def command_use(self, module_path, *args, **kwargs):
module_path = pythonize_path(module_path)
module_path = ".".join(("routersploit", "modules", module_path))
# module_path, _, exploit_name = module_path.rpartition('.')
try:
self.current_module = import_exploit(module_path)()
except RoutersploitException as err:
print_error(str(err))
def command_use(self, module_path, *args, **kwargs):
module_path = pythonize_path(module_path)
module_path = ".".join(("routersploit", "modules", module_path))
# module_path, _, exploit_name = module_path.rpartition('.')
try:
self.current_module = import_exploit(module_path)()
except RoutersploitException as err:
print_error(str(err))
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit("routersploit.modules.exploits.routers.2wire.gateway_auth_bypass")
def test_check_success(target):
""" Test scenario - successful exploitation """
route_mock1 = target.get_route_mock("/", methods=["GET"])
route_mock1.return_value = (
"TEST"
"<form name=\"pagepost\" method=\"post\" action=\"/xslt?PAGE=WRA01_POST&NEXTPAGE=WRA01_POST\" id=\"pagepost\">"
"TEST"
)
route_mock2 = target.get_route_mock("/xslt", methods=["GET"])
route_mock2.return_value = (
"TEST"
)
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
exploit.target = target.host
exploit.port = target.port
assert exploit.check()
assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit(
"routersploit.modules.creds.routers.2wire.ssh_default_creds")
def test_check_success(target):
""" Test scenario - testing against SSH server """
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 22
assert exploit.threads == 1
assert exploit.defaults == ["admin:admin"]
assert exploit.stop_on_success is True
assert exploit.verbosity is True
exploit.target = target.host
exploit.port = target.port
assert exploit.check() is False
assert exploit.check_default() is None
assert exploit.run() is None
from unittest import mock
from flask import request
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit("routersploit.modules.exploits.routers.linksys.1500_2500_rce")
def apply_response(*args, **kwargs):
data = "TEST" + request.form["ping_size"] + "TEST"
return data, 200
@mock.patch("routersploit.modules.exploits.routers.linksys.1500_2500_rce.shell")
def test_check_success(mocked_shell, target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/apply.cgi", methods=["POST"])
route_mock.side_effect = apply_response
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
assert exploit.username == "admin"
assert exploit.password == "admin"
exploit.target = target.host
exploit.port = target.port
assert exploit.check()
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit("routersploit.modules.creds.routers.3com.telnet_default_creds")
def test_check_success(generic_target):
""" Test scenario - testing against Telnet server """
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 23
assert exploit.threads == 1
assert exploit.defaults == ["admin:admin"]
assert exploit.stop_on_success is True
assert exploit.verbosity is True
exploit.target = generic_target.host
exploit.port = generic_target.port
assert exploit.check() is True
assert exploit.check_default() is not None
assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit("routersploit.modules.exploits.routers.3com.ap8760_password_disclosure")
def test_check_success(target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/s_brief.htm", methods=["GET"])
route_mock.return_value = (
"TEST"
"<input type=\"text\" name=\"szUsername\" size=16 value=\"admin\">"
"<input type=\"password\" name=\"szPassword\" size=16 maxlength=\"16\" value=\"admin\">"
"TEST"
)
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
exploit.target = target.host
exploit.port = target.port
assert exploit.check()
assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit(
"routersploit.modules.exploits.routers.3com.ap8760_password_disclosure")
def test_check_success(target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/s_brief.htm", methods=["GET"])
route_mock.return_value = (
"TEST"
"<input type=\"text\" name=\"szUsername\" size=16 value=\"admin\">"
"<input type=\"password\" name=\"szPassword\" size=16 maxlength=\"16\" value=\"admin\">"
"TEST")
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
exploit.target = target.host
exploit.port = target.port
assert exploit.check()
assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit("routersploit.modules.exploits.routers.shuttle.915wm_dns_change")
def test_check_success(target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/dnscfg.cgi", methods=["POST"])
route_mock.retur_value = (
"TEST"
)
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
assert exploit.dns1 == "8.8.8.8"
assert exploit.dns2 == "8.8.4.4"
exploit.target = target.host
exploit.port = target.port
assert exploit.check() is None
assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit(
"routersploit.modules.exploits.routers.3com.imc_info_disclosure")
def test_check_success(target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock(
"/imc/reportscript/sqlserver/deploypara.properties", methods=["GET"])
route_mock.return_value = ("TEST" "report.db.server.name=ABCD" "TEST")
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 8080
exploit.target = target.host
exploit.port = target.port
assert exploit.check()
assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit(
"routersploit.modules.exploits.routers.2wire.gateway_auth_bypass")
def test_check_success(target):
""" Test scenario - successful exploitation """
route_mock1 = target.get_route_mock("/", methods=["GET"])
route_mock1.return_value = (
"TEST"
"<form name=\"pagepost\" method=\"post\" action=\"/xslt?PAGE=WRA01_POST&NEXTPAGE=WRA01_POST\" id=\"pagepost\">"
"TEST")
route_mock2 = target.get_route_mock("/xslt", methods=["GET"])
route_mock2.return_value = ("TEST")
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
exploit.target = target.host
exploit.port = target.port
assert exploit.check()
assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit("routersploit.modules.exploits.routers.2wire.4011g_5012nv_path_traversal")
