Penetration Testing Network Routers using RouterSploit

In this article we’re going to discuss penetration testing network routers using RouterSploit in a beginner’s way. Basically RouterSploit is a router exploitation framework or we can say penetration testing framework for routers, designed especially for embedded devices.

This framework can perform three main modules:

  1. exploiting module: contains list of all the publicly available exploits.
  2. creds module: help us for testing logins for different devices.
  3. scanners module: enable us for checking a particular exploit against a particular device.

Unfortunately, this tool is not available with the official installation of the Kali Linux OS. RouterSploit installation is very simple just follow these steps

Enter the following command to clone the GitHub repository:

git clone https://github.com/reverse-shell/routersploit

We go to the directory using the cd routersploit command and run the file as follows:

./rsf.py

Results are shown below:

Penetration Testing Network Routers

For launching an exploit against a router, we use following command:

use exploits/routername/exploitname

Here is how command will look like:



Penetration Testing Network Routers

Now you need to check for available options. So, use the show options command.

Now we need to set the target with following command:

set target <Target IP Address>

Here is the output of the preceding command:

Penetration Testing Network Routers

Now we simply type exploit or run:

Penetration Testing Network Routers

In my case router was not vulnerable to that exploit but there are many possibilities for us to find working exploits available publicly.

Scan Module in RouterSploit for Penetration Testing Network Routers

Now let us move on scanning modules of Routersploit for penetration testing network routers.

To scan a Cisco router, we use the following command:

use scanners/cisco_scan

Next steps are similar to previous modules after selecting scan option then we check for options using show options command.

Then we need to set target ip address to scan using set target 192.168.0.1

Now we run it, and it will show all the exploits that the router is vulnerable to.

Creds Module in RouterSploit for Penetration Testing Network Routers

Now it’s time to learn about creds module of routersploit for penetration testing network routers.

This module used for testing default password combinations on the services via the dictionary attack.

Use the creds command to run the dictionary attack on various services:

use creds/telnet_bruteforce

As we have done twice before look for available options using show options then set target 192.168.0.1 and in the end use run command.



Let me recommend you some other practical guides about penetration testing of Remote Access Protocols, Remote Desktop ProtocolSSH Network Protocol, WordPress website using WPSeku,

Thanks for your support.

Check Also

Use Private Search Engine in Kali Linux 2018.2

How to make your own private search engine on Kali Linux 2018.2 with SearX? SearX …

Leave a Reply

Your email address will not be published. Required fields are marked *