1 00:00:02,120 --> 00:00:09,500 In this and in the next video, I want to talk about something different, we attacked different machines 2 00:00:09,500 --> 00:00:11,750 from Windows machines to Linux machines. 3 00:00:11,960 --> 00:00:19,280 But in these two videos, I want to show you that you can also target your own router or the router 4 00:00:19,460 --> 00:00:21,390 from the network that you are attacking. 5 00:00:22,040 --> 00:00:28,760 Now, it might seem that it is not that important to test your router, but once you gain access to 6 00:00:28,760 --> 00:00:33,230 the router, you pretty much have the control over the entire network. 7 00:00:33,710 --> 00:00:38,150 And not only that, gaining access to the router is powerful. 8 00:00:38,300 --> 00:00:43,340 It means that you can change different network settings, that you can forward different ports and so 9 00:00:43,340 --> 00:00:44,000 on and so on. 10 00:00:44,390 --> 00:00:47,900 The routers are also the easiest devices to hack. 11 00:00:48,500 --> 00:00:50,140 You might be asking why? 12 00:00:50,690 --> 00:00:58,660 Well, because usually 90 percent of home routers and home devices have default login passwords. 13 00:00:59,420 --> 00:01:03,470 The vendors who provide homes with their routers never really change. 14 00:01:03,470 --> 00:01:08,540 The default password and default password is something that you can find on the Internet. 15 00:01:09,540 --> 00:01:14,610 This default password attacks, we are going to check out in the next tutorial, but for this one, 16 00:01:14,610 --> 00:01:20,670 I want to show you a cool tool that you can use to test on your own router to check out whether it is 17 00:01:20,670 --> 00:01:22,210 vulnerable to some exploits. 18 00:01:22,740 --> 00:01:28,860 So just type in your search bar router split and it will lead you to this GitHub link where we will 19 00:01:28,860 --> 00:01:31,140 have our router deployed to. 20 00:01:32,080 --> 00:01:38,680 Now, we already know how to download all of these tools, let's copy the link straight away, navigate 21 00:01:38,680 --> 00:01:42,100 to our desktop and we can get clone. 22 00:01:43,110 --> 00:01:43,920 Rather split. 23 00:01:46,570 --> 00:01:52,600 While this is coping, let's go down to the installation comments just to see how we can install this 24 00:01:52,600 --> 00:01:58,180 talk properly, and here we have installation clinics and all of the comments that we must run. 25 00:01:58,840 --> 00:02:03,250 So we must install Python three to tape, even though I believe we already have this. 26 00:02:03,610 --> 00:02:07,000 Let's run the command just to make sure. 27 00:02:07,300 --> 00:02:10,270 And it requires road privileges. 28 00:02:10,270 --> 00:02:16,090 So let's enter the router count first and let's type the same comment. 29 00:02:16,090 --> 00:02:20,490 Atget get install Python three that pipe, everything is installed. 30 00:02:20,620 --> 00:02:22,120 Let's move on to the next comment. 31 00:02:22,150 --> 00:02:23,610 We already did the Kip clone. 32 00:02:24,010 --> 00:02:26,200 Let's change the directory to router split. 33 00:02:30,130 --> 00:02:32,620 And the next comment is Python three. 34 00:02:33,540 --> 00:02:40,200 And then install the requirements, as we can see inside of the Rajput directory, we have requirements 35 00:02:40,200 --> 00:02:41,280 that the text fall. 36 00:02:41,670 --> 00:02:46,650 And whenever you have these requirements that the extent we already know that we must run this command 37 00:02:46,650 --> 00:02:49,740 to install all the requirements from that file. 38 00:02:51,300 --> 00:02:57,570 Let's press enter as soon as it insults all of these files that it needs, we should be ready to run 39 00:02:57,570 --> 00:03:01,380 the right talk, which is this RCF that by. 40 00:03:02,960 --> 00:03:11,480 OK, so everything is finished and let's python three hours F that B white, and you will notice that 41 00:03:11,480 --> 00:03:16,750 once you run this tool, it will open something that looks similar to the MSF council. 