Ad End 1 February 2024
Ad Ends 13 January 2025
Ad End 26 February 2025
ad End 25 April 2025
Ad Ends 20 January 2025
Ad expire at 5 August 2024
banner Expire 25 April 2025
What's new
banner Expire 15 January 2025
banner Expire 20 October 2024
UniCvv
casino
swipe store
adv exp at 23 August 2024
Carding.pw carding forum
BidenCash Shop
Kfc CLub

BAMF (Backdoor Access Machine Farmer)

File_closed07

TRUSTED VERIFIED SELLER
Staff member
Joined
Jun 13, 2020
Messages
7,545
Reaction score
916
Points
212
Awards
2
  • trusted user
  • Rich User
AMF is an open-source tool designed to leverage Shodan (a search engine for the Internet of Things) to discover vulnerable routers, then utilize detected backdoors/vulnerabilities to remotely access the router administration panel and modify the DNS server settings.

Changing the primary DNS server of a router hijacks the domain name resolution process, enabling an attacker to target every device on the network simultaneously to spread malware with drive-by downloads and harvest credentials via malicious redirects to fraudulent phishing sites.

Currently the only vulnerability detected and exploited is CVE-2013-6026, commonly known as Joel's Backdoor, a severe vulnerability allowing unauthenticated access to the administration panel of many routers made by D-Link, one of the world's largest manufacturers of routers for home and business.

This project is still under development and will soon have a more modular design, making it easier for other developers to add detection & exploitation features for other vulnerabilities.
Installation

Download or clone the repository (git clone https://github.com/malwaredllc/bamf)
Install the required Python packages (pip install -r bamf/requirements.txt)
Create a free Shodan account at https://account.shodan.io/register
Configure BAMF to use your Shodan API key (python bamf.py [--shodan API])
Usage

Use the search command to search the internet for potential
Use the scan command to scan the target routers for backdoors
Use the map command to map the networks of devices connected to vulnerable routers
Use the pharm command to change the DNS settings of vulnerable routers
Use the targets command to view potential targets discovered this session
Use the backdoors command to view routers with a confirmed backdoor
Use the devices command to view all devices connected to vulnerable routers
 
Ad End 1 February 2024
Top