How to check your router for Vulnerabilities using RouterSploit

I am sure you have see the messages from the FBI and NSA about updating the firmware in your router and rebooting it. I would also like to add that you should also change the default administration password as well and disable any remote administration. The last part is up to you.

I also want to know after doing this if my router has any vulnerabilities that I should know about. To do this I am going to use Router Sploit.

I am using Ubuntu 18.04 but you can use Mac OS too, many ways exist to get a VM of Ubuntu to do this so I will let you find that out. this tutorial is just how to get Router Sploit going on your Linux system.

Ubuntu 18.04 & 17.10

Sudo add-apt-repository universe
Sudo apt-get install git python3-pip
git clone https://www.github.com/threat9/routersploit

change directory to /home/routersploit or for kali /root/routerspliot

sudo python3 -m pip install -r requirements.txt

sudo python3 rsf.py


at the ref prompt type in

use scanners/autopwn
set target 192.168.1.1 <- this is the most common gateway but make sure to use yours if different

run

You will now see that either your router has no vulnerabilities or it does. If it does and you want to run an exploit on it to see what it returns (what a bad actor would do). do the following.

in this example rsf returned 
-exploits/cameras/brickcom/users_cgi_cred_disclosure

type at the prompt

use - exploits/cameras/brickcom/users_cgi_cred_disclosure
          ^    ^       ^          ^
          copy and past from the top......

set target 192.168.1.1

check

          if check returns "Target is vulnerable", you confirmed it

now exploit it

type run

now review the output of the exploit

you may not like what you see. but if it's bad, patch your system or upgrade.

Hope this help