Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Kill-Router
Search
Matheus Fidelis
January 30, 2018
Technology
0
260
Kill-Router
Talk ministrada no SecurityTricks #1 sobre a ferramenta Kill-Router
Matheus Fidelis
January 30, 2018
Tweet
Share
More Decks by Matheus Fidelis
See All by Matheus Fidelis
Engenharia de Confiabilidade - Roadmap
msfidelis
1
220
Sobrevivendo a Cenários de Caos com Istio Service Mesh
msfidelis
1
150
Road to Serverless
msfidelis
0
77
Docker para Maiores - Superlógica
msfidelis
0
120
Escalando e Consumingo Queues com NodeJS, Docker e RabbitMQ
msfidelis
0
130
Desmistificando a AWS
msfidelis
0
58
Criando API's de verdade com HapiJS
msfidelis
0
120
Desbravando o REST com Python
msfidelis
0
45
O Fantástico Mundo de GIT
msfidelis
0
92
Other Decks in Technology
See All in Technology
Large Vision Language Modelを用いた 文書画像データ化作業自動化の検証、運用 / shibuya_AI
sansan_randd
0
130
Git in Team
kawaguti
PRO
2
330
Where will it converge?
ibknadedeji
0
200
カンファレンスに託児サポートがあるということ / Having Childcare Support at Conferences
nobu09
1
500
許しとアジャイル
jnuank
1
140
from Sakichi Toyoda to Agile
kawaguti
PRO
1
110
セキュアな認可付きリモートMCPサーバーをAWSマネージドサービスでつくろう! / Let's build an OAuth protected remote MCP server based on AWS managed services
kaminashi
3
260
空間を設計する力を考える / 20251004 Naoki Takahashi
shift_evolve
PRO
4
450
ユーザーの声とAI検証で進める、プロダクトディスカバリー
sansantech
PRO
1
100
リーダーになったら未来を語れるようになろう/Speak the Future
sanogemaru
0
360
社内報はAIにやらせよう / Let AI handle the company newsletter
saka2jp
8
1.3k
AWS Top Engineer、浮いてませんか? / As an AWS Top Engineer, Are You Out of Place?
yuj1osm
2
190
Featured
See All Featured
Principles of Awesome APIs and How to Build Them.
keavy
127
17k
How to Think Like a Performance Engineer
csswizardry
27
2k
Faster Mobile Websites
deanohume
310
31k
Building a Scalable Design System with Sketch
lauravandoore
462
33k
How STYLIGHT went responsive
nonsquared
100
5.8k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.6k
CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again
sstephenson
162
15k
Save Time (by Creating Custom Rails Generators)
garrettdimon
PRO
32
1.6k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
9
860
It's Worth the Effort
3n
187
28k
How GitHub (no longer) Works
holman
315
140k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
jcasabona
33
2.5k
Transcript
Kill-Router- “De um trabalho da faculdade a 2000 dispositivos hackeados”
@fidelissauro https://github.com/msfidelis/Kill-Router-
$ whoami_ Matheus Fidelis Developer / Cloud / DevOps Superlógica
/ PJBank Github: /msfidelis Twitter: @fidelissauro Email:
[email protected]
Blog: http://nanoshots.com.br
$ Kill-Router • Mineração e brute force em massa em
dispositivos • Trabalho de faculdade • Quebrar senhas dos roteadores dos prédios • Desbloquear Ah Negão, Não Salvo e etc (foda) https://github.com/msfidelis/Kill-Router-
$ Kill-Router • KISS (Keep it Simple, Stupid…) • HTTP,
SSH, FTP Attack • Mode: Standalone (Target) • Mode: Shodan Dork Search Engine (API) • Minerar dispositivos conectados a internet • Weak Passwords • Roteadores, Câmeras, Switches, Painéis e lalala
$ Stand Alone ./kill-router.py -t 192.168.0.1 -u admin -l passlist.txt
./kill-router.py -t 192.168.0.1 -u root -l passlist.txt -p 22 -m ssh
$ Default Passlists • Top 10 Passwords • Top 100
Passwords • Stupid Passwords • Ashley Madison ( ͡° ͜ʖ ͡°)
$ SHODAN • Indexador de dispositivos conectados a internet. •
Fingerprint de serviços, versões e portas • Banners HTTP, FTP, SSH, Telnet, SNMP, SIP, etc • Dork Search • API Aberta https://www.shodan.io/
$ SHODAN
None
$ SHODAN 0.0.0.0/0
$ SHODAN
None
$ Searchs • RomPager/4.07 UPnP/1.0 —– router • uc-httpd 1.0.0
—– CCTV camera • DVRDVS-Webs —– CCTV camera • microhttpd —– router • Webs —– CCTV camera • Hikvision-Webs —– CCTV • camera iBall-Baton —– CCTV camera
$ Dorks • Nginx Servers in São Paulo nginx country:
"São Paulo" • Apache Server in Subnet Range apache net:“216.219.143.0/24” • Google Servers "Server: gws"
Kill-Router- ./kill-router.py --shodan geovision
None
None
None
None
OBRIGADO!