A majority of people do no update their routers or other IOT (Internet of Things) devices on their network, this is where RouterSploit comes in. RouterSploit will search a device for multiple known exploits and vulnerability and if any are given will give you access to these devices. RouterSploit will also check these device credentials and attempt to find if the device is using the default username and password. Updating your device firmware and changing passwords are the easiest and best way to protect your system from hackers, yet many people do not do these steps. also many older IOT devices like IP Cameras or printers might not even be supported anymore and these devices may have vulnerabilities that will never be patched and can compromise your whole network.
RouterSploit is a python script which will scan devices for multiple exploits and vulnerabilities and mainly focuses on embedded devices like IP cameras, routers and printers. You just need to set the target IP address and run the script and RouterSploit will do the rest. You can only check devices that are on your network, meaning you need to be connected to the same network as the device you are trying to hack. You can scan many routers, printers, IP cameras and any other devices that are on your network.
Using the Raspberry Pi to run RouterSploit makes it easy to check networks on the go. You can bring your Raspberry Pi over your friends house and connect into their network and check their network for any vulnerabilities. The Raspberry Pi is so cheap and easy to work with which makes it a great pen-testing tool to have. I will show you how to install RouterSploit on the Raspberry Pi and how to use the basic features of RouterSploit.
To install RouterSploit on the Raspberry Pi
You will need the following:
We’ll be installing the latest version of RouterSploit, which at the time of writing this article was 3.3. I will assume you are connecting to your Raspberry Pi over SSH. If you are working directly on the Raspberry Pi simply open up a terminal window and run the commands from there. I tested this using a Raspberry Pi 3 running Stretch but this should work for older versions as well. I also had the GUI running on my Raspberry Pi which may include some packages pre-installed. For example the lite version of Stretch will not have ‘git‘ installed and you will have to install ‘git‘ before running the ‘git‘ command. Continue Reading