In this article we’re going to discuss penetration testing network routers using RouterSploit in a beginner’s way. Basically RouterSploit is a router exploitation framework or we can say penetration testing framework for routers, designed especially for embedded devices.

This framework can perform three main modules:

  1. exploiting module: contains list of all the publicly available exploits.
  2. creds module: help us for testing logins for different devices.
  3. scanners module: enable us for checking a particular exploit against a particular device.

Unfortunately, this tool is not available with the official installation of the Kali Linux OS. RouterSploit installation is very simple just follow these steps

Enter the following command to clone the GitHub repository:

git clone https://github.com/reverse-shell/routersploit

We go to the directory using the cd routersploit command and run the file as follows:

./rsf.py

Results are shown below:

Penetration Testing Network Routers

For launching an exploit against a router, we use following command:

use exploits/routername/exploitname

Here is how command will look like:



Penetration Testing Network Routers

Now you need to check for available options. So, use the show options command.

Now we need to set the target with following command:

set target <Target IP Address>

Here is the output of the preceding command:

Penetration Testing Network Routers

Now we simply type exploit or run:

Penetration Testing Network Routers

In my case router was not vulnerable to that exploit but there are many possibilities for us to find working exploits available publicly.

1Scan Module in RouterSploit for Penetration Testing Network Routers

Now let us move on scanning modules of Routersploit for penetration testing network routers.

To scan a Cisco router, we use the following command:

use scanners/cisco_scan

Next steps are similar to previous modules after selecting scan option then we check for options using show options command.

Then we need to set target ip address to scan using set target 192.168.0.1

Now we run it, and it will show all the exploits that the router is vulnerable to.

Back

LEAVE A REPLY

Please enter your comment!
Please enter your name here