Exploit a Router Using RouterSploit [Tutorial]

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
the FBI recently recommended that Americans reboot their routers in order to combat a type of malware that's possibly linked to the Russian government this attack highlights how easy it is to hack a router and today we'll explore a piece of software called router sploit which shows you just how easy it is to get started hacking routers even if you're a beginner we'll show this and more on this episode of cyber weapons lab [Music] [Applause] [Music] the VPN filter malware specifically targets routers but it doesn't use sophisticated zero-day vulnerabilities to do so instead it uses common default credentials and old vulnerabilities which were patched in 2017 meaning if you've been updating your credentials and you haven't been using the default ones and you've actually updated your firmware you're probably fine now for most people this is not the case because most people don't know that it's possible to do this and even if they do they don't have time to but with the emergence of the VPN filter malware it's important for you to be able to check and make sure that anything on your network including your router isn't harboring these sorts of vulnerabilities which can be exploited for nefarious means now you don't need a piece of mount Russian malware to do this you can just download something like routers floyd-- which is a simple Python program in order to target and then scan devices on your network to see if anything is vulnerable to a known exploit now the reason that's important is these exploits can be written into code like VPN filter and automatically spread to any device that has the vulnerability so if there's something on your network like a webcam or a security camera that's been discontinued it won't ever get a firmware update again meaning you will always have the vulnerabilities that has at this moment so you can basically see these as an infection sitting on your network waiting for someone to notice because anybody who can connect to this vulnerability can infect it with pretty much anything they want so to get started it doesn't take much you'll need to download the Python program which can be run on any computer that runs Python and from there you'll just need to be on the same network as the device you want to test this doesn't take much work so let's get started before we get started it's important to note that this is definitely illegal if you are using it to break into someone's router that you don't have permission to well this is an excellent tool for auditing your own Internet of Things devices and routers it's important to note that you need permission before doing this on any device so be careful before using it on anything that you're not sure about now to get started it doesn't take much you can go ahead and just a gate clone from this git hub website right here but the specific installation instructions include a couple requirements which are future prereqs and some of these other ones unfortunately that's all taken care of in a requirement txt file so if you're installing this for the first time depending on which operating system you're running you can find specific installation instructions here and in our case we are installing it on Mac OS so we'll just do a simple git clone and then the address CD into the routers white folder which we will create and then sudo python 3 which actually doesn't always work you but you can try just python attack em pip install attack our requirements text and then python 3 although again if that doesn't work you can just try python RSF pi so that's as easy as it is to get this set up on Mac OS and since I've already done so let me give you a little bit of an understanding of how simple it is to jump into router sploit so we will just go ahead and type CD routers plate and then sudo python period / r SF PI and just like that we are into writers point so the module we will be using is Auto Pond so we can you type use scanner slot Auto pawn and this should put us into the auto pawn module now you might notice this is somewhat like Metasploit and it works kind of the same way there are different modules you can go into to accomplish specific tasks and in this case we're using a scanner module in order to find vulnerabilities now if you haven't done a lot of network scanning before you might be confused as to how you're going to target a device but in general you can assume that if you're a beginner one of the most common IP addresses that will be hard-coded into a router of to be its address is 192 168 0 1 now you can go ahead and try that and in this case there should be a router there so we can type show options and see the targeting options we have within routers poit and in this case we can see that it is waiting for a target IP address and it is currently set to a default port of 80 so we can go ahead and type in the default address we know by typing set target 1 9 2 1 6 8 0 1 now we can type run and it will run all these known exploits against the target and see if it is vulnerable to any of them and if it is then we will get a green mark next to one of them on the left side here now if there are not any vulnerabilities that means that at least according to what routers bite knows it's not vulnerable to any of this these very long list of exploits but keep in mind that there can be devices on your network that are not a router that are also vulnerable and represent a risk now we can look for these and we can also take routers point to the next level by using something like an nmap or a thing scan to search the entire network range for devices and then zero in on some that might have ports open that aren't the standard one port 80 that routers point is looking for so in this nmap scan i've said that i want to search the