Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
pentestitBlackPENTESTIT:30AF1FB3AAE47288E800B5587788AF45
HistoryOct 18, 2018 - 6:13 p.m.

UPDATED VERSION: RouterSploit 3.4.0

2018-10-1818:13:04
Black
pentestit.com
2013

0.975 High

EPSS

Percentile

100.0%

JSON

PenTestIT RSS Feed

RouterSploit 3.4.0, the long awaited router exploitation framework update is out guys! This release includes some really cool features and updates such as using pycryptodome from pycryptoand newer exploitation modules! Read on for the improvements.

RouterSploit 3.4.0

What is RouterSploit?

> The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of the following modules that aids penetration testing operations:
>
> * exploits – modules that take advantage of identified vulnerabilities
> * creds – modules designed to test credentials against network services
> * scanners – modules that check if a target is vulnerable to any exploit
> * payloads – modules that are responsible for generating payloads for various architectures and injection points
> * generic – modules that perform generic attacks

Official RouterSploit 3.4.0 changelog:

  • Fixing setup.py resources
  • Switching to pycroptodome
  • Fixing communication API
  • Adding exploits/routers/asus/asuswrt_lan_rce.py module (CVE-2018-5999/CVE-2018-6000)
  • Fixing exploits/routers/asus/infosvr_backdoor_rce.py module
  • Adding credentials used by Mirai botnet
  • Fixing 3com Officeconnect RCE module
  • Fixing exploits/routers/billion/billion_5200w_rce.py module
  • Fixing exploits/routers/cisco/catalyst_2960_rocem.py module (CVE-2017-3881)
  • Fixing exploits/routers/cisco/firepower_management60_rce.py module (CVE-2016-6433)
  • Fixing exploits/routers/dlink/dir_815_850l_rce.py module
  • Fixing exploits/routers/multi/tcp_32764_rce.py module
  • Fixing exploits/routers/ubiquiti/airos_6_x.py module
  • Adding OptEncoder option
  • Fixing use command issue
  • Adding tests tests/exploits/cameras/cisco/test_video_surv_path_traversal.py
  • Adding tests for modules default values
  • Adding tests tests/exploits/routers/asus/test_infosvr_backdoor_rce.py
  • Adding tests tests/exploits/routers/billion/test_billion_5200w_rce.py
  • Adding tests tests/exploits/routers/cisco/test_firepower_management60_rce.py
  • Adding tests tests/exploits/routers/cisco/test_secure_acs_bypass.py
  • Adding tests tests/exploits/routers/dlink/test_dcs_930l_auth_rce.py
  • Adding tests tests/exploits/routers/technicolor/test_tg784_authbypass.py
  • Adding tests tests/exploits/routers/dlink/test_dsl_2730b_2780b_526b_dns_change.py
  • Fixing exploits/routers/ipfire/ipfire_proxy_rce.py module
  • Fixing exploits/routers/ipfire/ipfire_shellshock.py module
  • Adding exploits/routers/linksys/eseries_themoon_rce.py module

Install RouterSploit 3.4.0:

If you have an older version checked out, all you now need to get the latest version is run: git pull in the installed directory and you should be updated to the latest version. In case you do not have it installed, the current version is RouterSploit 3.4.0. Check out the GIT repository, and run

pip3 install -r requirements.txt
./rsf.py

The post UPDATED VERSION: RouterSploit 3.4.0 appeared first on PenTestIT.

