Previous Article Next Article routersploit 掃 router 設備漏洞/弱點
Posted in Linux

routersploit 掃 router 設備漏洞/弱點

routersploit 掃 router 設備漏洞/弱點 Posted on 2019 年 01 月 09 日Leave a comment

threat9/routersploit Exploitation Framework for Embedded Devices

它有這些功能

exploits - modules that take advantage of identified vulnerabilities
creds - modules designed to test credentials against network services
scanners - modules that check if a target is vulnerable to any exploit
payloads - modules that are responsible for generating payloads for various architectures and injection points
generic - modules that perform generic attacks

下載

git clone https://github.com/reverse-shell/routersploit

必要元件安裝

cd routersploit
python3 -m pip install -r requirements.txt

執行

python3 rsf.py

我就用基本的掃描動作
指定目標 IP
開始掃描 (我拿一台 Linux 當作是 router 掃)
(假如不知道詳細指令都可以按 tab 鍵出現提示,或 help )

> use scanners/routers/router_scan
> set target 10.10.10.137
> run

它就掃出我密碼用 123456

( 其它省略)

[-] 10.10.10.137 Could not confirm any vulnerablity

[+] 10.10.10.137 Found default credentials:

   Target           Port     Service     Username     Password     
   ------           ----     -------     --------     --------     
   10.10.10.137     22       ssh         root         123456    

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *