Adding tests for exploits info (#416)

routersploit/modules/exploits/cameras/avigilon/videoiq_camera_path_traversal.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
         "name": "Avigilon VideoIQ Camera Path Traversal",
         "description": "Module exploits Avigilon VideoIQ Camera Path Traversal vulnerability. If target is vulnerable "
                        "it is possible to read file from file system.",
-        "authors": [
+        "authors": (
             "Yakir Wizman",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/40284/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "VideoIQ Camera",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/generic/shellshock.py

@@ -8,17 +8,17 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "Shellshock",
         "description": "Exploits shellshock vulnerability that allows executing commands on operating system level.",
-        "authors": [
+        "authors": (
             "Marcin Bury <marcin@threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://access.redhat.com/articles/1200223",
             "http://seclists.org/oss-sec/2014/q3/649",
             "http://blog.trendmicro.com/trendlabs-security-intelligence/shell-attack-on-your-server-bash-bug-cve-2014-7169-and-cve-2014-6271/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Multi",
-        ],
+        ),
     }
     target = OptIP("", "Target IPv4 or IPv6 address")
     port = OptPort(80, "Target HTTP port")

routersploit/modules/exploits/generic/ssh_auth_keys.py

@@ -9,7 +9,7 @@ class Exploit(SSHClient):
         "name": "Multi SSH Authorized Keys",
         "description": "Module exploits private key exposure vulnerability. If the target is "
                        "vulnerable it is possible to authentiate to the device.",
-        "authors": [
+        "authors": (
             "xistence <xistence[at]0x90.nl>",  # Quantum DXi V1000, Array Networks, Loadbalancer.org Enterprise VA 7.5.2 vulnerability discovery
             "Cristiano Maruti (@cmaruti)",  # Baracuda Load Balancer vulnerabiltiy discovery
             "Jasper Greve",  # Ceragon FibeAir IP-10 vulnerability doscovery
@@ -17,8 +17,8 @@ class Exploit(SSHClient):
             "Matta Consulting",  # F5 BigIP
             "egypt",  # ExaGrid
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://github.com/rapid7/ssh-badkeys",
             "http://packetstormsecurity.com/files/125761/Array-Networks-vxAG-xAPV-Privilege-Escalation.html",
             "http://seclists.org/fulldisclosure/2015/Jan/76",
@@ -31,8 +31,8 @@ class Exploit(SSHClient):
             "http://packetstormsecurity.com/files/125755/quantum-root.txt",
             "https://github.com/mitchellh/vagrant/tree/master/keys",
             "https://community.rapid7.com/community/infosec/blog/2016/04/07/r7-2016-04-exagrid-backdoor-ssh-keys-and-hardcoded-credentials",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "ExaGrid firmware < 4.8 P26",
             "Quantum DXi V1000",
             "Array Networks vxAG 9.2.0.34 and vAPV 8.3.2.17 appliances",
@@ -42,7 +42,7 @@ class Exploit(SSHClient):
             "Loadbalancer.org Enterprise VA 7.5.2",
             "Digital Alert Systems DASDEC and Monroe Electronics One-Net E189 Emergency Alert System",
             "Vagrant",
-        ],
+        ),
     }
     target = OptIP("", "Target IPv4 or IPv6 address")
     port = OptPort(22, "Target SSH port")

routersploit/modules/exploits/routers/3com/ap8760_password_disclosure.py

@@ -8,16 +8,16 @@ class Exploit(HTTPClient):
         "name": "3Com AP8760 Password Disclosure",
         "description": "Exploits 3Com AP8760 password disclosure vulnerability."
                        "If the target is vulnerable it is possible to fetch credentials for administration user.",
-        "authors": [
+        "authors": (
             "Richard Brain",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://www.procheckup.com/procheckup-labs/pr07-40/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "3Com AP8760",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/3com/imc_info_disclosure.py

@@ -6,16 +6,16 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "3Com IMC Info Disclosure",
         "description": "Exploits 3Com Intelligent Management Center information disclosure vulnerability that allows to fetch credentials for SQL sa account",
-        "authors": [
+        "authors": (
             "Richard Brain",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/12680/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "3Com Intelligent Management Center",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/3com/imc_path_traversal.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
         "name": "3Com IMC Path Traversal",
         "description": "Exploits 3Com Intelligent Management Center path traversal vulnerability. "
                        "If the target is vulnerable it is possible to read file from the filesystem.",
-        "authors": [
+        "authors": (
             "Richard Brain",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/12679/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "3Com Intelligent Management Center",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/3com/officeconnect_info_disclosure.py