entire network range for port 80 port 8080 port 8081 and then port 81 these are common alternative ports that Internet of Things devices will use in order to access the internet so they will typically host a webserver and you'll be able to attempt to go to that and login so here after this we can see that it produced a result of this one IP address it has port 81 open and if I navigate to it quickly by copying and pasting it I can see that it prompts me for a username and password hmm interesting so if I press cancel it doesn't give me the brand name or anything but I can see that something's there so let's go ahead and feed this into routers poit but we'll need to change a couple things in order to make it work so we'll go ahead and change the target by typing set target but then we'll need to change the port number so we'll type set port 81 now we're targeting a device that we've discovered with a different sort of scan and you can refer to our various tutorials on how to scan with nmap or with thing because both will allow you to find new devices on the network in fact a thing application on your phone is the easy way that you can target these sorts of devices and then just pass in the ports and the IP addresses that you find to a router sploit so let's go ahead and run this against the device that we've discovered with the port 81 open and we can see here that we actually have found a vulnerability a credential disclosure vulnerability that hopefully will give us the credentials without us needing to be authenticated now we can go ahead and take advantage of this exploit that we found by copying it and typing use and then pasting it in this case exploits cameras some sort of credential disclosure and then we can go up press the UP button to see the commands that we've entered before and reset our target to the IP address we want reset our port to point to port 81 and then to check to make sure that this device is actually vulnerable we can type check here we can see the target is confirmed as vulnerable so the final step in exporting it is to type run here we go just like that horrifying information has been disclosed so much in fact that we need to blur it in order to protect our privacy but in general you can expect that an exploit of a router will either allow you to do something you're not supposed to do disclose dentals you're not supposed to see or show other configuration settings that can allow you to either learn enough information to take the next step in escalation or otherwise attack a router with relatively little effort now some of these exploits go so far as to just tell you the password where others might require more technical skill to fully use but regardless this can reveal exploits that someone with more skill than you can certainly take advantage of in an automated fashion now if you find a device that is a vulnerable like this you should immediately attempt to upgrade it with a firmware update however if none exist you should take it offline until you can correct the problem because it represents a threat to your network if you own a router or Internet of Things device it's your responsibility to make sure that the default credentials have been changed and any firmware updates have been applied to mitigate against threats like VPN filter if you don't do so you run the risk of having your device automatically exported and you should consider that while you do own these devices the person who ultimately owns them is the one who can't control them so to prevent this you can use something like thing to scan your network and make sure that all devices have been accounted for and if you find a new device you can scan it and look for any ports that could be open and vulnerable so you can direct a tool like routers boy who may not be able to find those ports with its default settings that's all we have for this episode of cyber weapons lab make sure to LIKE comment and subscribe and we'll see you next time
Info
Channel: Null Byte
Views: 579,298
Rating: undefined out of 5
Keywords: wht, wonderhowto, nullbyte, null byte, hack, hacking, hacker, hacks, hackers, how to hack, howto, how to, tutorial, guide, cyber weapon, cyber weapons, cyber, router, network, devices, routers, routersploit, ap, access point, dns, kody kinzie
Id: u0YrWfze9es
Channel Id: undefined
Length: 10min 32sec (632 seconds)
Published: Mon Jun 11 2018
Related Videos
Use Nmap for Tactical Network Reconnaissance [Tutorial]
Null Byte
239K
Search for Vulnerable Devices Around the World with Shodan [Tutorial]
Null Byte
400K
Find Information from a Phone Number Using OSINT Tools [Tutorial]
Null Byte
3.5M
Metasploit For Beginners - #1 - The Basics - Modules, Exploits & Payloads
HackerSploit
1M
Don't Talk to the Police
Regent University School of Law
16M
We Found A Backdoor In Our Home Network?! Routersploit Tutorial
Loi Liang Yang
70K
Track & Connect to Smartphones with a Beacon Swarm [Tutorial]
Null Byte
976K
Discover & Attack Network Devices with Sparta [Tutorial]
Null Byte
165K
Radio Hacking: Cars, Hardware, and more! - Samy Kamkar - AppSec California 2016
OWASP Foundation
1.1M
Find Vulnerable Services & Hidden Info Using Google Dorks [Tutorial]
Null Byte
1.3M
RouterSploit Complete Tutorial
HackerSploit
111K
Perform Network Fingerprinting with Maltego [Tutorial]
Null Byte
120K
The Top 10 Things to Do After Installing Kali Linux on Your Computer [Tutorial]
Null Byte
2.1M
HakByte: Capture Wi-Fi Passwords From Smartphones with a Half-Handshake Attack
Hak5
171K
HakByte: How to find anything on the internet with Google Dorks
Hak5
469K
I will own your WiFi with one Kali Linux command
David Bombal
847K
my SUPER secure Raspberry Pi Router (wifi VPN travel router)
NetworkChuck
372K
Intercept Images from a Security Camera Using Wireshark [Tutorial]
Null Byte
621K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.