How to exploit routers with Routersploit
In this hacking tutorial, we will learn how to use the most popular hacking tool for hacking routers RouterSploit, a router hacking tool for automating the process of router exploitation. This tool is modeled upon Metasploit. You will find many similarities; however, routersploit specializes in router hacking.
DISCLAIMER: This is an educational article meant to aware of and educates readers about hackers. Do not use this tool to target other people. Use this article only for educational purposes.
Table of contents
- The Basics Behind Router Hacking and Exploitation
- What Is RouterSploit?
- Step 1: Installing routersploit
- Step 2: Running RouterSploit
- Step 3: Scanning a Target
- Step 4: Selecting & Configuring the Router Exploit
- Step 5: Running the exploit
- Warnings
- Why do hackers hack Routers
- How can I be secure from the router hacks?
- Commonly asked questions about hacking routers with Routersploit
The Basics Behind Router Hacking and Exploitation
Router hacking works by hacking the Wi-Fi security of a router and then bypassing the administrative login page of the router.
Once you get access to the admin settings, you can manipulate the settings in such a way that you can leave the router exposed and vulnerable to backdoors. You can even make your own backdoors. Depending on what the hackers want to do, they can spy on the user and any of the connected devices on the router. He can make phishing attacks to get the credentials of the victim. He can also inject malware into the victim’s system and browser to exploit the connected devices. They can also use your router to hide their other illegal hacks by routing the traffic via your router.
What Is RouterSploit?
RouterSploit is a handy hacking tool targeted at routers. It is made in Python. By using Python, the hacking tool has automated most of the tasks related to hacking and compromising routers. As mentioned previously it is Modeled after Metasploit and thus can be easily be used by people familiar with Metasploit
The autopen method is the most used one cause it automatically checks for all the vulnerabilities
Requirements for routersploit
- Python
- Internet connection
- Command-line knowledge
- Installing RouterSploit on Kali Linux
Step 1: Installing routersploit
To install routersploit on Kali Linux, open a terminal and type the following commands in the same order as below:
git clone https://github.com/threat9/routersploit
cd routersploit
python3 -m pip install -r requirements.txt
python3 rsf.py
Step 2: Running RouterSploit
For running the routersploit, you first open the routersploit folder. When you are in the routersploit directory run the following command to start the script.
python3 rsf.py
The Router Sploit framework will now start, and it will be as shown below. Depending on when you are reading this article, the number of exploits and tools might be different.
Just like Metasploit, it has a command-line interface that will help you run this tool on any device with low ram and CPU power.
If you want to see all the possible exploits then just type the following
show all
As you can see below, there are many exploits at the time of this writing and even more.
Now let’s begin by scanning the router and seeing if it has any vulnerabilities. This is a very noisy scan(no stealth) so be advised.
Step 3: Scanning a Target
To scan the router against all the possible exploits, we will be using the Autopwn scanner module to find any vulnerabilities that affect our target router. But first, you need to find the router IP of the target router. You can find the IP address of the router by using
You can also use tools like Nmap and angry IP scanner to find the IP of the router you want to hack. By default, many routers use 192.168. 0.1 or 192.168.1.1. But this can change depending on the router brand and how it was configured.
After starting RouterSploit, you can enter the Autopwn module by typing the following commands.
use scanners/auto pawn
show options
I know it feels very similar to Metasploit, and it is similar. We have to type used to use the exploits and modules, show options to show the variables and parameters you can control and modify while hacking routers. Set command to set any of the parameters you want to set from the show options command, and finally, run to execute the router hack module. To exit type exit isn’t it simple?
In our case, we will set the target to the IP address of the router to 192.168.0.1. Type “set target” and then the IP address of the router, then press enter. Finally, type run to begin the scan.
rsf (AutoPwn) > set target 192.168.0.1
rsf (AutoPwn) > run
Step 4: Selecting & Configuring the Router Exploit
After the scan is complete, we will see all the vulnerabilities which affect the target router. Luckily in my case, the target is not affected. But if it was then, it will show that the device is vulnerable.
Let’s start with a simple exploit. Let’s use the shellshock exploit; we’ll enter the following commands.
use exploits/generic/shellshock
show options
A list of the variables will come up, and you’ll be able to set your target by typing:
set target <target router IP>
This will set the target and use the check command to confirm that the router is vulnerable to the exploit.
Step 5: Running the exploit
When the target is vulnerable. You can execute the payload by typing the run.
If the exploit is successful, you will be greeted with internal configuration settings and passwords, and usernames, which can be used to hack and control the router.
These exploits can leak the login name and password of users, default passwords(like admin), and device serial number, etc.,
Once you know about the vulnerability, you can use it with other modules as well.
For, e.g., if you want to brute force and hack the router username and password then type the following commands:
use creds/http_basic_bruteforce
rsf (HTTP Basic Bruteforce) > show options
set target 192.168.0.2
run
Warnings
This article is meant for educational purposes and should only be used to get you familiar with running RouterSploit to hack and compromise routers. You can experiment with other modules since there are many. Press the tab key twice to let you complete all the list of commands and exploits possible. See the image below
Although Autopwn is a great feature, it tries a lot of different exploits very fast and thus can ring a lot of alarm bells on the network. The preferred way is to gather some info about the router via a stealth scan say with Nmap for example. Then use this information to select the exploit which might work on the target.
While exploiting routers might make you feel like a great hacker, remember that doing so on someone else’s router without permission is a federal crime. Unless you want to see the prison, I would not recommend it.
Why do hackers hack Routers
RouterSploit doesn’t just compromise routers; it can even go after webcams and other connected IoT devices. From hacking routers to hacking IoT devices hackers can not only take over all your networks and devices but also can make your guinea pigs for their hacks.
What do you mean by that?
Hackers will router their traffic via your routers and devices while doing some nefarious hacks, which the CIA and FBI might track down back to you. In fact, networks of these infected routers and IoT devices are sold as the black market for quite a lot. Proxies for hiding illegal activity like credit card theft, darknet transactions, and DDoS attacks, etc. are provided by such hacked routers. By not securing your router, you could be signing up to support criminal hacking enterprises by being the VPN and proxies for such hackers.
How can I be secure from the router hacks?
Most people set up routers once in their life and forget about them completely. They fail to change the default settings of the routers. Even educated network administrators tend to do this due to laziness.
I will write an in-depth article on how to protect your network from hackers pretty soon.
But you can do the following in the short term
- Update router firmware
- Disable WPS pin
- Enable wpa2 security
- Choose strong passwords
- Stop SSID broadcast
- Use mac filters
Commonly asked questions about hacking routers with Routersploit
Q.1 Is this hacking tool routersploit legal?
No. It is not meant for hacking people. It is a tool meant for white hat pentesting only and should be used with the same intent.
Q.2 It’s not working what do I do?
Make sure you do not make any typing mistakes while typing the commands. Make sure you are connected to the network when you perform the router hack.
Q.3 Are all routers vulnerable to routersploit router password hack?
Yes if they have a default username and password, they are vulnerable and can be hacked with routersploit. Hacking routers with the default password is the easiest possible hack. Even a caveman could do it.
Q.4 I want to hack my neighbor/girlfriend’s wifi router’s password how do I do it?
We do not support black hat hacking, and we do not reply and respond to such requests. This article is meant only for educational purposes. Please use it with the same intent.
Q.5 Can I use kali Linux on my phone to use this hack?
Yes, you can use the termux app, or you can use kali Linux nethunter to hack routers’ passwords with routersploit.
You may also like
Investigating cybercrime with OSINT
Tools and Techniques for OSINT