@@ -7,18 +7,18 @@ class Exploit(HTTPClient):
         "name": "3Com OfficeConnect Info Disclosure",
         "description": "Exploits 3Com OfficeConnect information disclosure vulnerability. "
                        "If the target is vulnerable it is possible to read sensitive information.",
-        "authors": [
+        "authors": (
             "Luca Carettoni <luca.carettoni[at]ikkisoft.com>",  # vulnerablity discovery
             "iDefense",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://old.sebug.net/paper/Exploits-Archives/2009-exploits/0902-exploits/LC-2008-05.txt",
             "http://seclists.org/vulnwatch/2005/q1/42",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "3Com OfficeConnect",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/3com/officeconnect_rce.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
         "name": "3Com OfficeConnect RCE",
         "description": "Module exploits 3Com OfficeConnect remote command execution "
                        "vulnerability which allows executing command on operating system level.",
-        "authors": [
+        "authors": (
             "Andrea Fabizi",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/9862/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "3Com OfficeConnect",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/asmax/ar_1004g_password_disclosure.py

@@ -8,15 +8,15 @@ class Exploit(HTTPClient):
         "name": "Asmax AR1004G Password Disclosure",
         "description": "Exploits Asmax AR1004G Password Disclosure vulnerability that allows to "
                        "fetch credentials for: Admin, Support and User accounts.",
-        "authors": [
+        "authors": (
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://github.com/lucyoa/exploits/blob/master/asmax/asmax.txt",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Asmax AR 1004g",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/asmax/ar_804_gu_rce.py

@@ -7,17 +7,17 @@ class Exploit(HTTPClient):
         "name": "Asmax AR 804 RCE",
         "description": "Module exploits Asmax AR 804 Remote Code Execution vulnerability which "
                        "allows executing command on operating system level with root privileges.",
-        "authors": [
+        "authors": (
             "Michal Sajdak <michal.sajdak[at]securitum.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://www.securitum.pl/dh/asmax-ar-804-gu-compromise",
             "https://www.exploit-db.com/exploits/8846/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Asmax AR 804 gu",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/asus/infosvr_backdoor_rce.py

@@ -10,15 +10,15 @@ class Exploit(UDPClient):
         "name": "Asus Infosvr Backdoor RCE",
         "description": "Module exploits remote command execution in multiple ASUS devices. If the target is "
                        "vulnerable, command loop is invoked that allows executing commands on operating system level.",
-        "authors": [
+        "authors": (
             "Joshua 'jduck' Drake; @jduck",  # vulnerability discovery
             "Friedrich Postelstorfer",  # original Python exploit
             "Michal Bentkowski; @SecurityMB",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://github.com/jduck/asus-cmd",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "ASUS RT-N66U",
             "ASUS RT-AC87U",
             "ASUS RT-N56U",
@@ -30,7 +30,7 @@ class Exploit(UDPClient):
             "ASUS RT-AC55U",
             "ASUS RT-N12HP_B1",
             "ASUS RT-N16",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/asus/rt_n16_password_disclosure.py

@@ -7,21 +7,21 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "Asus RT-N16 Password Disclosure",
         "description": "Module exploits password disclosure vulnerability in Asus RT-N16 devices that allows to fetch credentials for the device.",
-        "authors": [
+        "authors": (
             "Harry Sintonen",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
-            "https://sintonen.fi/advisories/asus-router-auth-bypass.txt"
-        ],
-        "devices": [
+        ),
+        "references": (
+            "https://sintonen.fi/advisories/asus-router-auth-bypass.txt",
+        ),
+        "devices": (
             "ASUS RT-N10U, firmware 3.0.0.4.374_168",
             "ASUS RT-N56U, firmware 3.0.0.4.374_979",
             "ASUS DSL-N55U, firmware 3.0.0.4.374_1397",
             "ASUS RT-AC66U, firmware 3.0.0.4.374_2050",
             "ASUS RT-N15U, firmware 3.0.0.4.374_16",
             "ASUS RT-N53, firmware 3.0.0.4.374_311",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/belkin/auth_bypass.py

@@ -7,21 +7,21 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "Belkin Auth Bypass",
         "description": "Module exploits Belkin authentication using MD5 password disclosure.",
-        "authors": [
+        "authors": (
             "Gregory Smiley <gsx0r.sec[at]gmail.com>",  # vulnerability discovery
             "BigNerd95 (Lorenzo Santina)",  # improved exploit and routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://securityevaluators.com/knowledge/case_studies/routers/belkin_n900.php",
             "https://www.exploit-db.com/exploits/40081/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Belkin Play Max (F7D4401)",
             "Belkin F5D8633",
             "Belkin N900 (F9K1104)",
             "Belkin N300 (F7D7301)",
             "Belkin AC1200",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/belkin/g_n150_password_disclosure.py

@@ -7,19 +7,19 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "Belkin G & N150 Password Disclosure",
         "description": "Module exploits Belkin G and N150 Password MD5 Disclosure vulnerability which allows fetching administration\'s password in md5 format",
-        "authors": [
+        "authors": (
             "Aodrulez <f3arm3d3ar[at]gmail.com>",  # vulnerability discovery
             "Avinash Tangirala",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2765",
             "https://www.exploit-db.com/exploits/17349/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Belkin G",
             "Belkin N150",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/belkin/g_plus_info_disclosure.py