def test_check_success(target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/goform/enhAuthHandler", methods=["POST"])
route_mock.return_value = (
"root:x:0:0:root:/root:/bin/bash"
"daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin"
"bin:x:2:2:bin:/bin:/usr/sbin/nologin"
"sys:x:3:3:sys:/dev:/usr/sbin/nologin"
"sync:x:4:65534:sync:/bin:/bin/sync"
"games:x:5:60:games:/usr/games:/usr/sbin/nologin"
"man:x:6:12:man:/var/cache/man:/usr/sbin/nologin"
"lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin"
"mail:x:8:8:mail:/var/mail:/usr/sbin/nologin"
"news:x:9:9:news:/var/spool/news:/usr/sbin/nologin"
"uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin"
"proxy:x:13:13:proxy:/bin:/usr/sbin/nologin"
"www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin"
"backup:x:34:34:backup:/var/backups:/usr/sbin/nologin"
)
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit(
"routersploit.modules.exploits.routers.3com.officeconnect_info_disclosure")
def test_check_success(target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/SaveCfgFile.cgi", methods=["GET"])
route_mock.return_value = ("TEST"
"pppoe_username=admin"
"pppoe_password=admin"
"TEST")
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
exploit.target = target.host
exploit.port = target.port
assert exploit.check()
assert exploit.run() is None
from unittest import mock
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit(
"routersploit.modules.exploits.routers.3com.officeconnect_rce")
@mock.patch(
"routersploit.modules.exploits.routers.3com.officeconnect_rce.shell")
def test_check_success(mocked_shell, target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/utility.cgi", methods=["GET"])
route_mock.return_value = ("TEST")
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
exploit.target = target.host
exploit.port = target.port
assert exploit.check() is None
assert exploit.run() is None
assert exploit.execute("uname -a") == ""
from unittest import mock
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit("routersploit.modules.exploits.routers.3com.officeconnect_rce")
@mock.patch("routersploit.modules.exploits.routers.3com.officeconnect_rce.shell")
def test_check_success(mocked_shell, target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/utility.cgi", methods=["GET"])
route_mock.return_value = (
"TEST"
)
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
exploit.target = target.host
exploit.port = target.port
assert exploit.check() is None
assert exploit.run() is None
assert exploit.execute("uname -a") == ""
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit("routersploit.modules.exploits.routers.3com.imc_info_disclosure")
def test_check_success(target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/imc/reportscript/sqlserver/deploypara.properties", methods=["GET"])
route_mock.return_value = (
"TEST"
"report.db.server.name=ABCD"
"TEST"
)
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 8080
exploit.target = target.host
exploit.port = target.port
assert exploit.check()
assert exploit.run() is None
from unittest import mock
from flask import request
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit(
"routersploit.modules.exploits.routers.linksys.1500_2500_rce")
def apply_response(*args, **kwargs):
data = "TEST" + request.form["ping_size"] + "TEST"
return data, 200
@mock.patch("routersploit.modules.exploits.routers.linksys.1500_2500_rce.shell"
)
def test_check_success(mocked_shell, target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/apply.cgi", methods=["POST"])
route_mock.side_effect = apply_response
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 80
assert exploit.username == "admin"
assert exploit.password == "admin"
exploit.target = target.host
exploit.port = target.port
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit("routersploit.modules.exploits.routers.3com.imc_path_traversal")
def test_check_success(target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/imc/report/DownloadReportSource", methods=["GET"])
route_mock.return_value = (
"TEST"
"[fonts]"
"TEST"
)
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 8080
assert exploit.filename == "\\windows\\win.ini"
exploit.target = target.host
exploit.port = target.port
assert exploit.check()
assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit("routersploit.modules.creds.routers.2wire.ssh_default_creds")
def test_check_success(target):
""" Test scenario - testing against SSH server """
exploit = Exploit()
assert exploit.target == ""
assert exploit.port == 22
assert exploit.threads == 1
assert exploit.defaults == ["admin:admin"]
assert exploit.stop_on_success is True
assert exploit.verbosity is True
exploit.target = target.host
exploit.port = target.port
assert exploit.check() is False
assert exploit.check_default() is None
assert exploit.run() is None
from routersploit.core.exploit.utils import import_exploit
# hack to import from directory/filename starting with a number
Exploit = import_exploit(
"routersploit.modules.exploits.routers.2wire.4011g_5012nv_path_traversal")
def test_check_success(target):
""" Test scenario - successful exploitation """
route_mock = target.get_route_mock("/goform/enhAuthHandler",
methods=["POST"])
route_mock.return_value = (
"root:x:0:0:root:/root:/bin/bash"
"daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin"
"bin:x:2:2:bin:/bin:/usr/sbin/nologin"
"sys:x:3:3:sys:/dev:/usr/sbin/nologin"
"sync:x:4:65534:sync:/bin:/bin/sync"
"games:x:5:60:games:/usr/games:/usr/sbin/nologin"
"man:x:6:12:man:/var/cache/man:/usr/sbin/nologin"
"lp:x:7:7:lp:/var/spool/lpd:/usr/sbin/nologin"
"mail:x:8:8:mail:/var/mail:/usr/sbin/nologin"
"news:x:9:9:news:/var/spool/news:/usr/sbin/nologin"
"uucp:x:10:10:uucp:/var/spool/uucp:/usr/sbin/nologin"
"proxy:x:13:13:proxy:/bin:/usr/sbin/nologin"
"www-data:x:33:33:www-data:/var/www:/usr/sbin/nologin"
"backup:x:34:34:backup:/var/backups:/usr/sbin/nologin")
exploit = Exploit()
assert exploit.target == ""
