Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Kill-Router
Search
Matheus Fidelis
January 30, 2018
Technology
0
250
Kill-Router
Talk ministrada no SecurityTricks #1 sobre a ferramenta Kill-Router
Matheus Fidelis
January 30, 2018
Tweet
Share
More Decks by Matheus Fidelis
See All by Matheus Fidelis
Engenharia de Confiabilidade - Roadmap
msfidelis
1
210
Sobrevivendo a Cenários de Caos com Istio Service Mesh
msfidelis
1
150
Road to Serverless
msfidelis
0
76
Docker para Maiores - Superlógica
msfidelis
0
110
Escalando e Consumingo Queues com NodeJS, Docker e RabbitMQ
msfidelis
0
120
Desmistificando a AWS
msfidelis
0
54
Criando API's de verdade com HapiJS
msfidelis
0
120
Desbravando o REST com Python
msfidelis
0
38
O Fantástico Mundo de GIT
msfidelis
0
86
Other Decks in Technology
See All in Technology
OpenTelemetryセマンティック規約の恩恵とMackerel APMにおける活用例 / SRE NEXT 2025
mackerelio
3
1.6k
Zero Data Loss Autonomous Recovery Service サービス概要
oracle4engineer
PRO
2
7.8k
american airlines®️ USA Contact Numbers: Complete 2025 Support Guide
supportflight
1
120
「クラウドコスト絶対削減」を支える技術—FinOpsを超えた徹底的なクラウドコスト削減の実践論
delta_tech
4
190
QuickSight SPICE の効果的な運用戦略~S3 + Athena 構成での実践ノウハウ~/quicksight-spice-s3-athena-best-practices
emiki
0
260
IPA&AWSダブル全冠が明かす、人生を変えた勉強法のすべて
iwamot
PRO
2
220
Claude Code に プロジェクト管理やらせたみた
unson
8
4.9k
TLSから見るSREの未来
atpons
2
240
How Do I Contact HP Printer Support? [Full 2025 Guide for U.S. Businesses]
harrry1211
0
130
セキュアな社内Dify運用と外部連携の両立 ~AIによるAPIリスク評価~
zozotech
PRO
0
100
ビジネス職が分析も担う事業部制組織でのデータ活用の仕組みづくり / Enabling Data Analytics in Business-Led Divisional Organizations
zaimy
1
310
american aa airlines®️ USA Contact Numbers: Complete 2025 Support Guide
aaguide
0
500
Featured
See All Featured
The Invisible Side of Design
smashingmag
301
51k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
50k
Principles of Awesome APIs and How to Build Them.
keavy
126
17k
Statistics for Hackers
jakevdp
799
220k
Into the Great Unknown - MozCon
thekraken
40
1.9k
[RailsConf 2023] Rails as a piece of cake
palkan
55
5.7k
Fireside Chat
paigeccino
37
3.5k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.9k
Mobile First: as difficult as doing things right
swwweet
223
9.7k
Automating Front-end Workflow
addyosmani
1370
200k
Faster Mobile Websites
deanohume
307
31k
For a Future-Friendly Web
brad_frost
179
9.8k
Transcript
Kill-Router- “De um trabalho da faculdade a 2000 dispositivos hackeados”
@fidelissauro https://github.com/msfidelis/Kill-Router-
$ whoami_ Matheus Fidelis Developer / Cloud / DevOps Superlógica
/ PJBank Github: /msfidelis Twitter: @fidelissauro Email:
[email protected]
Blog: http://nanoshots.com.br
$ Kill-Router • Mineração e brute force em massa em
dispositivos • Trabalho de faculdade • Quebrar senhas dos roteadores dos prédios • Desbloquear Ah Negão, Não Salvo e etc (foda) https://github.com/msfidelis/Kill-Router-
$ Kill-Router • KISS (Keep it Simple, Stupid…) • HTTP,
SSH, FTP Attack • Mode: Standalone (Target) • Mode: Shodan Dork Search Engine (API) • Minerar dispositivos conectados a internet • Weak Passwords • Roteadores, Câmeras, Switches, Painéis e lalala
$ Stand Alone ./kill-router.py -t 192.168.0.1 -u admin -l passlist.txt
./kill-router.py -t 192.168.0.1 -u root -l passlist.txt -p 22 -m ssh
$ Default Passlists • Top 10 Passwords • Top 100
Passwords • Stupid Passwords • Ashley Madison ( ͡° ͜ʖ ͡°)
$ SHODAN • Indexador de dispositivos conectados a internet. •
Fingerprint de serviços, versões e portas • Banners HTTP, FTP, SSH, Telnet, SNMP, SIP, etc • Dork Search • API Aberta https://www.shodan.io/
$ SHODAN
None
$ SHODAN 0.0.0.0/0
$ SHODAN
None
$ Searchs • RomPager/4.07 UPnP/1.0 —– router • uc-httpd 1.0.0
—– CCTV camera • DVRDVS-Webs —– CCTV camera • microhttpd —– router • Webs —– CCTV camera • Hikvision-Webs —– CCTV • camera iBall-Baton —– CCTV camera
$ Dorks • Nginx Servers in São Paulo nginx country:
"São Paulo" • Apache Server in Subnet Range apache net:“216.219.143.0/24” • Google Servers "Server: gws"
Kill-Router- ./kill-router.py --shodan geovision
None
None
None
None
OBRIGADO!