It contains scanning and exploit modules and is available for Kali Linux (and macOS or Mac OS X if you want). Modeled after Metasploit, its commands will be familiar to anyone used to the Metasploit framework. RouterSploit is a handy Python program which automates most of the tasks associated with compromising a router. Even if you're a beginner, simply running the Autopwn scanner on RouterSploit will automatically test a range of vulnerabilities against a target IP address, reducing the process of finding a potential exploit to a matter of seconds. You should consider a router as an early and productive target to take on during the stages of an engagement. This allows you to control and route the target's internet experience to wherever or whatever you want or forward ports for remote access. Why would a beginner want to exploit a router? On a local level, if you fully compromise the router, you will have complete access to the network.
While simply trying the default password is the first step towards router exploitation, more advanced frameworks exist even for beginners. Image by nito500/ 123RF Beginner Router Hacking
Most people set up routers and forget about them, failing to change the default setting, update the firmware, or otherwise protect them. By failing to secure your router, you could be signing up to relay traffic for criminal hacking enterprises. In fact, networks of these infected routers and IoT devices are sold as black market proxies for hiding illegal activity like credit card theft, darknet transactions, and DDoS attacks. While the CIA uses VPN connections to hide traffic to and from command-and-control servers, cybercriminals will use these devices to proxy malicious traffic to avoid detection.
RouterSploit, the tool we're working with today, doesn't just compromise routers, it can also go after webcams and other connected devices. Image via Cherry Blossom Quickstart Guide / WikiLeaks / CIA Criminal IoT & Router HackingĪside from the espionage application the CIA focuses on, exploitable routers and IoT devices are commonly targeted because of their routing ability.
Some poor guy is going to get his Cherry Blossomed. Why plant a fancy spying device when you can just turn a home router into one?Ĭherry Blossom is a rootkitting master framework, in which routers are automatically exploited and converted into "flytraps." A flytrap is a router that has been compromised and updated with special firmware that prevents the user from updating or modifying the new firmware.Ĭherry Blossom displaying mission commands to be sent to flytrap devices, including shell code, recon scripts, and exploits. These tools from the NSA and CIA control entire networks of infected routers, transforming them into advanced, on-site wireless espionage devices.