Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Kill-Router

Sponsored · Ship Features Fearlessly Turn features on and off without deploys. Used by thousands of Ruby developers.
Avatar for Matheus Fidelis Matheus Fidelis
January 30, 2018
Technology
0
270

 Kill-Router

Talk ministrada no SecurityTricks #1 sobre a ferramenta Kill-Router

Avatar for Matheus Fidelis

Matheus Fidelis

January 30, 2018
Tweet

More Decks by Matheus Fidelis

See All by Matheus Fidelis
Engenharia de Confiabilidade - Roadmap
Avatar for Matheus Fidelis msfidelis
1
240
Sobrevivendo a Cenários de Caos com Istio Service Mesh
Avatar for Matheus Fidelis msfidelis
1
160
Road to Serverless
Avatar for Matheus Fidelis msfidelis
0
80
Docker para Maiores - Superlógica
Avatar for Matheus Fidelis msfidelis
0
130
Escalando e Consumingo Queues com NodeJS, Docker e RabbitMQ
Avatar for Matheus Fidelis msfidelis
0
140
Desmistificando a AWS
Avatar for Matheus Fidelis msfidelis
0
65
Criando API's de verdade com HapiJS
Avatar for Matheus Fidelis msfidelis
0
130
Desbravando o REST com Python
Avatar for Matheus Fidelis msfidelis
0
57
O Fantástico Mundo de GIT
Avatar for Matheus Fidelis msfidelis
0
100

Other Decks in Technology

See All in Technology
ReactのdangerouslySetInnerHTMLは“dangerously”だから危険 / Security.any #09 卒業したいセキュリティLT
Avatar for GMO Flatt Security flatt_security
0
470
AgentCoreとLINEを使った飲食店おすすめアプリを作ってみた
Avatar for やくも yakumo
2
200
大規模ECサイトのあるバッチのパフォーマンスを改善するために僕たちのチームがしてきたこと
Avatar for panda_program panda_program
1
370
1GB RAMのラズピッピで何ができるのか試してみよう / 20260319-rpijam-1gb-rpi-whats-possible
Avatar for Akira Ouchi akkiesoft
0
830
コンテキスト・ハーネスエンジニアリングの現在
Avatar for Hirosato Gamo hirosatogamo
PRO
6
750
20260321_エンベディングってなに?RAGってなに?エンベディングの説明とGemini Embedding 2 の紹介
Avatar for tsho tsho
0
150
Phase09_自動化_仕組み化
Avatar for overflow ,Inc overflowinc
0
1.4k
スケールアップ企業でQA組織が機能し続けるための組織設計と仕組み〜ボトムアップとトップダウンを両輪としたアプローチ〜

Avatar for tarappo tarappo
4
340
SSoT(Single Source of Truth)で「壊して再生」する設計
Avatar for かわうそ kawauso
2
310
Astro Islandsの 内部実装を 「日本で一番わかりやすく」 ざっくり解説!
Avatar for Wu Kenji knj
0
230
Windows ファイル共有(SMB)を再確認する
Avatar for Murachi Akira murachiakira
PRO
0
240
Copilot 宇宙へ 〜生成AIで「専門データの壁」を壊す方法〜
Avatar for なかしょ nakasho
0
160

Featured

See All Featured
What's in a price? How to price your products and services
Avatar for Michael Herold michaelherold
247
13k
What the history of the web can teach us about the future of AI
Avatar for Ines Montani inesmontani
PRO
1
490
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
331
21k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.5k
Measuring Dark Social's Impact On Conversion and Attribution
Avatar for Stephen Akadiri stephenakadiri
1
160
The Curse of the Amulet
Avatar for Matthew Lei leimatthew05
1
10k
The Psychology of Web Performance [Beyond Tellerrand 2023]
Avatar for Tammy Everts tammyeverts
49
3.3k
The Hidden Cost of Media on the Web [PixelPalooza 2025]
Avatar for Tammy Everts tammyeverts
2
250
Stop Working from a Prison Cell
Avatar for Chris Michel hatefulcrawdad
274
21k
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
37
7.2k
Leo the Paperboy
Avatar for Maya Tellez mayatellez
4
1.5k
How to Think Like a Performance Engineer
Avatar for Harry Roberts csswizardry
28
2.5k

Transcript

  1. Kill-Router- “De um trabalho da faculdade a 2000 dispositivos hackeados”

    @fidelissauro https://github.com/msfidelis/Kill-Router-

  2. $ whoami_ Matheus Fidelis Developer / Cloud / DevOps Superlógica

    / PJBank Github: /msfidelis Twitter: @fidelissauro Email: [email protected] Blog: http://nanoshots.com.br

  3. $ Kill-Router • Mineração e brute force em massa em

    dispositivos • Trabalho de faculdade • Quebrar senhas dos roteadores dos prédios • Desbloquear Ah Negão, Não Salvo e etc (foda) https://github.com/msfidelis/Kill-Router-

  4. $ Kill-Router • KISS (Keep it Simple, Stupid…) • HTTP,

    SSH, FTP Attack • Mode: Standalone (Target) • Mode: Shodan Dork Search Engine (API) • Minerar dispositivos conectados a internet • Weak Passwords • Roteadores, Câmeras, Switches, Painéis e lalala

  5. $ Stand Alone ./kill-router.py -t 192.168.0.1 -u admin -l passlist.txt

    ./kill-router.py -t 192.168.0.1 -u root -l passlist.txt -p 22 -m ssh

  6. $ Default Passlists • Top 10 Passwords • Top 100

    Passwords • Stupid Passwords • Ashley Madison ( ͡° ͜ʖ ͡°)

  7. $ SHODAN • Indexador de dispositivos conectados a internet. •

    Fingerprint de serviços, versões e portas • Banners HTTP, FTP, SSH, Telnet, SNMP, SIP, etc • Dork Search • API Aberta https://www.shodan.io/

  8. $ SHODAN

  9. None

  10. $ SHODAN 0.0.0.0/0

  11. $ SHODAN

  12. None

  13. $ Searchs • RomPager/4.07 UPnP/1.0 —– router • uc-httpd 1.0.0

    —– CCTV camera • DVRDVS-Webs —– CCTV camera • microhttpd —– router • Webs —– CCTV camera • Hikvision-Webs —– CCTV • camera iBall-Baton —– CCTV camera

  14. $ Dorks • Nginx Servers in São Paulo nginx country:

    "São Paulo" • Apache Server in Subnet Range apache net:“216.219.143.0/24” • Google Servers "Server: gws"

  15. Kill-Router- ./kill-router.py --shodan geovision

  16. None
  17. None
  18. None
  19. None

  20. OBRIGADO!