The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices.
It consists of various modules that aids penetration testing operations:
- exploits - modules that take advantage of identified vulnerabilities
- creds - modules designed to test credentials against network services
- scanners - modules that check if a target is vulnerable to any exploit
- payloads - modules that are responsible for generating payloads for various architectures and injection points
- generic - modules that perform generic attacks
Required:
- future
- requests
- paramiko
- pysnmp
- pycrypto
Optional:
- bluepy - bluetooth low energy
apt-get install python3-pip
git clone https://www.github.com/threat9/routersploit
cd routersploit
python3 -m pip install -r requirements.txt
python3 rsf.py
Bluetooth Low Energy support:
apt-get install libglib2.0-dev
python3 -m pip install bluepy
python3 rsf.py
sudo apt-get install git python3-pip
git clone https://github.com/threat9/routersploit
cd routersploit
python3 -m pip install -r requirements.txt
python3 rsf.py
Bluetooth Low Enery support:
sudo apt-get install libglib2.0-dev
python3 -m pip install bluepy
python3 rsf.py
sudo add-apt-repository universe
sudo apt-get install git python3-pip
git clone https://www.github.com/threat9/routersploit
cd routersploit
python3 -m pip install setuptools
python3 -m pip install -r requirements.txt
python3 rsf.py
Bluetooth Low Energy support:
apt-get install libglib2.0-dev
python3 -m pip install bluepy
python3 rsf.py
git clone https://www.github.com/threat9/routersploit
cd routersploit
sudo python3 -m pip install -r requirements.txt
python3 rsf.py
git clone https://www.github.com/threat9/routersploit
cd routersploit
docker build -t routersploit .
docker run -it --rm routersploit
Update RouterSploit Framework often. The project is under heavy development and new modules are shipped almost every day.
cd routersploit
git pull
To our surprise people started to fork routersploit not because they were interested in the security of embedded devices but simply because they want to leverage our interactive shell logic and build their own tools using similar concept. All these years they must have said: "There must be a better way!" and they were completely right, the better way is called Riposte.
Riposte allows you to easily wrap your application inside a tailored interactive shell. Common chores regarding building REPLs was factored out and being taken care of so you can really focus on specific domain logic of your application.
The RouterSploit Framework is under a BSD license. Please see LICENSE for more details.