42 00:03:17,070 --> 00:03:21,740 If we get this command line type in here, we can execute different commands. 43 00:03:22,040 --> 00:03:27,800 It says right here that has one hundred thirty two experts for scanner's one hundred and seventy one 44 00:03:27,800 --> 00:03:33,470 credentialled tax for generic attacks, 32 payloads and six encoders. 45 00:03:34,100 --> 00:03:39,710 Now to check out all of the available commands, we can run health command and it will tell us how to 46 00:03:39,710 --> 00:03:43,520 use a certain module, how to execute a command argument. 47 00:03:44,180 --> 00:03:50,600 And here we can also search for different tools for type search scanners. 48 00:03:51,680 --> 00:03:54,590 It will give us all of the four scanners that it has. 49 00:03:54,890 --> 00:03:58,760 And in this video, we're going to use this out and scan. 50 00:03:59,330 --> 00:04:05,480 This will test for all the exploits from the routers play tool on to our target router to see whether 51 00:04:05,480 --> 00:04:07,670 it is vulnerable to any one of them. 52 00:04:08,030 --> 00:04:12,620 So let's use scanners and then how to end. 53 00:04:14,120 --> 00:04:20,060 Once you select it, you can type help or pardon me, you can type show options the same way that we 54 00:04:20,060 --> 00:04:26,440 do inside of the MSF council and the only thing that we must set is target IP address. 55 00:04:27,260 --> 00:04:31,770 To do that, we can type set target 180 to that 168. 56 00:04:31,770 --> 00:04:32,060 That one. 57 00:04:32,070 --> 00:04:32,500 That one. 58 00:04:33,080 --> 00:04:34,010 This is the router. 59 00:04:34,010 --> 00:04:39,050 In my case, if you want to check out your gateway or your router, you can type the command network 60 00:04:39,050 --> 00:04:45,280 that bash and ah and under the gateway you will have the IP address of your gateway. 61 00:04:45,770 --> 00:04:51,380 Once you check it out, type it right here and as soon as you set your IP address, you can type run. 62 00:04:52,310 --> 00:04:57,380 As it says, it will start a vulnerability check and it will go through all of these experts and see 63 00:04:57,380 --> 00:04:59,990 whether your router is vulnerable to any one of the. 64 00:05:01,070 --> 00:05:06,890 If you have this minus sign, that means that the Rothera is not vulnerable, if you have this star 65 00:05:06,890 --> 00:05:13,250 sign, that means triploid cannot really determine whether your router is vulnerable to the security 66 00:05:13,250 --> 00:05:13,640 threat. 67 00:05:13,640 --> 00:05:16,510 As it says right here, it could not be verified. 68 00:05:16,760 --> 00:05:24,620 And if you have a plus sign, which we don't have at the moment, that means it found a security vulnerability 69 00:05:24,860 --> 00:05:26,150 for your router. 70 00:05:26,510 --> 00:05:33,290 In my case, I believe I don't have any at the moment, but you might find some vulnerability for the 71 00:05:33,290 --> 00:05:33,710 router. 72 00:05:34,370 --> 00:05:36,140 Let's wait for this scan to finish. 73 00:05:37,500 --> 00:05:44,780 And it is done, it says, could not confirm any vulnerability and it couldn't find default credentials, 74 00:05:45,210 --> 00:05:48,240 and this part of it here is not exactly true. 75 00:05:48,870 --> 00:05:51,830 We're going to check out default credentials in the next video. 76 00:05:52,020 --> 00:05:55,860 However, you can test these exploits with the raw display. 77 00:05:56,790 --> 00:06:01,470 You can also check out these ones that says could not verify, exploit ability. 78 00:06:01,830 --> 00:06:07,170 This could possibly mean that they are vulnerable to these attacks or this exploit is simply just not 79 00:06:07,170 --> 00:06:10,050 the type of exploit that targets your daughter. 80 00:06:10,870 --> 00:06:16,950 OK, now, if you cover the raw data, we're going to see how we can gain access to the router with 81 00:06:16,950 --> 00:06:23,970 the default credentials vulnerability that at least 70 to 80 percent of home routers have seen in the 82 00:06:23,970 --> 00:06:24,480 next video.