Routersploit

best365网页登录不上去 📅 2026-02-21 10:43:27 ✍️ admin 👁️ 8636 👍 364
Routersploit

简介

Routersploit是一款集成了很多路由器已存在漏洞的工具,用python编写。可以快速扫描路由器存在的漏洞且可以快速利用漏洞攻击路由器。

其实和MSF(metasploit framework)相似,用法也基本一样。

kali安装利用 apt-get 安装:

代码语言:javascript复制apt-get update

apt-get install routersploit

pip3 install routersploitBash

利用 git 安装:

代码语言:javascript复制git clone https://www.github.com/threat9/routersploit

cd routersploit

python3 -m pip install -r requirements.txt

python3 rsf.pyBash

本人用第一种方式安装,方便快捷。

详解模块功能介绍模块名

功能

exploits

模块功能主要为识别到目标设备安全漏洞之后,对漏洞进行利用,实现提权等目的

creds

模块功能主要针对网络服务的登录认证口令进行检测

scanners

模块功能主要为检查目标设备是否存在可利用的安全漏洞

payloads

负责为各种体系结构和注入点生成有效负载的模块

generic

执行通用攻击的模块

命令介绍show 模块名

显示该模块下存在的详细子模块列表(只能是上诉几个模块名)

show option

显示参数设置

use 模块名

使用该模块

set 参数名 值

给参数设置值

run

运行模块

search 查询内容

模糊查询模块

scanners模块扫描路由器是否存在已知漏洞。

代码语言:javascript复制┌──(root㉿kali)-[~/Desktop]

└─# routersploit #进入routersploit 命令控制台

______ _ _____ _ _ _

| ___ \ | | / ___| | | (_) |

| |_/ /___ _ _| |_ ___ _ __\ `--. _ __ | | ___ _| |_

| // _ \| | | | __/ _ \ '__|`--. \ '_ \| |/ _ \| | __|

| |\ \ (_) | |_| | || __/ | /\__/ / |_) | | (_) | | |_

\_| \_\___/ \__,_|\__\___|_| \____/| .__/|_|\___/|_|\__|

| |

Exploitation Framework for |_| by Threat9

Embedded Devices

Codename : I Knew You Were Trouble

Version : 3.4.1

Homepage : https://www.threat9.com - @threatnine

Join Slack : https://www.threat9.com/slack

Join Threat9 Beta Program - https://www.threat9.com

Exploits: 132 Scanners: 4 Creds: 171 Generic: 4 Payloads: 32 Encoders: 4

rsf > use scanners/ #使用scanners模块,按 tab 键补全,再按可以查看子模块列表

scanners/autopwn scanners/cameras/ scanners/misc/ scanners/routers/

rsf > use scanners/autopwn #使用scanners模块下的autopwn模块,autopwn是一个自动扫描模块

rsf (AutoPwn) > show options #查看模块参数设置,发现需要设置target参数

Target options:

Name Current settings Description

---- ---------------- -----------

target Target IPv4 or IPv6 address

Module options:

Name Current settings Description

---- ---------------- -----------

vendor any Vendor concerned (default: any)

http_use true Check HTTP[s] service: true/false

http_ssl false HTTPS enabled: true/false

ftp_use true Check FTP[s] service: true/false

ftp_ssl false FTPS enabled: true/false

ssh_use true Check SSH service: true/false

telnet_use true Check Telnet service: true/false

snmp_use true Check SNMP service: true/false

threads 8 Number of threads

rsf (AutoPwn) > set target 192.168.1.1 #设置target参数为路由器地址192.168.1.1,可以使用IP命令查看

[+] target => 192.168.1.1

rsf (AutoPwn) > run #运行模块

[*] Running module scanners/autopwn...

[*] 192.168.1.1 Starting vulnerablity check...

[-] 192.168.1.1:80 http exploits/generic/heartbleed is not vulnerable

[*] 192.168.1.1:80 http exploits/routers/shuttle/915wm_dns_change Could not be verified

[-] 192.168.1.1:80 http exploits/routers/huawei/hg530_hg520b_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/bhu/bhu_urouter_rce is not vulnerable

[*] 192.168.1.1:80 http exploits/routers/billion/billion_5200w_rce Could not be verified

[-] 192.168.1.1:80 http exploits/routers/huawei/e5331_mifi_info_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/huawei/hg866_password_change is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/billion/billion_7700nr4_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/ubiquiti/airos_6_x is not vulnerable

