DISCLAIMER: This project should be used for authorized testing and educational purposes only.
BAMF is an open-source tool designed to leverage Shodan (a search engine for the Internet of Things) to discover vulnerable routers, then utilize detected backdoors/vulnerabilities to remotely access the router administration panel and modify the DNS server settings.
Changing the primary DNS server of a router hijacks the domain name resolution process, enabling an attacker to target every device on the network simultaneously to spread malware with drive-by downloads and harvest credentials via malicious redirects to fraudulent phishing sites.
Currently the only vulnerability detected and exploited is CVE-2013-6026, commonly known as Joel's Backdoor, a severe vulnerability allowing unauthenticated access to the administration panel of many routers made by D-Link, one of the world's largest manufacturers of routers for home and business.
This project is still under development and will soon have a more modular design, making it easier for other developers to add detection & exploitation features for other vulnerabilities.
1) Download or clone the repository (git clone https://github.com/malwaredllc/bamf
)
2) Install the required Python packages (pip install -r bamf/requirements.txt
)
3) Create a free Shodan account at https://account.shodan.io/register
4) Configure BAMF to use your Shodan API key (python bamf.py [--shodan API]
)
search
command to search the internet for potentialscan
command to scan the target routers for backdoorsmap
command to map the networks of devices connected to vulnerable routerspharm
command to change the DNS settings of vulnerable routerstargets
command to view potential targets discovered this sessionbackdoors
command to view routers with a confirmed backdoordevices
command to view all devices connected to vulnerable routersContributors welcome!Feel free to issue pull-requests with any new features or improvements you have come up with!
1) Look into using an online vulnerability database API to enable cross-referencing responses from the Shodan IoT search engine with signatures of backdoors/vulnerabilities 2) Change to modular design to make it easier for other developers to add detection & exploitation features for other vulnerabilities 3) Integrate BAMF into the BYOB framework as a distribution mechanism to maximize spreading potential
Website: https://malwared.com
Email: security@malwared.com