• Stars
    star
    336
  • Rank 125,564 (Top 3 %)
  • Language
    Python
  • License
    GNU General Publi...
  • Created about 6 years ago
  • Updated almost 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A tool which utilizes Shodan to detect vulnerable IoT devices.

BAMF

license version

DISCLAIMER: This project should be used for authorized testing and educational purposes only.

BAMF is an open-source tool designed to leverage Shodan (a search engine for the Internet of Things) to discover routers vulnerable to CVE-2013-6026, commonly known as Joel's Backdoor, a severe vulnerability allowing unauthenticated access to the administration panel of many routers made by D-Link, one of the world's largest manufacturers of routers for home and business.


Installation

  1. Download or clone the repository (git clone https://github.com/malwaredllc/bamf)
  2. Install the required Python packages (pip install -r bamf/requirements.txt)
  3. Create a free Shodan account at https://account.shodan.io/register
  4. Configure BAMF to use your Shodan API key (python bamf.py [--shodan API])

Usage

  • Use the search command to search the internet for potential
  • Use the scan command to scan the target routers for backdoors
  • Use the map command to map the networks of devices connected to vulnerable routers
  • Use the targets command to view potential targets discovered this session
  • Use the backdoors command to view routers with a confirmed backdoor
  • Use the devices command to view all devices connected to vulnerable routers

Contact

Email: [email protected]

Twitter: twitter