[-] 192.168.1.1:21 ftp exploits/routers/technicolor/tg784_authbypass is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/technicolor/tc7200_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/generic/shellshock is not vulnerable

[*] 192.168.1.1:80 http exploits/routers/asus/asuswrt_lan_rce Could not be verified

[-] 192.168.1.1:22 ssh exploits/generic/ssh_auth_keys is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/asus/rt_n16_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/technicolor/tc7200_password_disclosure_v2 is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/technicolor/dwg855_authbypass is not vulnerable

[*] 192.168.1.1:23 custom/tcp exploits/routers/cisco/catalyst_2960_rocem Could not be verified

[-] 192.168.1.1:80 http exploits/routers/netsys/multi_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/cisco/dpc2420_info_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/cisco/firepower_management60_path_traversal is not vulnerable

[*] 192.168.1.1:80 http exploits/routers/cisco/secure_acs_bypass Could not be verified

[-] 192.168.1.1:80 http exploits/routers/cisco/unified_multi_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/cisco/firepower_management60_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/linksys/wrt100_110_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/linksys/smartwifi_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/cisco/ucs_manager_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/linksys/1500_2500_rce is not vulnerable

[*] 192.168.1.1:80 http exploits/routers/3com/officeconnect_rce Could not be verified

[-] 192.168.1.1:80 http exploits/routers/linksys/eseries_themoon_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/linksys/wap54gv3_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/3com/imc_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/3com/ap8760_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/comtrend/ct_5361t_password_disclosure is not vulnerable

[*] 192.168.1.1:80 http exploits/routers/netgear/dgn2200_dnslookup_cgi_rce Could not be verified

[-] 192.168.1.1:80 http exploits/routers/netgear/n300_auth_bypass is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/netgear/multi_password_disclosure-2017-5521 is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/3com/officeconnect_info_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/netgear/wnr500_612v3_jnr1010_2010_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/3com/imc_info_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/netgear/jnr1010_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/netgear/prosafe_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/netgear/dgn2200_ping_cgi_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/netgear/multi_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/netgear/r7000_r6400_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/tplink/wdr740nd_wdr740n_backdoor is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/tplink/wdr740nd_wdr740n_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/tplink/archer_c2_c20i_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/ipfire/ipfire_shellshock is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/tplink/wdr842nd_wdr842n_configure_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/ipfire/ipfire_proxy_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/ipfire/ipfire_oinkcode_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dgs_1510_add_user is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dir_300_600_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dsl_2750b_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dsp_w110_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dwl_3200ap_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dir_850l_creds_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dcs_930l_auth_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dsl_2750b_info_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dsl_2730_2750_path_traversal is not vulnerable

[*] 192.168.1.1:80 http exploits/routers/dlink/dsl_2640b_dns_change Could not be verified

[-] 192.168.1.1:80 http exploits/routers/dlink/dir_300_320_600_615_info_disclosure is not vulnerable

[*] 192.168.1.1:1900 custom/udp exploits/routers/dlink/dir_815_850l_rce Could not be verified

[-] 192.168.1.1:80 http exploits/routers/dlink/dvg_n5402sp_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dir_300_320_615_auth_bypass is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dir_645_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/multi_hedwig_cgi_exec is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dwr_932_info_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dns_320l_327l_rce is not vulnerable

[*] 192.168.1.1:80 http exploits/routers/dlink/dsl_2740r_dns_change Could not be verified

[-] 192.168.1.1:80 http exploits/routers/dlink/dir_645_815_rce is not vulnerable

[*] 192.168.1.1:80 http exploits/routers/dlink/dsl_2730b_2780b_526b_dns_change Could not be verified

[-] 192.168.1.1:80 http exploits/routers/dlink/multi_hnap_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dir_8xx_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/dlink/dir_825_path_traversal is not vulnerable

[-] 192.168.1.1:22 ssh exploits/routers/mikrotik/routeros_jailbreak is not vulnerable

[-] 192.168.1.1:8291 custom/tcp exploits/routers/mikrotik/winbox_auth_bypass_creds_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/belkin/g_plus_info_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/belkin/g_n150_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/belkin/auth_bypass is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/belkin/play_max_prce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/belkin/n750_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/belkin/n150_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/zyxel/d1000_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/zyxel/p660hn_t_v1_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/zyxel/p660hn_t_v2_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/zyxel/d1000_wifi_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/zyxel/zywall_usg_extract_hashes is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/multi/rom0 is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/multi/misfortune_cookie is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/cisco/ios_http_authorization_bypass is not vulnerable

