Exploit a Router Using RouterSploit [Tutorial]
Вставка
- Опубліковано 15 чер 2024
- Our Premium Ethical Hacking Bundle Is 90% Off: nulb.app/cwlshop
How to Attack Network Devices with RouterSploit Tutorial
Full Tutorial: nulb.app/x4549
Subscribe to Null Byte: goo.gl/J6wEnH
Kody's Twitter: / kodykinzie
Cyber Weapons Lab, Episode 018
In this video, we're exploring RouterSploit, which shows you just how easy it is to get started with router hacking - even if you're a beginner white hat hacker or pentester. This program works on Linux distros like Kali, macOS, and Windows.
To learn more, check out the article: nulb.app/x4549
Follow Null Byte on:
Twitter: / nullbyte
Flipboard: flip.it/3.Gf_0
Website: null-byte.com
Weekly newsletter: eepurl.com/dE3Ovb
Vimeo: vimeo.com/channels/nullbyte - Навчання та стиль
![Use Nmap for Tactical Network Reconnaissance [Tutorial]](http://i.ytimg.com/vi/ltEFbi_I2KY/mqdefault.jpg)
![Use Nmap for Tactical Network Reconnaissance [Tutorial]](/img/tr.png)
I asked my router for concent, and it blinked...guess it is okay with this
Underrated comment
Hey how do I open routersploit I cant open it and I install it help
@@luiscastillo6615 make sure you are root: sudo routersploit [ENTER]
Found two vulnerabilities on my router thanks to this! Then I found out that xfinity doesn't allow users to update the hardware they provide. Guess who just ordered a new router? Thanks for this video.
Please make a full course on ethical hacking...
@@tripplefives1402 what you are talking about is illegal im pretty sure. If you really want to you should go to the deep web.
@@fredericchopin7639 u crack me up
Joe McCormick can you explain why
Your general lack of knowledge that its perfectly fine to put it on the internet and your general complete misconception of what the dark web is entirely
@@joemccormick9348 And why do you think so? There are many helpful forums for hackers on the dark web. He wont be able to find unethical hacking courses on youtube so i suggested him to check out the forums on the dark web. whats so wrong about that.
Imagine having this guy as your next door neighbor 😅😅
would be cool, i would ask him for teaching :D
@Nguyen Dang Duy Khang i dont think he would do that
i would only run wires no wifi xD
A distant physical location wouldn't provide safety. He can attack from both the LAN and the WAN.
@@J2897Tutorials And he also might test your locks whilst you're out at work...
Just discovered your channel and I have to say, your content is amazing! Also thank you for this video.
I came here to say the same as Tibor - great stuff, man. Keep up the excellent work!
Hey I know U
Bro u are the guy of linus tech tips!
Lil note (HE DOESNT BLINK!)
ISP's like to implement TR-069 backdoor into things
2:46 I thought he was having a stroke for a second.
Jackal cool to see you here...
Wym?
Yep
Jackaldev i saw you from the lanc vids
Lmfaooo
Thanks for your awsome job mate! It's clearly not rewarded enough!
Hawaiian routers are mostly unsecured, as a large amount of botnets (mostly mirais) use these routers by using a set list of 0days.
Also, thanks for the
Awesome video man, I love your work. Thank you for putting this information out into the world. I can guarantee you will inspiring people to do great things by sparking their curiosity. Again Thank you
You need an online course for this stuff man great channel btw
Awesome stuff Bro, I agree you should make a course on ethical hacking 👍🏼
Thanks for the video! I scanned all my devices at home. Routersploit has only found devices where the 6-9 vulnearbilities (on various ports) couldn't be verified. Is there a way to try to get a better picture whether these devices are really vulnearble or not? Can you group together these unverified exploits and run them individually using RouterSploit?
Update: Never mind. I tinkered with it a bit and got it to work! Pretty powerful tool, I have to say. Many of the payloads might need some fine tuning since they crash the CLI with silly errors such as "unorderable types" when comparing tuples and such. Nothing that couldn't be fixed.
Well if they have the exploits see if you can hack it
Charles Mills Shouldn’t have to, the scanners Routersploit uses is trash.
I want to say that once i was a beginner i learned all from this channel. I wish this channel could reach 1 m subscribe before 2021
teach me your ways
I dont have a port setting in my target options?
Omg. It blinks at 1:20. He may be human after all. Great channel.
Thanks for the vid. I was able to get this running on my Rpi!
i'm getting error when i run this command: python3 -m pip install -r requirements.txt
error: /usr/local/bin/python3: No module named pip
but i've installed it using command : apt-get install python3-pip
so what should i do now to work it?
Would this allow you to attack an IoT camera that allows connections from anywhere. Or would you have to be on the same network to target devices and only works with local IP addresses?
that introduction is one hell of a ride
We shot that and a commercial for a donut store in the same two hour period
Null Byte Oh my god 😂
I managed to get into my own router. My creds weren't vulnerable, but rom0 and another thing like cmd was. I was able to run payloads/commands directly from my computer. My skill level doesn't know what to do with the vulnerabilities I got, but I do know that it could reak havoc on my router.
