def command_use(self, module_path, *args, **kwargs): module_path = pythonize_path(module_path) module_path = ".".join(("routersploit", "modules", module_path)) # module_path, _, exploit_name = module_path.rpartition('.') try: self.current_module = import_exploit(module_path)() except RoutersploitException as err: print_error(str(err))
def command_use(self, module_path, *args, **kwargs): module_path = pythonize_path(module_path) module_path = ".".join(("routersploit", "modules", module_path)) # module_path, _, exploit_name = module_path.rpartition('.') try: self.current_module = import_exploit(module_path)() except RoutersploitException as err: print_error(str(err))
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit("routersploit.modules.exploits.routers.2wire.gateway_auth_bypass") def test_check_success(target): """ Test scenario - successful exploitation """ route_mock1 = target.get_route_mock("/", methods=["GET"]) route_mock1.return_value = ( "TEST" "<form name=\"pagepost\" method=\"post\" action=\"/xslt?PAGE=WRA01_POST&NEXTPAGE=WRA01_POST\" id=\"pagepost\">" "TEST" ) route_mock2 = target.get_route_mock("/xslt", methods=["GET"]) route_mock2.return_value = ( "TEST" ) exploit = Exploit() assert exploit.target == "" assert exploit.port == 80 exploit.target = target.host exploit.port = target.port assert exploit.check() assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit( "routersploit.modules.creds.routers.2wire.ssh_default_creds") def test_check_success(target): """ Test scenario - testing against SSH server """ exploit = Exploit() assert exploit.target == "" assert exploit.port == 22 assert exploit.threads == 1 assert exploit.defaults == ["admin:admin"] assert exploit.stop_on_success is True assert exploit.verbosity is True exploit.target = target.host exploit.port = target.port assert exploit.check() is False assert exploit.check_default() is None assert exploit.run() is None
from unittest import mock from flask import request from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit("routersploit.modules.exploits.routers.linksys.1500_2500_rce") def apply_response(*args, **kwargs): data = "TEST" + request.form["ping_size"] + "TEST" return data, 200 @mock.patch("routersploit.modules.exploits.routers.linksys.1500_2500_rce.shell") def test_check_success(mocked_shell, target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/apply.cgi", methods=["POST"]) route_mock.side_effect = apply_response exploit = Exploit() assert exploit.target == "" assert exploit.port == 80 assert exploit.username == "admin" assert exploit.password == "admin" exploit.target = target.host exploit.port = target.port assert exploit.check()
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit("routersploit.modules.creds.routers.3com.telnet_default_creds") def test_check_success(generic_target): """ Test scenario - testing against Telnet server """ exploit = Exploit() assert exploit.target == "" assert exploit.port == 23 assert exploit.threads == 1 assert exploit.defaults == ["admin:admin"] assert exploit.stop_on_success is True assert exploit.verbosity is True exploit.target = generic_target.host exploit.port = generic_target.port assert exploit.check() is True assert exploit.check_default() is not None assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit("routersploit.modules.exploits.routers.3com.ap8760_password_disclosure") def test_check_success(target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/s_brief.htm", methods=["GET"]) route_mock.return_value = ( "TEST" "<input type=\"text\" name=\"szUsername\" size=16 value=\"admin\">" "<input type=\"password\" name=\"szPassword\" size=16 maxlength=\"16\" value=\"admin\">" "TEST" ) exploit = Exploit() assert exploit.target == "" assert exploit.port == 80 exploit.target = target.host exploit.port = target.port assert exploit.check() assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit( "routersploit.modules.exploits.routers.3com.ap8760_password_disclosure") def test_check_success(target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/s_brief.htm", methods=["GET"]) route_mock.return_value = ( "TEST" "<input type=\"text\" name=\"szUsername\" size=16 value=\"admin\">" "<input type=\"password\" name=\"szPassword\" size=16 maxlength=\"16\" value=\"admin\">" "TEST") exploit = Exploit() assert exploit.target == "" assert exploit.port == 80 exploit.target = target.host exploit.port = target.port assert exploit.check() assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit("routersploit.modules.exploits.routers.shuttle.915wm_dns_change") def test_check_success(target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/dnscfg.cgi", methods=["POST"]) route_mock.retur_value = ( "TEST" ) exploit = Exploit() assert exploit.target == "" assert exploit.port == 80 assert exploit.dns1 == "8.8.8.8" assert exploit.dns2 == "8.8.4.4" exploit.target = target.host exploit.port = target.port assert exploit.check() is None assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit( "routersploit.modules.exploits.routers.3com.imc_info_disclosure") def test_check_success(target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock( "/imc/reportscript/sqlserver/deploypara.properties", methods=["GET"]) route_mock.return_value = ("TEST" "report.db.server.name=ABCD" "TEST") exploit = Exploit() assert exploit.target == "" assert exploit.port == 8080 exploit.target = target.host exploit.port = target.port assert exploit.check() assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit( "routersploit.modules.exploits.routers.2wire.gateway_auth_bypass") def test_check_success(target): """ Test scenario - successful exploitation """ route_mock1 = target.get_route_mock("/", methods=["GET"]) route_mock1.return_value = ( "TEST" "<form name=\"pagepost\" method=\"post\" action=\"/xslt?PAGE=WRA01_POST&NEXTPAGE=WRA01_POST\" id=\"pagepost\">" "TEST") route_mock2 = target.get_route_mock("/xslt", methods=["GET"]) route_mock2.return_value = ("TEST") exploit = Exploit() assert exploit.target == "" assert exploit.port == 80 exploit.target = target.host exploit.port = target.port assert exploit.check() assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit("routersploit.modules.exploits.routers.2wire.4011g_5012nv_path_traversal") def