[-] 192.168.1.1:32764 custom/tcp exploits/routers/multi/tcp_32764_info_disclosure is not vulnerable

[-] 192.168.1.1:32764 custom/tcp exploits/routers/multi/tcp_32764_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/2wire/gateway_auth_bypass is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/2wire/4011g_5012nv_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/multi/gpon_home_gateway_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/thomson/twg850_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/asmax/ar_804_gu_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/asmax/ar_1004g_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/zte/f460_f660_backdoor is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/zte/zxhn_h108n_wifi_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/zte/zxv10_rce is not vulnerable

[-] 192.168.1.1:22 ssh exploits/routers/fortinet/fortigate_os_backdoor is not vulnerable

[-] 192.168.1.1:80 http exploits/routers/movistar/adsl_router_bhs_rta_path_traversal is not vulnerable

[-] 192.168.1.1:23 telnet exploits/cameras/grandstream/gxv3611hd_ip_camera_sqli is not vulnerable

[-] 192.168.1.1:23 telnet exploits/cameras/grandstream/gxv3611hd_ip_camera_backdoor is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/siemens/cvms2025_credentials_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/avigilon/videoiq_camera_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/cisco/video_surv_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/mvpower/dvr_jaws_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/xiongmai/uc_httpd_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/honeywell/hicc_1100pt_password_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/brickcom/corp_network_cameras_conf_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/brickcom/users_cgi_creds_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/dlink/dcs_930l_932l_auth_bypass is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/multi/P2P_wificam_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/multi/jvc_vanderbilt_honeywell_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/multi/P2P_wificam_credential_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/multi/dvr_creds_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/multi/netwave_ip_camera_information_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/cameras/jovision/jovision_credentials_disclosure is not vulnerable

[-] 192.168.1.1:80 http exploits/misc/asus/b1m_projector_rce is not vulnerable

[-] 192.168.1.1:80 http exploits/misc/miele/pg8528_path_traversal is not vulnerable

[-] 192.168.1.1:80 http exploits/misc/wepresent/wipg1000_rce is not vulnerable

[-] 192.168.1.1:43690 custom/udp exploits/routers/huawei/hg520_info_disclosure is not vulnerable

[-] 192.168.1.1:53413 custom/udp exploits/routers/netcore/udp_53413_rce is not vulnerable

[-] 192.168.1.1:69 custom/udp exploits/routers/cisco/ucm_info_disclosure is not vulnerable

[-] 192.168.1.1:1900 custom/udp exploits/routers/dlink/dir_300_645_815_upnp_rce is not vulnerable

[-] 192.168.1.1:39889 custom/udp exploits/routers/dlink/dwr_932b_backdoor is not vulnerable

[-] 192.168.1.1:22 snmp exploits/routers/thomson/twg849_info_disclosure is not vulnerable

[-] 192.168.1.1:9999 custom/udp exploits/routers/asus/infosvr_backdoor_rce is not vulnerable

[*] Elapsed time: 40.6700 seconds

[*] 192.168.1.1 Starting default credentials check...

[-] 192.168.1.1:22 ssh creds/generic/ssh_default is not vulnerable

[-] 192.168.1.1:80 http creds/routers/pfsense/webinterface_http_form_default_creds is not vulnerable

[-] 192.168.1.1:21 ftp creds/generic/ftp_default is not vulnerable

[-] 192.168.1.1:23 telnet creds/generic/telnet_default is not vulnerable

[-] 192.168.1.1:80 http creds/generic/http_basic_digest_default is not vulnerable

[-] 192.168.1.1:80 http creds/cameras/axis/webinterface_http_auth_default_creds is not vulnerable

[-] 192.168.1.1:80 http creds/cameras/acti/webinterface_http_form_default_creds is not vulnerable

[-] 192.168.1.1:80 http creds/cameras/basler/webinterface_http_form_default_creds is not vulnerable

[-] 192.168.1.1:80 http creds/cameras/canon/webinterface_http_auth_default_creds is not vulnerable

[-] 192.168.1.1:80 http creds/routers/asmax/webinterface_http_auth_default_creds is not vulnerable

[-] 192.168.1.1:80 http creds/cameras/brickcom/webinterface_http_auth_default_creds is not vulnerable

[*] Elapsed time: 0.0900 seconds

[*] 192.168.1.1 Could not verify exploitability:

