Search the Community
Showing results for tags 'farmer)'.
-
BAMF (Backdoor Access Machine Farmer) DISCLAIMER: This project should be used for authorized testing and educational purposes only. BAMF is an open-source tool designed to leverage Shodan (a search engine for the Internet of Things) to discover vulnerable routers, then utilize detected backdoors/vulnerabilities to remotely access the router administration panel and modify the DNS server settings. Changing the primary DNS server of a router hijacks the domain name resolution process, enabling an attacker to target every device on the network simultaneously to spread malware with drive-by downloads and harvest credentials via malicious redirects to fraudulent phishing sites. Currently the only vulnerability detected and exploited is CVE-2013-6026, commonly known as Joel's Backdoor, a severe vulnerability allowing unauthenticated access to the administration panel of many routers made by D-Link, one of the world's largest manufacturers of routers for home and business. This project is still under development and will soon have a more modular design, making it easier for other developers to add detection & exploitation features for other vulnerabilities. Installation Download or clone the repository (git clone [Hidden Content]) Install the required Python packages (pip install -r bamf/requirements.txt) Create a free Shodan account at [Hidden Content] Configure BAMF to use your Shodan API key (python bamf.py [--shodan API]) Usage Use the search command to search the internet for potential Use the scan command to scan the target routers for backdoors Use the map command to map the networks of devices connected to vulnerable routers Use the pharm command to change the DNS settings of vulnerable routers Use the targets command to view potential targets discovered this session Use the backdoors command to view routers with a confirmed backdoor Use the devices command to view all devices connected to vulnerable routers To Do Contributors welcome!Feel free to issue pull-requests with any new features or improvements you have come up with! Look into using an online vulnerability database API to enable cross-referencing responses from the Shodan IoT search engine with signatures of backdoors/vulnerabilities Change to modular design to make it easier for other developers to add detection & exploitation features for other vulnerabilities Integrate BAMF into the BYOB framework as a distribution mechanism to maximize spreading potential Downoad: [Hidden Content]