Related

zdt 4
packetstorm 6
prion 4
cve 4
exploitpack 3
threatpost 4
exploitdb 4
saint 3
korelogic 1
seebug 2
cisco 2
openvas 3
myhack58 1
ics 1
cisa_kev 1
nessus 3
thn 2
checkpoint_advisories 1
attackerkb 1
rapid7community 1
talosblog 1
zdt
zdt
AsusWRT LAN Unauthenticated Remote Code Execution Exploit
2018-02-23 00:00:00
Cisco Firepower Management Console 6.0 Post Authentication UserAdd Exploit
2017-01-12 00:00:00
Cisco Catalyst 2960 IOS 12.2(55)SE11 - ROCEM Remote Code Execution Exploit
2017-04-12 00:00:00
packetstorm
packetstorm
AsusWRT LAN Unauthenticated Remote Code Execution
2018-02-23 00:00:00
AsusWRT Router Remote Code Execution
2018-01-26 00:00:00
Cisco Firepower Management Console 6.0 Post Authentication UserAdd
2017-01-12 00:00:00
prion
prion
Command injection
2018-01-22 20:29:00
Code injection
2016-10-06 10:59:00
Authentication flaw
2018-01-22 20:29:00
cve
cve
CVE-2018-6000
2018-01-22 20:29:00
CVE-2016-6433
2016-10-06 10:59:00
CVE-2018-5999
2018-01-22 20:29:00
exploitpack
exploitpack
AsusWRT Router 3.0.0.4.380.7743 - LAN Remote Code Execution
2018-01-22 00:00:00
Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution
2016-10-05 00:00:00
Cisco Catalyst 2960 IOS 12.2(55)SE11 - ROCEM Remote Code Execution
2017-04-12 00:00:00
threatpost
threatpost
ASUS Patches Root Command Execution Flaws Haunting Over a Dozen Router Models
2018-01-25 18:40:03
Cisco Warns of Critical Vulnerability Revealed in WikiLeaks 'Vault 7' Data Dump
2017-03-20 13:20:41
Cisco Patches IOS XE Vulnerability Leaked in Vault 7 Dump
2017-05-10 10:10:35
exploitdb
exploitdb
AsusWRT Router < 3.0.0.4.380.7743 - LAN Remote Code Execution
2018-01-22 00:00:00
Cisco Catalyst 2960 IOS 12.2(55)SE1 - 'ROCEM' Remote Code Execution
2017-04-12 00:00:00
Cisco Firepower Threat Management Console 6.0.1 - Remote Command Execution
2016-10-05 00:00:00
saint
saint
ASUSWRT vpnupload.cgi authentication bypass
2018-02-28 00:00:00
ASUSWRT vpnupload.cgi authentication bypass
2018-02-28 00:00:00
ASUSWRT vpnupload.cgi authentication bypass
2018-02-28 00:00:00
korelogic
korelogic
Cisco Firepower Threat Management Console Remote Command Execution Leading to Root Access
2016-10-05 00:00:00
seebug
seebug
Cisco Firepower Management Console 6.0 - Post Authentication UserAdd (CVE-2016-6433)
2017-02-24 00:00:00
Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability (CVE-2017-3881)
2017-04-10 00:00:00
cisco
cisco
Cisco Firepower Threat Management Console Remote Command Execution Vulnerability
2016-10-05 16:00:00
Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability
2017-03-17 16:00:00
openvas
openvas
Cisco Firepower Threat Management Console Remote Command Execution Vulnerability
2016-10-06 00:00:00
Cisco IOS Software Cluster Management Protocol Remote Code Execution Vulnerability
2017-03-20 00:00:00
Cisco IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability
2017-03-20 00:00:00
myhack58
myhack58
Cisco Catalyst 2960 switch in CVE-2017-3881 vulnerability analysis-vulnerability warning-the black bar safety net
2017-04-18 00:00:00
ics
ics
Rockwell Automation Allen-Bradley Stratix and Allen-Bradley ArmorStratix
2017-04-04 12:00:00
cisa_kev
cisa_kev
Cisco IOS and IOS XE Remote Code Execution Vulnerability
2022-03-25 00:00:00
nessus
nessus
Cisco IOS XE Cluster Management Protocol Telnet Option Handling RCE (cisco-sa-20170317-cmp)
2017-03-27 00:00:00
Cisco IOS Cluster Management Protocol Telnet Option Handling RCE (cisco-sa-20170317-cmp) (destructive check)
2017-10-11 00:00:00
Cisco IOS Cluster Management Protocol Telnet Option Handling RCE (cisco-sa-20170317-cmp)
2017-03-27 00:00:00
thn
thn
Disable TELNET! Cisco finds 0-Day in CIA Dump affecting over 300 Network Switch Models
2017-03-19 21:20:00
Cisco Finally Patches 0-Day Exploit Disclosed In Wikileaks-CIA Leak
2017-05-10 01:27:00
checkpoint_advisories
checkpoint_advisories
Cisco IOS Remote Code Execution (CVE-2017-3881) - Ver2
2018-04-15 00:00:00
attackerkb
attackerkb
CVE-2017-3881
2017-03-17 00:00:00
rapid7community
rapid7community
Metasploit Wrapup
2017-06-30 19:09:11
talosblog
talosblog
DNS Hijacking Abuses Trust In Core Internet Service
2019-04-18 16:08:25

0.975 High

EPSS

Percentile

100.0%

JSON
Related for PENTESTIT:30AF1FB3AAE47288E800B5587788AF45
zdt4packetstorm6prion4cve4exploitpack3threatpost4exploitdb4saint3korelogic1seebug2cisco2openvas3myhack581ics1cisa_kev1nessus3thn2checkpoint_advisories1attackerkb1rapid7community1talosblog1