HTDark | Underground Hacking Forum and Cybersecurity Community
  • Earn real money by being active: Hello Guest, earn real money by simply being active on the forum — post quality content, get reactions, and help the community. Once you reach the minimum credit amount, you’ll be able to withdraw your balance directly. Learn how it works.

BAMF (Backdoor Access Machine Farmer)

Status
Not open for further replies.
dEEpEst

dEEpEst

☣☣ In The Depths ☣☣
Staff member
Administrator
Super Moderator
Hacker
Specter
Crawler
Shadow
Joined
Mar 29, 2018
Messages
13,861
Solutions
4
Reputation
32
Reaction score
45,552
Points
1,813
Credits
55,350
‎7 Years of Service‎
 
56%
This link is hidden for visitors. Please Log in or register now.



BAMF (Backdoor Access Machine Farmer)




DISCLAIMER: This project should be used for authorized testing and educational purposes only.

BAMF is an open-source tool designed to leverage Shodan (a search engine for the Internet of Things) to discover vulnerable routers, then utilize detected backdoors/vulnerabilities to remotely access the router administration panel and modify the DNS server settings.

Changing the primary DNS server of a router hijacks the domain name resolution process, enabling an attacker to target every device on the network simultaneously to spread malware with drive-by downloads and harvest credentials via malicious redirects to fraudulent phishing sites.

Currently the only vulnerability detected and exploited is 
This link is hidden for visitors. Please Log in or register now.
, commonly known as Joel's Backdoor, a severe vulnerability allowing unauthenticated access to the administration panel of many routers made by D-Link, one of the world's largest manufacturers of routers for home and business.

This project is still under development and will soon have a more modular design, making it easier for other developers to add detection & exploitation features for other vulnerabilities.



Installation


  1. Download or clone the repository (git clone
    This link is hidden for visitors. Please Log in or register now.
    )
  2. Install the required Python packages (pip install -r bamf/requirements.txt)
  3. Create a free Shodan account at 
    This link is hidden for visitors. Please Log in or register now.

  4. Configure BAMF to use your Shodan API key (python bamf.py [--shodan API])



Usage


  • Use the search command to search the internet for potential
  • Use the scan command to scan the target routers for backdoors
  • Use the map command to map the networks of devices connected to vulnerable routers
  • Use the pharm command to change the DNS settings of vulnerable routers
  • Use the targets command to view potential targets discovered this session
  • Use the backdoors command to view routers with a confirmed backdoor
  • Use the devices command to view all devices connected to vulnerable routers



To Do


Contributors welcome!Feel free to issue pull-requests with any new features or improvements you have come up with!

  1. Look into using an online vulnerability database API to enable cross-referencing responses from the Shodan IoT search engine with signatures of backdoors/vulnerabilities
  2. Change to modular design to make it easier for other developers to add detection & exploitation features for other vulnerabilities
  3. Integrate BAMF into the 
    This link is hidden for visitors. Please Log in or register now.
     framework as a distribution mechanism to maximize spreading potential

Downoad:

To see this hidden content, you must like this content.
 
Status
Not open for further replies.
Back
Top