- 192.168.1.1:80 http exploits/routers/shuttle/915wm_dns_change

- 192.168.1.1:80 http exploits/routers/billion/billion_5200w_rce

- 192.168.1.1:80 http exploits/routers/asus/asuswrt_lan_rce

- 192.168.1.1:23 custom/tcp exploits/routers/cisco/catalyst_2960_rocem

- 192.168.1.1:80 http exploits/routers/cisco/secure_acs_bypass

- 192.168.1.1:80 http exploits/routers/3com/officeconnect_rce

- 192.168.1.1:80 http exploits/routers/netgear/dgn2200_dnslookup_cgi_rce

- 192.168.1.1:80 http exploits/routers/dlink/dsl_2640b_dns_change

- 192.168.1.1:1900 custom/udp exploits/routers/dlink/dir_815_850l_rce

- 192.168.1.1:80 http exploits/routers/dlink/dsl_2740r_dns_change

- 192.168.1.1:80 http exploits/routers/dlink/dsl_2730b_2780b_526b_dns_change

[-] 192.168.1.1 Could not confirm any vulnerablity

[-] 192.168.1.1 Could not find default credentials

rsf (AutoPwn) > #运行结束,可以看到输出很多信息,[+]存在漏洞[-]漏洞不存在[*]无法确定Bash

[+]

存在漏洞

[-]

漏洞不存在

[*]

无法确定

exploits模块检测 scanners 扫描到的漏洞,是否能利用。

代码语言:javascript复制┌──(root㉿kali)-[~/Desktop]