I have a pau05 and when I search for networks I cant find anything. Suggestions?
Explanation man ♥️
Could you please suggest any setup (router, firewall, etc.) to secure our small company network? thanks
I've been learning these types of things for a while and always wondered is it possible to find out a WiFi BSSID and Channel even if the router is in another country? I can perform the basic DoS on any network im within range for, however my friend who lives in Scotland volunteered that I can pentest his Router, is there anyway of doing so? Sorry, im a newbie to ethical hacking and cyber security
Everybody makes errors, makes more sense to continue the video than to edit it. Great stuff, your way of explanation is super smooth. Would appreciate a video of you creating Persistence USB, without LUK. Thank you!
So you can use router split for your own good to see if your router is good?
Nullbyte please help me out will this also work on someones else router i mean you can het there information or Just your own router 🤷🏻♂️🤷🏻♂️
a question, when setting the ip can it be a public ip instead of a private ip that u put doing the video? because the way you do it you should already be in the wifi you are trying to pwn
do antivirus or malwarebytes detect infection with this?
Good work. Love the tutorial
Great video , keep up the excellent work.
Right away when i heard "Easy python script", I thought.. "No, not simple or easy" haha.. then there are requirements, and commands :P.
I can figure this out, and know there is target audience. I just thought it was a little fun anyway as it also takes a little more knowing things than the average person.
You're awesome! I just discovered your channel... how many wasted minutes on youtube before you! Thank you for your videos
Great video on a very nice tool to play with on your own network.
Nice video! but if that cam was a sample, maybe you can create a dummy info or vulnerability so that we can see the information given on that exploit and how we can check the credentials and logged in. .:)
Yeah… I completely left hanging by what was pwned!
As this isn't open scanning/monitoring wireless networks, I don;t think a AWUS036ACH chipset wireless adapter is required, please confirm?
How does this work against ISP switches and routers? I had a play and I think I got right through to my internet providers main credentials.
I wish you could make an updated video! Great video!
Like a few others have mentioned, the “set port” command was giving me trouble too (on MacOS), but in the list of usable options it displayed it appears maybe routersploit got an update and now the command is set http_port 80 (or whatever port you want).
Awesome vids btw NB, whenever my brain shifts into inquisitive mode during the day I try to come back to pick up another topic I’m unfamiliar with. Thank you for sharing the intel!
It's awesome to see tool made in poland in your video :)) greetings from pl :)
i have this problem
in autopwn
running module......
starting vulnerablity check....
after get this error
TypeError: '>=' not supported between instances of 'tuple' and 'int'
Routersploit version - 3.4.0
please help me please
Hi,
1)Does Routersploit instalation has any malware or executable binaries as part of its payload which inturn can infect the computer on which Routersploit is run ?
2)Can Routersploit payload infect target router and make it vulnerable to further attack if I forgot to factory reset the router after test is run ?
What terminal did you use? Itern is that for mac only what about window can you provide some link on description? correct me if im wrong
i found this 3com officeconnect rce exploitable router and i did it but i dont rly understand what to do next it apparently allows me to send commands from the command line..?
got it finally. thanx much for this tutorial.
What command do ineed i start if i have already downlkaded in termux the routersploit
Hi if I put a clock to monitor the time in the background if someone freezes my IP camera is it accurate to say the date and time stamp on the IP camera would not coincide with the actual clock in the background of the camera footage?
best as always_ bro make video on protocol downgrade attack,,,,,
Love this series.
Quick question I loaded Kali on an Android device. Updated it and upgraded it too. Added python3 plus pip I think. Now after installing sherlock. I get a font error for colorama. Try pip install colorama no joy. Even downlaoded it's github page. Any help would be appericated. Have a nice day.
You......are......amazing bro. You are my teacher.
tyvm for teaching us, started a small project of security with some friends and well Im the only one that doesn`t know all this things...
I like the pics of the cat in the background
I know this video is from along time ago but how do you fix the issue exploit failed could not extract credentials?
Hello null byte team am I again, congratulations
for your good work on youtube, I would like to ask
a video teaching how to capture information on smartphones and laptops on the same wi-fi network as us!
hello,I love your videos,but I'm curious about what classes I should take in order to become a professional pentester. what type of books should I read? please help
I also am curious. This sort of thing has always fascinated me, but I never allowed myself the time to dig into it
@@HeadlampMafia
My suggestion would be to find a company that specialises in penetration testing and ask them what they typically look for when they are hiring people. That will give you a decent idea for what is required and you can go from there.
Awesome man!!! Going to hit 1 lakh subs soon...
pluto boy thank you!
help sir...why my routersploit any notification bellow
TypeError: '>=' not supported between instances of 'tuple' and 'int'
Very good Talk, informative!
This RouterSploit program is cool and all, (and it's definitely good advice to keep your stuff patched), but if it requires you to be on the inside of the network anyway, then the damage is already done. At that point, having your IP cam hijacked is the least of your concerns.
yup, he missed to mention that..
