Penetration Testing Against OPNSense Router

Started by peterwkc, January 11, 2025, 11:40:21 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 11, 2025, 11:40:21 AM
Dear all forumer, I'm plan to do penetration testing against my OPNSense router to see any weakness in it.
Do you guys know what tools in Kali Linux to use? Thanks in advance.
January 11, 2025, 11:59:55 AM #1
The Kali Linux community might be a good place to ask such a question.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
January 11, 2025, 12:11:39 PM #2
Cookiemonster was right, but now it seems to turn into an ongoing series of accidents...

From the way you are asking, it looks like you do not know what exactly you want to test. Any real test needs a specfication of what to test and how (anything else is called trying), yet this is exactly what you are asking for. So, first you have to answer yourself a few questions:

Guessing from the other paranoid threads you have opened, you want proof for your theory of your ISP hacking you. If they (or rather: anyone) wanted to take over control of your router (which potentially is a good target for such undertaking), they would probably install some kind of malware in it. You can check if any files were modified within OpnSense itself.

Speaking of specifications: From where do you want to test? From the WAN side? Obviously, your ISP did not have access to your LAN originally.
If you did not open up the GUI or SSH from the WAN side, how could anyone get in? Most of the detected vulnerabilities in routers concern stack overflows, missing checks or default passwords in their web GUIs. If you do not expose them, you are mostly safe. Yes, in theory, there could be kernel buffer overflows, but either way, there would be traces left from the next steps of a takeover, see last paragraph.

IMHO, it is 10000 times more likely that your client device(s) have been hacked by some malware that you picked up by downloading, by e-mail or by application bugs in your browser or other applications causing a buffer overflow. I would scan those first.
Intel N100, 4 x I226-V, 16 GByte, 256 GByte NVME, ZTE F6005

1100 down / 770 up, Bufferbloat A
January 11, 2025, 01:08:50 PM #3
Quote from: peterwkc on January 11, 2025, 11:40:21 AMDear all forumer, I'm plan to do penetration testing against my OPNSense router to see any weakness in it.
Do you guys know what tools in Kali Linux to use? Thanks in advance.

If you need to ask this, you are in no way remotely qualified to penetration test anything. Live your life, don't stress about this. Sorry, got to be  said.
January 12, 2025, 04:02:07 AM #4
Let me do nmap and vulnerability assessment.
January 12, 2025, 03:34:08 PM #5
for port scanning, nmap is a great tool, but port scanning is just a small part of professional Penetration testing.

Like others have said, that fact that your asking this question, largely shows your mostly underqualified to even know where to begin.

Print
Go Up Pages1
User actions