Penetration Testing Against OPNSense Router

Started by peterwkc, January 11, 2025, 11:40:21 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 11, 2025, 11:40:21 AM
Dear all forumer, I'm plan to do penetration testing against my OPNSense router to see any weakness in it.
Do you guys know what tools in Kali Linux to use? Thanks in advance.
January 11, 2025, 11:59:55 AM #1
The Kali Linux community might be a good place to ask such a question.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
January 11, 2025, 12:11:39 PM #2
Cookiemonster was right, but now it seems to turn into an ongoing series of accidents...

From the way you are asking, it looks like you do not know what exactly you want to test. Any real test needs a specfication of what to test and how (anything else is called trying), yet this is exactly what you are asking for. So, first you have to answer yourself a few questions:

Guessing from the other paranoid threads you have opened, you want proof for your theory of your ISP hacking you. If they (or rather: anyone) wanted to take over control of your router (which potentially is a good target for such undertaking), they would probably install some kind of malware in it. You can check if any files were modified within OpnSense itself.

Speaking of specifications: From where do you want to test? From the WAN side? Obviously, your ISP did not have access to your LAN originally.
If you did not open up the GUI or SSH from the WAN side, how could anyone get in? Most of the detected vulnerabilities in routers concern stack overflows, missing checks or default passwords in their web GUIs. If you do not expose them, you are mostly safe. Yes, in theory, there could be kernel buffer overflows, but either way, there would be traces left from the next steps of a takeover, see last paragraph.

IMHO, it is 10000 times more likely that your client device(s) have been hacked by some malware that you picked up by downloading, by e-mail or by application bugs in your browser or other applications causing a buffer overflow. I would scan those first.
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 800 up, Bufferbloat A+
January 11, 2025, 01:08:50 PM #3
Quote from: peterwkc on January 11, 2025, 11:40:21 AMDear all forumer, I'm plan to do penetration testing against my OPNSense router to see any weakness in it.
Do you guys know what tools in Kali Linux to use? Thanks in advance.

If you need to ask this, you are in no way remotely qualified to penetration test anything. Live your life, don't stress about this. Sorry, got to be  said.
January 12, 2025, 04:02:07 AM #4
Let me do nmap and vulnerability assessment.
January 12, 2025, 03:34:08 PM #5
for port scanning, nmap is a great tool, but port scanning is just a small part of professional Penetration testing.

Like others have said, that fact that your asking this question, largely shows your mostly underqualified to even know where to begin.

OPNsense 25.1.7_4-amd64 running on ESXi 6.7 U2 VM, 4Gbytes RAM, 2 x vCPU
Basic non-complex install with frr, IDS and sftp-backup plugins
April 14, 2025, 05:56:32 PM #6 Last Edit: May 05, 2025, 04:28:43 PM by Axystosa
I had the same issue pop up suddenly, and after some digging, I found out my network was being hit repeatedly by an IP Stresser. Once I tweaked the firewall rules a bit, the alerts stopped. I'd also run a packet capture during those events to get a clearer picture of what's going on.
Print
Go Up Pages1
User actions