test_check_success(target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/goform/enhAuthHandler", methods=["POST"]) route_mock.return_value = ( "root:x:0:0:root:/root:/bin/bash" "daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin" "bin:x:2:2:bin:/bin:/usr/sbin/nologin" "sys:x:3:3:sys:/dev:/usr/sbin/nologin" "sync:x:4:65534:sync:/bin:/bin/sync" "games:x:5:60:games:/usr/games:/usr/sbin/nologin" "man:x:6:12:man:/var/cache/man:/usr/sbin/nologin" "lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin" "mail:x:8:8:mail:/var/mail:/usr/sbin/nologin" "news:x:9:9:news:/var/spool/news:/usr/sbin/nologin" "uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin" "proxy:x:13:13:proxy:/bin:/usr/sbin/nologin" "www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin" "backup:x:34:34:backup:/var/backups:/usr/sbin/nologin" ) exploit = Exploit() assert exploit.target == "" assert exploit.port == 80
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit( "routersploit.modules.exploits.routers.3com.officeconnect_info_disclosure") def test_check_success(target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/SaveCfgFile.cgi", methods=["GET"]) route_mock.return_value = ("TEST" "pppoe_username=admin" "pppoe_password=admin" "TEST") exploit = Exploit() assert exploit.target == "" assert exploit.port == 80 exploit.target = target.host exploit.port = target.port assert exploit.check() assert exploit.run() is None
from unittest import mock from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit( "routersploit.modules.exploits.routers.3com.officeconnect_rce") @mock.patch( "routersploit.modules.exploits.routers.3com.officeconnect_rce.shell") def test_check_success(mocked_shell, target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/utility.cgi", methods=["GET"]) route_mock.return_value = ("TEST") exploit = Exploit() assert exploit.target == "" assert exploit.port == 80 exploit.target = target.host exploit.port = target.port assert exploit.check() is None assert exploit.run() is None assert exploit.execute("uname -a") == ""
from unittest import mock from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit("routersploit.modules.exploits.routers.3com.officeconnect_rce") @mock.patch("routersploit.modules.exploits.routers.3com.officeconnect_rce.shell") def test_check_success(mocked_shell, target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/utility.cgi", methods=["GET"]) route_mock.return_value = ( "TEST" ) exploit = Exploit() assert exploit.target == "" assert exploit.port == 80 exploit.target = target.host exploit.port = target.port assert exploit.check() is None assert exploit.run() is None assert exploit.execute("uname -a") == ""
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit("routersploit.modules.exploits.routers.3com.imc_info_disclosure") def test_check_success(target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/imc/reportscript/sqlserver/deploypara.properties", methods=["GET"]) route_mock.return_value = ( "TEST" "report.db.server.name=ABCD" "TEST" ) exploit = Exploit() assert exploit.target == "" assert exploit.port == 8080 exploit.target = target.host exploit.port = target.port assert exploit.check() assert exploit.run() is None
from unittest import mock from flask import request from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit( "routersploit.modules.exploits.routers.linksys.1500_2500_rce") def apply_response(*args, **kwargs): data = "TEST" + request.form["ping_size"] + "TEST" return data, 200 @mock.patch("routersploit.modules.exploits.routers.linksys.1500_2500_rce.shell" ) def test_check_success(mocked_shell, target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/apply.cgi", methods=["POST"]) route_mock.side_effect = apply_response exploit = Exploit() assert exploit.target == "" assert exploit.port == 80 assert exploit.username == "admin" assert exploit.password == "admin" exploit.target = target.host exploit.port = target.port
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit("routersploit.modules.exploits.routers.3com.imc_path_traversal") def test_check_success(target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/imc/report/DownloadReportSource", methods=["GET"]) route_mock.return_value = ( "TEST" "[fonts]" "TEST" ) exploit = Exploit() assert exploit.target == "" assert exploit.port == 8080 assert exploit.filename == "\\windows\\win.ini" exploit.target = target.host exploit.port = target.port assert exploit.check() assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit("routersploit.modules.creds.routers.2wire.ssh_default_creds") def test_check_success(target): """ Test scenario - testing against SSH server """ exploit = Exploit() assert exploit.target == "" assert exploit.port == 22 assert exploit.threads == 1 assert exploit.defaults == ["admin:admin"] assert exploit.stop_on_success is True assert exploit.verbosity is True exploit.target = target.host exploit.port = target.port assert exploit.check() is False assert exploit.check_default() is None assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit # hack to import from directory/filename starting with a number Exploit = import_exploit( "routersploit.modules.exploits.routers.2wire.4011g_5012nv_path_traversal") def test_check_success(target): """ Test scenario - successful exploitation """ route_mock = target.get_route_mock("/goform/enhAuthHandler", methods=["POST"]) route_mock.return_value = ( "root:x:0:0:root:/root:/bin/bash" "daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin" "bin:x:2:2:bin:/bin:/usr/sbin/nologin" "sys:x:3:3:sys:/dev:/usr/sbin/nologin" "sync:x:4:65534:sync:/bin:/bin/sync" "games:x:5:60:games:/usr/games:/usr/sbin/nologin" "man:x:6:12:man:/var/cache/man:/usr/sbin/nologin" "lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin" "mail:x:8:8:mail:/var/mail:/usr/sbin/nologin" "news:x:9:9:news:/var/spool/news:/usr/sbin/nologin" "uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin" "proxy:x:13:13:proxy:/bin:/usr/sbin/nologin" "www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin" "backup:x:34:34:backup:/var/backups:/usr/sbin/nologin") exploit = Exploit() assert exploit.target == ""