UPDATED VERSION: RouterSploit 3.4.0


PenTestIT RSS Feed **RouterSploit 3.4.0**, the long awaited [_router exploitation framework_](<http://pentestit.com/routersploit-router-exploitation-framework/>) update is out guys! This release includes some really cool features and updates such as using `pycryptodome` from `pycrypto`and newer exploitation modules! Read on for the improvements. ![RouterSploit 3.4.0](http://pentestit.com/wp-content/uploads/2018/08/RouterSploit-3.3.0.png) What is RouterSploit? > The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. It consists of the following modules that aids penetration testing operations: > > * exploits – modules that take advantage of identified vulnerabilities > * creds – modules designed to test credentials against network services > * scanners – modules that check if a target is vulnerable to any exploit > * payloads – modules that are responsible for generating payloads for various architectures and injection points > * generic – modules that perform generic attacks ## Official RouterSploit 3.4.0 changelog: * Fixing `setup.py` resources * Switching to pycroptodome * Fixing communication API * Adding `exploits/routers/asus/asuswrt_lan_rce.py` module (CVE-2018-5999/CVE-2018-6000) * Fixing `exploits/routers/asus/infosvr_backdoor_rce.py` module * Adding credentials used by Mirai botnet * Fixing 3com Officeconnect RCE module * Fixing `exploits/routers/billion/billion_5200w_rce.py` module * Fixing `exploits/routers/cisco/catalyst_2960_rocem.py` module (CVE-2017-3881) * Fixing `exploits/routers/cisco/firepower_management60_rce.py` module (CVE-2016-6433) * Fixing `exploits/routers/dlink/dir_815_850l_rce.py` module * Fixing `exploits/routers/multi/tcp_32764_rce.py` module * Fixing `exploits/routers/ubiquiti/airos_6_x.py` module * Adding `OptEncoder` option * Fixing `use` command issue * Adding tests `tests/exploits/cameras/cisco/test_video_surv_path_traversal.py` * Adding tests for modules default values * Adding tests `tests/exploits/routers/asus/test_infosvr_backdoor_rce.py` * Adding tests `tests/exploits/routers/billion/test_billion_5200w_rce.py` * Adding tests `tests/exploits/routers/cisco/test_firepower_management60_rce.py` * Adding tests `tests/exploits/routers/cisco/test_secure_acs_bypass.py` * Adding tests `tests/exploits/routers/dlink/test_dcs_930l_auth_rce.py` * Adding tests `tests/exploits/routers/technicolor/test_tg784_authbypass.py` * Adding tests `tests/exploits/routers/dlink/test_dsl_2730b_2780b_526b_dns_change.py` * Fixing `exploits/routers/ipfire/ipfire_proxy_rce.py` module * Fixing `exploits/routers/ipfire/ipfire_shellshock.py` module * Adding `exploits/routers/linksys/eseries_themoon_rce.py` module ## Install RouterSploit 3.4.0: If you have an older version checked out, all you now need to get the latest version is run: `git pull` in the installed directory and you should be updated to the latest version. In case you do not have it installed, the current version is RouterSploit 3.4.0. Check out the [GIT repository](<https://github.com/threat9/routersploit>), and run pip3 install -r requirements.txt ./rsf.py The post [UPDATED VERSION: RouterSploit 3.4.0](<http://pentestit.com/updated-version-routersploit-3-4-0/>) appeared first on [PenTestIT](<http://pentestit.com>).