In this article we’re going to discuss penetration testing network routers using RouterSploit in a beginner’s way. Basically RouterSploit is a router exploitation framework or we can say penetration testing framework for routers, designed especially for embedded devices.
This framework can perform three main modules:
- exploiting module: contains list of all the publicly available exploits.
- creds module: help us for testing logins for different devices.
- scanners module: enable us for checking a particular exploit against a particular device.
Unfortunately, this tool is not available with the official installation of the Kali Linux OS. RouterSploit installation is very simple just follow these steps
Enter the following command to clone the GitHub repository:
git clone https://github.com/reverse-shell/routersploit
We go to the directory using the cd routersploit command and run the file as follows:
Results are shown below:
For launching an exploit against a router, we use following command:
Now you need to check for available options. So, use the show options command.
Now we need to set the target with following command:
set target <Target IP Address>
Here is the output of the preceding command:
Now we simply type exploit or run:
In my case router was not vulnerable to that exploit but there are many possibilities for us to find working exploits available publicly.
Scan Module in RouterSploit for Penetration Testing Network Routers
Now let us move on scanning modules of Routersploit for penetration testing network routers.
To scan a Cisco router, we use the following command:
Next steps are similar to previous modules after selecting scan option then we check for options using show options command.
Then we need to set target ip address to scan using set target 192.168.0.1
Now we run it, and it will show all the exploits that the router is vulnerable to.
Creds Module in RouterSploit for Penetration Testing Network Routers
Now it’s time to learn about creds module of routersploit for penetration testing network routers.
This module used for testing default password combinations on the services via the dictionary attack.
Use the creds command to run the dictionary attack on various services:
As we have done twice before look for available options using show options then set target 192.168.0.1 and in the end use run command.
Let me recommend you some other practical guides about penetration testing of Remote Access Protocols, Remote Desktop Protocol, SSH Network Protocol, WordPress website using WPSeku,
Thanks for your support.