└─# routersploit

______ _ _____ _ _ _

| ___ \ | | / ___| | | (_) |

| |_/ /___ _ _| |_ ___ _ __\ `--. _ __ | | ___ _| |_

| // _ \| | | | __/ _ \ '__|`--. \ '_ \| |/ _ \| | __|

| |\ \ (_) | |_| | || __/ | /\__/ / |_) | | (_) | | |_

\_| \_\___/ \__,_|\__\___|_| \____/| .__/|_|\___/|_|\__|

| |

Exploitation Framework for |_| by Threat9

Embedded Devices

Codename : I Knew You Were Trouble

Version : 3.4.1

Homepage : https://www.threat9.com - @threatnine

Join Slack : https://www.threat9.com/slack

Join Threat9 Beta Program - https://www.threat9.com

Exploits: 132 Scanners: 4 Creds: 171 Generic: 4 Payloads: 32 Encoders: 4

rsf > show exploits #显示exploits模块exp列表

exploits/cameras/grandstream/gxv3611hd_ip_camera_sqli

exploits/cameras/grandstream/gxv3611hd_ip_camera_backdoor

exploits/cameras/siemens/cvms2025_credentials_disclosure

exploits/cameras/avigilon/videoiq_camera_path_traversal

exploits/cameras/cisco/video_surv_path_traversal

exploits/cameras/mvpower/dvr_jaws_rce

exploits/cameras/xiongmai/uc_httpd_path_traversal

exploits/cameras/honeywell/hicc_1100pt_password_disclosure

exploits/cameras/brickcom/corp_network_cameras_conf_disclosure

exploits/cameras/brickcom/users_cgi_creds_disclosure

exploits/cameras/dlink/dcs_930l_932l_auth_bypass

exploits/cameras/multi/P2P_wificam_rce

exploits/cameras/multi/jvc_vanderbilt_honeywell_path_traversal

exploits/cameras/multi/P2P_wificam_credential_disclosure

exploits/cameras/multi/dvr_creds_disclosure

exploits/cameras/multi/netwave_ip_camera_information_disclosure

exploits/cameras/jovision/jovision_credentials_disclosure

exploits/routers/huawei/hg866_password_change

exploits/routers/huawei/e5331_mifi_info_disclosure

exploits/routers/huawei/hg520_info_disclosure

exploits/routers/huawei/hg530_hg520b_password_disclosure

exploits/routers/bhu/bhu_urouter_rce

exploits/routers/shuttle/915wm_dns_change

exploits/routers/ubiquiti/airos_6_x

exploits/routers/netsys/multi_rce

exploits/routers/billion/billion_5200w_rce

exploits/routers/billion/billion_7700nr4_password_disclosure

exploits/routers/technicolor/tc7200_password_disclosure_v2

exploits/routers/technicolor/tc7200_password_disclosure

exploits/routers/technicolor/dwg855_authbypass

exploits/routers/technicolor/tg784_authbypass

exploits/routers/asus/rt_n16_password_disclosure

exploits/routers/asus/infosvr_backdoor_rce

exploits/routers/asus/asuswrt_lan_rce

exploits/routers/netcore/udp_53413_rce

exploits/routers/cisco/ucm_info_disclosure

exploits/routers/cisco/ucs_manager_rce

exploits/routers/cisco/unified_multi_path_traversal

exploits/routers/cisco/catalyst_2960_rocem

exploits/routers/cisco/firepower_management60_path_traversal

exploits/routers/cisco/dpc2420_info_disclosure

exploits/routers/cisco/ios_http_authorization_bypass

exploits/routers/cisco/secure_acs_bypass

exploits/routers/cisco/firepower_management60_rce

exploits/routers/linksys/1500_2500_rce

exploits/routers/linksys/wrt100_110_rce

exploits/routers/linksys/smartwifi_password_disclosure

exploits/routers/linksys/wap54gv3_rce

exploits/routers/linksys/eseries_themoon_rce

exploits/routers/3com/officeconnect_rce

exploits/routers/3com/imc_path_traversal

exploits/routers/3com/officeconnect_info_disclosure

exploits/routers/3com/imc_info_disclosure

exploits/routers/3com/ap8760_password_disclosure

exploits/routers/comtrend/ct_5361t_password_disclosure

exploits/routers/netgear/dgn2200_dnslookup_cgi_rce

exploits/routers/netgear/n300_auth_bypass

exploits/routers/netgear/multi_password_disclosure-2017-5521

exploits/routers/netgear/multi_rce

exploits/routers/netgear/wnr500_612v3_jnr1010_2010_path_traversal

exploits/routers/netgear/jnr1010_path_traversal

exploits/routers/netgear/prosafe_rce

exploits/routers/netgear/dgn2200_ping_cgi_rce

exploits/routers/netgear/r7000_r6400_rce

exploits/routers/tplink/wdr740nd_wdr740n_backdoor

exploits/routers/tplink/wdr842nd_wdr842n_configure_disclosure

exploits/routers/tplink/archer_c2_c20i_rce

exploits/routers/tplink/wdr740nd_wdr740n_path_traversal

exploits/routers/ipfire/ipfire_oinkcode_rce

exploits/routers/ipfire/ipfire_shellshock

exploits/routers/ipfire/ipfire_proxy_rce

exploits/routers/dlink/dir_300_645_815_upnp_rce

exploits/routers/dlink/dsl_2750b_rce

exploits/routers/dlink/dgs_1510_add_user

exploits/routers/dlink/dir_300_600_rce

exploits/routers/dlink/dsp_w110_rce

exploits/routers/dlink/dir_850l_creds_disclosure

exploits/routers/dlink/dwl_3200ap_password_disclosure

exploits/routers/dlink/dcs_930l_auth_rce

exploits/routers/dlink/dsl_2750b_info_disclosure

