RPEF- Tool to generate routers firmware with backdoor

Network devices and routers are the best target for several reasons such as  they include a firmware that can be shipped with backdoor and there is no antivirus to detect/identify malicious code on the firmware. This makes with each router start up the network device will load the backdoor without knowledge of the user. also this will log information on the hacked device and obviously the network.

rpef (Router Post-Exploitation Framework) is a python based application that you can use to generate a routers firmware with a Trojan or a backdoor. the way of usage is:

./rpef.py <firmware image> <output file> <payload>

The tool was firstly introduced on Defcon conference byMichael Coppola to demonstrate how SOHO-routers can be compromised and turned into a botnet using a fake update process. some of the supported routers are: Netgear, Linksys , D-Link and Belkin.

RPEF can equip potential attacker various functions such as command line network sniffer or client botnet that connects to a specified IRC-channel to launch a DDOS-attacks.The tool can also be used for the awareness training.

You can find more about rpef over this link: https://github.com/mncoppola/rpef
Share