Lucene search

K
pentestitBlackPENTESTIT:30AF1FB3AAE47288E800B5587788AF45
HistoryOct 18, 2018 - 6:13 p.m.

UPDATED VERSION: RouterSploit 3.4.0

2018-10-1818:13:04
Black
pentestit.com
2068
routersploit 3.4.0
open-source
exploitation framework
embedded devices
penetration testing
modules
pycryptodome
exploits
creds
scanners
payloads
generic
update
cve-2018-5999
cve-2018-6000
mirai botnet
vulnerabilities
routersploit 3.4.0 changelog
git repository.

EPSS

0.975

Percentile

100.0%

PenTestIT RSS Feed

RouterSploit 3.4.0, the long awaited router exploitation framework update is out guys! This release includes some really cool features and updates such as using pycryptodome from pycryptoand newer exploitation modules! Read on for the improvements.

RouterSploit 3.4.0

What is RouterSploit?

> The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of the following modules that aids penetration testing operations:
>
> * exploits – modules that take advantage of identified vulnerabilities
> * creds – modules designed to test credentials against network services
> * scanners – modules that check if a target is vulnerable to any exploit
> * payloads – modules that are responsible for generating payloads for various architectures and injection points
> * generic – modules that perform generic attacks

Official RouterSploit 3.4.0 changelog:

  • Fixing setup.py resources
  • Switching to pycroptodome
  • Fixing communication API
  • Adding exploits/routers/asus/asuswrt_lan_rce.py module (CVE-2018-5999/CVE-2018-6000)
  • Fixing exploits/routers/asus/infosvr_backdoor_rce.py module
  • Adding credentials used by Mirai botnet
  • Fixing 3com Officeconnect RCE module
  • Fixing exploits/routers/billion/billion_5200w_rce.py module
  • Fixing exploits/routers/cisco/catalyst_2960_rocem.py module (CVE-2017-3881)
  • Fixing exploits/routers/cisco/firepower_management60_rce.py module (CVE-2016-6433)
  • Fixing exploits/routers/dlink/dir_815_850l_rce.py module
  • Fixing exploits/routers/multi/tcp_32764_rce.py module
  • Fixing exploits/routers/ubiquiti/airos_6_x.py module
  • Adding OptEncoder option
  • Fixing use command issue
  • Adding tests tests/exploits/cameras/cisco/test_video_surv_path_traversal.py
  • Adding tests for modules default values
  • Adding tests tests/exploits/routers/asus/test_infosvr_backdoor_rce.py
  • Adding tests tests/exploits/routers/billion/test_billion_5200w_rce.py
  • Adding tests tests/exploits/routers/cisco/test_firepower_management60_rce.py
  • Adding tests tests/exploits/routers/cisco/test_secure_acs_bypass.py
  • Adding tests tests/exploits/routers/dlink/test_dcs_930l_auth_rce.py
  • Adding tests tests/exploits/routers/technicolor/test_tg784_authbypass.py
  • Adding tests tests/exploits/routers/dlink/test_dsl_2730b_2780b_526b_dns_change.py
  • Fixing exploits/routers/ipfire/ipfire_proxy_rce.py module
  • Fixing exploits/routers/ipfire/ipfire_shellshock.py module
  • Adding exploits/routers/linksys/eseries_themoon_rce.py module

Install RouterSploit 3.4.0:

If you have an older version checked out, all you now need to get the latest version is run: git pull in the installed directory and you should be updated to the latest version. In case you do not have it installed, the current version is RouterSploit 3.4.0. Check out the GIT repository, and run

pip3 install -r requirements.txt
./rsf.py

The post UPDATED VERSION: RouterSploit 3.4.0 appeared first on PenTestIT.