How to Hack a Router with RouterSploit on the Raspberry Pi
A majority of people do no update their routers or other IOT (Internet of Things) devices on their network, this is where RouterSploit comes in. RouterSploit will search a device for multiple known exploits and vulnerability and if any are given will give you access to these devices. RouterSploit will also check these device credentials and attempt to find if the device is using the default username and password. Updating your device firmware and changing passwords are the easiest and best way to protect your system from hackers, yet many people do not do these steps. also many older IOT devices like IP Cameras or printers might not even be supported anymore and these devices may have vulnerabilities that will never be patched and can compromise your whole network.
RouterSploit is a python script which will scan devices for multiple exploits and vulnerabilities and mainly focuses on embedded devices like IP cameras, routers and printers. You just need to set the target IP address and run the script and RouterSploit will do the rest. You can only check devices that are on your network, meaning you need to be connected to the same network as the device you are trying to hack. You can scan many routers, printers, IP cameras and any other devices that are on your network.
Using the Raspberry Pi to run RouterSploit makes it easy to check networks on the go. You can bring your Raspberry Pi over your friends house and connect into their network and check their network for any vulnerabilities. The Raspberry Pi is so cheap and easy to work with which makes it a great pen-testing tool to have. I will show you how to install RouterSploit on the Raspberry Pi and how to use the basic features of RouterSploit.
To install RouterSploit on the Raspberry Pi
You will need the following:
We’ll be installing the latest version of RouterSploit, which at the time of writing this article was 3.3. I will assume you are connecting to your Raspberry Pi over SSH. If you are working directly on the Raspberry Pi simply open up a terminal window and run the commands from there. I tested this using a Raspberry Pi 3 running Stretch but this should work for older versions as well. I also had the GUI running on my Raspberry Pi which may include some packages pre-installed. For example the lite version of Stretch will not have ‘git‘ installed and you will have to install ‘git‘ before running the ‘git‘ command.
Lets get started. Open up a terminal or connect to your Raspberry Pi and run the following commands to make sure your Raspberry Pi is up to date before installing new software:
Install ‘pip’ for Python3 which will be used to install Python packages
sudoapt-get install python3-pip
Now we can download RouterSploit from Github using the ‘git’ command:
sudo git clone https://www.github.com/threat9/routersploit
Change into the ‘routersploit’ directory that was just created and install RouterSploit using the following command:
sudo pip3 install -r requirements.txt
That’s basically it, to run RouterSploit use the following command:
sudo python3 rsf.py
I had some issues when I first tried running RouterSploit. Here are two issues I experienced and what commands to run to fix the issues:
I got the following error when I first ran RouterSploit:
Traceback (most recent call last):
File "rsf.py", line 10, in <module>
from routersploit.interpreter import RoutersploitInterpreter
File "/home/pi/routersploit/routersploit/interpreter.py", line 10, in <module>
from future.builtins import input
ImportError: No module named 'future'
To fix this error we will need to install ‘future‘. When we installed RouterSploit using the command above it should have installed ‘future‘, but for some reason it did not install for me. Run the following command to install ‘future‘:
sudo pip3 install future
I got the following errors when trying to scan a device for vulnurbilities:
*] Starting vulnerablity check...
Traceback (most recent call last):
File "/home/pi/routersploit/routersploit/core/exploit/utils.py", line 80, in import_exploit
module = importlib.import_module(path)
File "/usr/lib/python3.5/importlib/__init__.py", line 126, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "<frozen importlib._bootstrap>", line 986, in _gcd_import
File "<frozen importlib._bootstrap>", line 969, in _find_and_load
File "<frozen importlib._bootstrap>", line 958, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 673, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 673, in exec_module
File "<frozen importlib._bootstrap>", line 222, in _call_with_frames_removed
File "/home/pi/routersploit/routersploit/modules/exploits/routers/thomson/twg849_info_disclosure.py", line 2, in <module>
from routersploit.core.snmp.snmp_client import SNMPClient
File "/home/pi/routersploit/routersploit/core/snmp/snmp_client.py", line 1, in <module>
from pysnmp.entity.rfc3413.oneliner import cmdgen
File "/usr/local/lib/python3.5/dist-packages/pysnmp/entity/rfc3413/oneliner/cmdgen.py", line 10, in <module>
from pysnmp.hlapi.asyncore import *
File "/usr/local/lib/python3.5/dist-packages/pysnmp/hlapi/__init__.py", line 7, in <module>
from pysnmp.proto.rfc1902 import *
File "/usr/local/lib/python3.5/dist-packages/pysnmp/proto/rfc1902.py", line 9, in <module>
from pysnmp.proto import rfc1155, error
File "/usr/local/lib/python3.5/dist-packages/pysnmp/proto/rfc1155.py", line 50, in <module>
File "/usr/local/lib/python3.5/dist-packages/pysnmp/proto/rfc1155.py", line 55, in NetworkAddress
def clone(self, value=univ.noValue, **kwargs):
AttributeError: module 'pyasn1.type.univ' has no attribute 'noValue'
I got this error because my ‘pyasn1‘ module was outdated. To check the current version of ‘pyasn1‘, run the following command:
sudo pip3 search pyasn1
This was my output. You can see there is a new version available.
pyasn1 (0.4.4) - ASN.1 types and codecs
To update my ‘pyasn1‘ module I ran the following command:
sudo pip3 install pyasn1 -U
Hopefully everything is working fine and RouterSploit runs with no errors. You should see the following if RouterSploit started with no errors
Okay, now lets check our Router for vulnerabilities. First we must select the autopwn scanner which will scan all know vulnerabilities and exploits using RouterSploit. Type the following command into RouterSploit to run the scanner:
Now lets set our target. I will be using my own router’s IP address which is 192.168.1.1:
set target 192.168.1.1
To start the scanner simply type in ‘run‘. RouterSploit will go through all the exploits and vulnerabilities and check the router. If it finds anything it will report at the end of the report. You’ll also see a green ‘+‘ as the results are scrolling. Type ‘run‘ to start the scan:
This is basically the basics of RouterSploit. You can scan your network if you have nmap installed on your Raspberry Pi to check what devices are connected to your network and set these IP addresses as targets and scan them as well.