exploits/routers/dlink/dsl_2730_2750_path_traversal

exploits/routers/dlink/dir_300_320_600_615_info_disclosure

exploits/routers/dlink/dsl_2640b_dns_change

exploits/routers/dlink/dir_645_password_disclosure

exploits/routers/dlink/dir_815_850l_rce

exploits/routers/dlink/dvg_n5402sp_path_traversal

exploits/routers/dlink/dir_300_320_615_auth_bypass

exploits/routers/dlink/dwr_932_info_disclosure

exploits/routers/dlink/multi_hedwig_cgi_exec

exploits/routers/dlink/dns_320l_327l_rce

exploits/routers/dlink/dwr_932b_backdoor

exploits/routers/dlink/dsl_2740r_dns_change

exploits/routers/dlink/dir_645_815_rce

exploits/routers/dlink/dsl_2730b_2780b_526b_dns_change

exploits/routers/dlink/multi_hnap_rce

exploits/routers/dlink/dir_8xx_password_disclosure

exploits/routers/dlink/dir_825_path_traversal

exploits/routers/mikrotik/routeros_jailbreak

exploits/routers/mikrotik/winbox_auth_bypass_creds_disclosure

exploits/routers/belkin/g_plus_info_disclosure

exploits/routers/belkin/g_n150_password_disclosure

exploits/routers/belkin/auth_bypass

exploits/routers/belkin/play_max_prce

exploits/routers/belkin/n750_rce

exploits/routers/belkin/n150_path_traversal

exploits/routers/zyxel/d1000_rce

exploits/routers/zyxel/p660hn_t_v1_rce

exploits/routers/zyxel/p660hn_t_v2_rce

exploits/routers/zyxel/d1000_wifi_password_disclosure

exploits/routers/zyxel/zywall_usg_extract_hashes

exploits/routers/multi/rom0

exploits/routers/multi/misfortune_cookie

exploits/routers/multi/gpon_home_gateway_rce

exploits/routers/multi/tcp_32764_info_disclosure

exploits/routers/multi/tcp_32764_rce

exploits/routers/2wire/gateway_auth_bypass

exploits/routers/2wire/4011g_5012nv_path_traversal

exploits/routers/thomson/twg849_info_disclosure

exploits/routers/thomson/twg850_password_disclosure

exploits/routers/asmax/ar_804_gu_rce

exploits/routers/asmax/ar_1004g_password_disclosure

exploits/routers/zte/f460_f660_backdoor

exploits/routers/zte/zxhn_h108n_wifi_password_disclosure

exploits/routers/zte/zxv10_rce

exploits/routers/fortinet/fortigate_os_backdoor

exploits/routers/movistar/adsl_router_bhs_rta_path_traversal

exploits/generic/shellshock

exploits/generic/heartbleed

exploits/generic/ssh_auth_keys

exploits/misc/asus/b1m_projector_rce

exploits/misc/miele/pg8528_path_traversal

exploits/misc/wepresent/wipg1000_rce

rsf > use exploits/misc/wepresent/wipg1000_rce #使用名为wipg1000_rce的exp

rsf (WePresent WiPG-1000 RCE) > show options #查看参数列表,有ssl、target、port三个需要设置,其中ssl和port有默认值

Target options:

Name Current settings Description

---- ---------------- -----------

ssl false SSL enabled: true/false

target Target IPv4 or IPv6 address

port 80 Target HTTP port

Module options:

Name Current settings Description

---- ---------------- -----------

verbosity true Verbosity enabled: true/false

rsf (WePresent WiPG-1000 RCE) > set target 192.168.1.1 #设置target为192.168.1.1

[+] target => 192.168.1.1

rsf (WePresent WiPG-1000 RCE) > show options #target设置成功

Target options:

Name Current settings Description

---- ---------------- -----------

ssl false SSL enabled: true/false

target 192.168.1.1 Target IPv4 or IPv6 address

port 80 Target HTTP port

Module options:

Name Current settings Description

---- ---------------- -----------

verbosity true Verbosity enabled: true/false

rsf (WePresent WiPG-1000 RCE) > set port 8080 #修改port默认值,改为8080

[+] port => 8080

rsf (WePresent WiPG-1000 RCE) > show options #port修改成功

Target options:

Name Current settings Description

---- ---------------- -----------

ssl false SSL enabled: true/false

target 192.168.1.1 Target IPv4 or IPv6 address

port 8080 Target HTTP port

Module options:

Name Current settings Description

---- ---------------- -----------

verbosity true Verbosity enabled: true/false

rsf (WePresent WiPG-1000 RCE) > run #运行模块,提示不存在漏洞

[*] Running module exploits/misc/wepresent/wipg1000_rce...

[-] Exploit failed - exploit seems to be not vulnerable

rsf (WePresent WiPG-1000 RCE) > Bash

其他模块其他模块的使用与着两模块一样。

结束语没有一个存在漏洞的环境,学习也比较困难,有时间试着搭一个环境再详细学习。(使用的真实环境)

相关推荐

qq飞车黄金神兽怎么开 qq飞车黄金神兽属性
best365网页登录不上去

qq飞车黄金神兽怎么开 qq飞车黄金神兽属性

📅 10-18 👁️ 8226
苹果充值须知
365sport365中文版

苹果充值须知

📅 09-21 👁️ 8376
气泡为何是球形?数学解析
365sport365中文版

气泡为何是球形?数学解析

📅 02-14 👁️ 6592
cf军衔等级对应升级经验是什么 cf穿越火线军衔等级升级经验表介绍
365sport365中文版

cf军衔等级对应升级经验是什么 cf穿越火线军衔等级升级经验表介绍

📅 10-30 👁️ 4822
dqm2一周目的個人心得,新手向,老手看看或許也有幫助
best365网页登录不上去

dqm2一周目的個人心得,新手向,老手看看或許也有幫助

📅 11-01 👁️ 1042
九阳(Joyoung)电磁炉 C21-SC001 超薄电磁炉 触屏 控制面板 6主要参数
365bet亚洲唯一官网

九阳(Joyoung)电磁炉 C21-SC001 超薄电磁炉 触屏 控制面板 6主要参数

📅 08-11 👁️ 3762

友情链接