BAMF (BACKDOOR ACCESS MACHINE FARMER)
BAMF (BACKDOOR ACCESS MACHINE FARMER)
AMF is an open-source tool designed to leverage Shodan (a search engine for the Internet of Things) to discover vulnerable routers, then utilize detected backdoors/vulnerabilities to remotely access the router administration panel and modify the DNS server settings.
Changing the primary DNS server of a router hijacks the domain name resolution process, enabling an attacker to target every device on the network simultaneously to spread malware with drive-by downloads and harvest credentials via malicious redirects to fraudulent phishing sites.
Currently, the only vulnerability detected and exploited is CVE-2013-6026, commonly known as Joel’s Backdoor, a severe vulnerability allowing unauthenticated access to the administration panel of many routers made by D-Link, one of the world’s largest manufacturers of routers for home and business.
This project is still under development and will soon have a more modular design, making it easier for other developers to add detection & exploitation features for other vulnerabilities.
Installation
Download or clone the repository (git clone https://github.com/malwaredllc/bamf)
Install the required Python packages (pip install -r bamf/requirements.txt)
Create a free Shodan account at https://account.shodan.io/register
Configure BAMF to use your Shodan API key (python bamf.py [–shodan API])
Usage
Use the search command to search the internet for potential
Use the scan command to scan the target routers for backdoors
And Use the map command to map the networks of devices connected to vulnerable routers
Use the pharm command to change the DNS settings of vulnerable routers
Use the targets command to view potential targets discovered this session
Also, Use the backdoors command to view routers with a confirmed backdoor
Use the devices command to view all devices connected to vulnerable routers
That’s all on BAMF (BACKDOOR ACCESS MACHINE FARMER)
WE ARE HERE FOR SERIOUS BUSINESS, WE DO NOT TOLERATE TIME WASTERS AND BEGGARS TRYING TO BEG OR SCAM US OF OUR PRODUCTS. Payment is Upfront, Our services are not free
Contact us for support. We sell fresh ATM Hacking, Paypal/Cashapp accounts & Transfers, Dumps with Pin, Western Union Transfers, ATM Skimmers, Bank logins, and lots more.