Bruteforce router administration credentials and attempt to enable remote management
Portal will look for a users.txt and passwords.txt in the current directory, and attempt to login to the router at the provided IP address.
If the program is able to authenticate successfully it uses the discovered credentials and attempts to enable remote management.
For a full analysis and description of the program check out the article I wrote on this process:
Portal requires the following libraries to be installed:
- Requests
The required packages can be installed with the following command:
$ pip install -r requirements.txt- users.txt - list of usernames to brute force; one per line
- passwords.txt - list of passwords to brute force; one per line
$ python portal.py <target ip>$ python portal.py 192.168.1.1- add command line parameters for user and password files
- implement multithreading for bruteforcing
- perform target device identification
- 09/22/18 - v1.0 initial implementation and testing
| Manufacturer | Model | Verified |
|---|---|---|
| NETGEAR | WNDR4300 | ✅ |