Embedded Files
Routersploit Project Summary
In this project, I set up my first virtual machine and then downloaded RouterSploit. I ran into a few errors but researched ways to solve them. I explored the different packages and scanners. I ultimately decided to check my camera for any vulnerabilities. I set my target and ran the exploit. RouterSploit let me know my camera is not vulnerable to its exploits and I don't have any default credentials set. Overall, this was a cool lab to do and it got me thinking of all the IoT devices connected in our homes.
Download Routersploit
Download Routersploit
The very first thing I did was download Routersploit from Github. RouterSploit is an open-source exploitation framework focused on embedded devices, specifically routers, modems, and Internet of Things (IoT) devices. This step took me a while because I downloaded my first virtual machine and then had to set it up. When I tried downloading the file I received a few errors of a missing package, called the 'future' package. I then started scouring the internet for solutions, till I found a way to install the missing 'future' package
Setup the Scan
Setup the Scan
I started up the program and looked for scanners and packages. I tried this out on many things, like my router and cameras at home. From my finding, you need an IPv4 or IPv6 address. I decided I wanted to find out if a camera located in my house my vulnerable. This camera is super important since it's near an area where important conversations happen, and if hacked could be critical to my family's privacy. I chose that camera scan, and then set my target to the IP address.
Exploit
Exploit
I typed in the exploit command and a series of exploits were run against my camera. I really liked how it checked for default credentials we well because many people forget or don't know they need to change the default credentials. IoT devices are often shipped with default usernames and passwords like "admin" or "password". This highlights the importance of passwords and how crucial they are. After analyzing my results there were no default credentials and RouterSploit could not confirm any vulnerabilities.
Password Strength Checker
I created a password strength checker using the tutorial from NeuralNine. This tutorial helped me understand and apply the OWASP password requirements to the best of my ability. The password checker takes the user's entered password and scores it out of 7. The code checks with a common password file with over ten thousand common passwords. I also was able to revisit coding since I haven't done it in a while. I changed the code by looping a few items so there was minimal repetition. The tutorial encouraged me to think about security from a broader perspective. It highlighted the significance of strong passwords and the need for robust cybersecurity practices. Check out the code on GitHub
Page updated
Google Sites
Report abuse