execution www.7zhao.net

Juniper ScreenOS Backdoor 内容来自www.7zhao.net

Linksys SMART WiFi Password Disclosure 本文来自去找www.7zhao.net

Linksys E1500/E2500 Remote Code Execution

欢迎访问www.7zhao.net

Linksys WRT100/WRT110 Remote Code Execution 去找(www.7zhao.net欢迎您

Linksys WAP54Gv3 Remote Code Execution copyright www.7zhao.net

Netcore/Netis UDP 53413 Remote Code Execution

内容来自www.7zhao.net

Misfortune Cookie affecting Azmoon, Billion, D-Link, TP-Link, ZyXEL

本文来自去找www.7zhao.net

TCP-32764 Information Disclosure 内容来自www.7zhao.net

Multi SSH Authorized Keys on ExaGrid, Quantum DXi, Vagrant 内容来自www.7zhao.net

TCP-32764 Remote Code Execution 内容来自www.7zhao.net

RomPager ROM-0 Authentication Bypass copyright www.7zhao.net

Shellshock copyright www.7zhao.net

Heartbleed

本文来自去找www.7zhao.net

Comtrend CT 5361T Password Disclosure 内容来自www.7zhao.net

IPFire Proxy Remote Code Execution 欢迎访问www.7zhao.net

IPFire Shellshock 去找(www.7zhao.net欢迎您

3Com 3CRADSL72 Information Disclosure www.7zhao.net

3Com AP8760 Password Disclosure 本文来自去找www.7zhao.net

3Com OfficeConnect Information Disclosure

copyright www.7zhao.net

3Com IMC Path Traversal copyright www.7zhao.net

3Com OfficeConnect Remote Code Execution 欢迎访问www.7zhao.net

3Com IMC Information Disclosure

欢迎访问www.7zhao.net

Technicolor TC7200 Password Disclosure www.7zhao.net

Technicolor TG784n-v3 Authentication Bypass

欢迎访问www.7zhao.net

Technicolor DWG-855 Authentication Bypass 欢迎访问www.7zhao.net

Technicolor TC7200 Password Disclosure copyright www.7zhao.net

Belkin Play Max Persistent Remote Code Execution 欢迎访问www.7zhao.net

Belkin G Information Disclosure www.7zhao.net

Belkin N150 Path Traversal

欢迎访问www.7zhao.net

Belkin G & N150 Password Disclosure 欢迎访问www.7zhao.net

Belkin Authentication Bypass

copyright www.7zhao.net

Belkin N750 Remote Code Execution

copyright www.7zhao.net

Shuttle 915 WM DNS Change

欢迎访问www.7zhao.net

Huawei HG866 Password Cahnge 本文来自去找www.7zhao.net

Huawei HG630a Default Credentials 欢迎访问www.7zhao.net

Huawei E5331 Information Disclosure 去找(www.7zhao.net欢迎您

Huawei HG530 & HG520b Password Disclosure copyright www.7zhao.net

Huawei HG520 Information Disclosure www.7zhao.net

Cisco Secure ACS Unauthorized Password Change

www.7zhao.net

Cisco Firepower Management 6.0 Path Traversal 内容来自www.7zhao.net

Cisco Catalyst 2960 ROCEM Remote Code Execution copyright www.7zhao.net

Cisco UCM Information Disclosure

去找(www.7zhao.net欢迎您

Cisco IOS HTTP Unauthorized Administrative Access 内容来自www.7zhao.net

Cisco Unified Multi Path Traversal 内容来自www.7zhao.net

Cisco UCS Manager Remote Code Execution

去找(www.7zhao.net欢迎您

Cisco Firepower Management 6.0 Remote Code Execution

内容来自www.7zhao.net

Cisco DPC2420 Information Disclosure

本文来自去找www.7zhao.net

Cisco Video Surveillance Path Traversal

内容来自www.7zhao.net

When it comes to installation, it does not need many Python modules. Just gnureadline (OSX only), requests, paramiko, beautifulsoup4 and pysnmp will do. WhatWPXF is for WordPress, RouterSploit is for routers.

去找(www.7zhao.net欢迎您

Install RouterSploit:

The current version is RouterSploit v2.2.1 & is code named – Bad Blood . Check out the , and run 本文来自去找www.7zhao.net

pip install -r requirements.txt
./rsf.py www.7zhao.net 
欢迎访问www.7zhao.net


本文原文地址:http://pentestit.com/routersploit-router-exploitation-framework/

以上为RouterSploit: The Metasploit For Routers!文章的全部内容,若您也有好的文章,欢迎与我们分享!

www.7zhao.net

Copyright ©2008-2017去找网版权所有   皖ICP备12002049号-2 皖公网安备 34088102000435号   关于我们|联系我们| 免责声明|友情链接|网站地图|手机版