Thanks... spent the night beasting my network looking for issues. None found, which is good. Potentially stupid question time though: are these vulnerabilities only 'real' if the device in question is exposed to the internet / port forwarding to internal? i.e., if a 'bad' device is behind a firewall, it will only pose a threat if someone can actually gain physical access to the network?
matt's debates
Pretty much.... But remember you've got web browsers capable of running JavaScript that you use all day. One clever bit of JS, and your bad devices may suddenly be bots in a massive router botnet.
what commands to scan with nmap inside routersplot like you did ?
amazing work dude!!
Do I have to be already authenticated on a WiFi network for this to work? I set everything up and tried on my home router and it shows could not confirm any vulnerability and could not find any credentials
What app do you use to type in all the URL and stuff?? I mean the app which had Black Background and you Type in Green. Please Help!!!
Just had a doubt can we do this on windows installed kali linux WLA 2 device?
Hey guys I have a little problem with scanning with autopwn, it scans and everything but once it's done it says :Could not find default credentials, I just want to make sure that's normal and if not how can I fix it? Thanks
I would like to see this channel get 1m subscribers very soon.
@Null Byte, Please help me with how you have changed your os to mac osx.
which router and version of router you use ?
Great video kody like always😁 ive been playing with routersploit since last year but recently got some error(python 3) but i guess it will be fixed with a pip upgrade anyways i hope to see more videos like this that are not based on hardware or anything of a kind(tried your wireless attack videos unfortunately my wifi card only supports monitor mode not packet injections)😅 could you do a video on how these attack/exploits are automated, like vpnfilter/botnet ? Keep up the good work😁
Wesley Valeran glad you enjoy them! I'll be trying some basic python exploits soon.
Just to wrap my head around things. It makes sense to do this on your own network that you are connected to. But can you do this to other routers remotely? If you use a public ip address ? Is this possible ? Or do you need to be connected to the router you are trying to exploit ? Any help and advice would be appreciated.
To clarify I’m learning / have consent from others 😂
I think u have to be in the routers network before u can exploit it
What about the Zte zxhn108n 🤔🤔🤔
Hello, I have a term, how can I do it, because I have ipv4 or ipv6 writes because I don't write ip address, help me
The only thing I don't get: you're doing the scan and exploitation on the internal network. How does the vpnfilter malware or anyone malicious access these ports that are only open internally?
If you type in someone's IP address into your browser, you won't see their router's web configuration panel...
If I update my router then, it won't anymore let me set QOS for a range of IPs: I'd have to specify individual IPs.
This is why I reinstalled an earlier version.
Perhaps, the manufacturer decided to do away with the range facility for the sake of performance maybe, I don't know.
If a device is Vulnerable on my network..
Dose that mean you'd have too be on my network too do take advantage of that vulnerability
1:30 I was looking at this cute cat and not listening you. I had to rewatch this part.
if it was the fat angel behind me then I don't blame you
@@NullByteWHT lol
very nice tut thanks ,but what about routers to which we are not connected ?
Do you have to be connected to a network to use routersploit?
What could you if you could access a router's main page??
I tried doing it on my router, but I don't know what one could possibly do with routers settings.(Other than changing the wifi password :)) . Can you shed some light on this topic?
music name "Xtract - Audiotool Day 2016"
How on earth u only have 150k subs
why i'm failed using routersploit for IP Public? only work at local network. any suggest for that?
cmd-use scanners/autopwn is giving me error(dictionary keys changed during iteration). Could you help me with this please..
What is the thing scanner you mentioned on your phone to do a similar nmap scan?
Fing www.fing.io/
Thank you very much for your hard work. We appreciate that.
how do I change routersploit password I forgot mine or its just not working? I had it opened once. using it for personal use
hey i have the router login page credentials for my neighbour's wifi and currently using their wifi only, can u pls make a video to make a backdoor so that even if they change the password i still could break in.
All I get on routersploit is errors what do you do when you put in use scanners/autopwn and it says no module named routersploit module scanners autopwn
thank you so much I love your channel I just tested this out on my own router and I actually got in this is my first real life hack I AM SO EXCITED THANK YOU SO MUCH I LOVE YOU
Thanks you brother i like you presentations !!!
You are amazing super explanation and everything are clear that’s why I follow your channel thankx for information
leon vita thanks for watching! Tell all of your friends about us! 😃
6:09 What command did you use to scan the network for ports? Does the command work on kali Linux? I’m trying it but it’s not working
he used nmap to look for open ports. The prompt is : nmap -p 80,8080,8081,81 /24
did u hackintosh that dell??? or are u just using osx in a virtual machine?
Will it be available for windows powershell
May be Qubes OS review with explanation/cases?
I get this error while trying to install the requirements.txt:
No module named pip
I installed pip, did everything correctly from the previous commands in the video.
Update your package list first by using
$ sudo apt update
Then use the following command to install pip for python3
$ sudo apt install python3-pip
Be sure that python is up to date.
Noob here. Are we saying someone can penetrate our firewall router to reach a port on our printer or other device, then leapfrog back into other devices on our network? Or worse, monitor all network traffic?