@@ -8,17 +8,17 @@ class Exploit(HTTPClient):
         "name": "Belkin G Info Disclosure",
         "description": "Module exploits Belkin Wireless G Plus MIMO Router F5D9230-4 information disclosure "
                        "vulnerability which allows fetching sensitive information such as credentials.",
-        "authors": [
+        "authors": (
             "DarkFig",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0403",
             "https://www.exploit-db.com/exploits/4941/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Belkin G",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/belkin/n150_path_traversal.py

@@ -7,21 +7,21 @@ class Exploit(HTTPClient):
         "name": "Belkin N150 Path Traversal",
         "description": "Module exploits Belkin N150 Path Traversal vulnerability "
                        "which allows to read any file on the system.",
-        "authors": [
+        "authors": (
             "Aditya Lad",  # vulnerability discovery
             "Rahul Pratap Singh",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/38488/",
             "http://www.belkin.com/us/support-article?articleNum=109400",
             "http://www.kb.cert.org/vuls/id/774788",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Belkin N150 1.00.07",
             "Belkin N150 1.00.08",
             "Belkin N150 1.00.09",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/belkin/n750_rce.py

@@ -6,18 +6,18 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "Belkin N750 RCE",
         "description": "Module exploits Belkin N750 Remote Code Execution vulnerability which allows executing commands on operation system level.",
-        "authors": [
+        "authors": (
             "Marco Vaz <mv[at]integrity.pt>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1635",
             "https://www.exploit-db.com/exploits/35184/",
             "https://labs.integrity.pt/articles/from-0-day-to-exploit-buffer-overflow-in-belkin-n750-cve-2014-1635/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Belkin N750",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/belkin/play_max_prce.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "Belkin Play Max Persistent RCE",
         "description": "Module exploits Belkin SSID injection vuln, allowing to execute arbitrary command at every boot.",
-        "authors": [
+        "authors": (
             "BigNerd95 (Lorenzo Santina) https://github.com/bignerd95",  # vulnerability discovery and routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://bignerd95.blogspot.it/2017/02/belkin-play-max-persistent-remote.html",
             "https://gist.github.com/BigNerd95/c18658b472ac0ccf4dbbc73fe988b683",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Belkin Play Max (F7D4401)",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/bhu/bhu_urouter_rce.py

@@ -7,15 +7,15 @@ class Exploit(HTTPClient):
         "name": "BHU uRouter RCE",
         "description": "Module exploits BHU uRouter unauthenticated remote code execution vulnerability, which "
                        "allows executing commands on the router with root privileges.",
-        "authors": [
+        "authors": (
             "Tao 'depierre' Sauvage",
-        ],
-        "references": [
+        ),
+        "references": (
             "http://www.ioactive.com/pdfs/BHU-WiFi_uRouter-Security_Advisory_Final081716.pdf",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "BHU uRouter",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/billion/5200w_rce.py

@@ -8,18 +8,18 @@ class Exploit(TCPClient):
         "name": "Billion 5200W-T RCE",
         "description": "Module exploits Remote Command Execution vulnerability in Billion 5200W-T devices. "
                        "If the target is vulnerable it allows to execute commands on operating system level.",
-        "authors": [
+        "authors": (
             "Pedro Ribeiro <pedrib[at]gmail.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://seclists.org/fulldisclosure/2017/Jan/40",
             "https://raw.githubusercontent.com/pedrib/PoC/master/advisories/zyxel_trueonline.txt",
             "https://blogs.securiteam.com/index.php/archives/2910",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Billion 5200W-T",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/billion/7700nr4_password_disclosure.py

@@ -9,16 +9,16 @@ class Exploit(HTTPClient):
         "name": "Billion 7700NR4 Password Disclosure",
         "description": "Exploits Billion 7700NR4 password disclosure vulnerability that allows to "
                        "fetch credentials for admin account",
-        "authors": [
+        "authors": (
             "R-73eN",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/40472/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Billion 7700NR4",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/cisco/catalyst_2960_rocem.py

@@ -6,31 +6,31 @@ from routersploit.core.tcp.tcp_client import TCPClient
 
 class Exploit(TCPClient):
     __info__ = {
-        'name': 'Cisco Catalyst 2960 ROCEM RCE',
-        'description': 'Module exploits Cisco Catalyst 2960 ROCEM RCE vulnerability. '
-                       'If target is vulnerable, it is possible to patch execution flow '
-                       'to allow credless telnet interaction with highest privilege level.',
-        'authors': [
-            'Artem Kondratenko <@artkond>',  # analysis & python exploit
-            'Marcin Bury <marcin[at]threat9.com>'  # routersploit module
-        ],
-        'references': [
-            'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3881',
-            'https://artkond.com/2017/04/10/cisco-catalyst-remote-code-execution/',
-            'https://www.exploit-db.com/exploits/41872/',
-            'https://www.exploit-db.com/exploits/41874/',
-        ],
-        'devices': [
-            'Cisco Catalyst 2960 IOS 12.2(55)SE1',
-            'Cisco Catalyst 2960 IOS 12.2(55)SE11',
-        ],
+        "name": "Cisco Catalyst 2960 ROCEM RCE",
+        "description": "Module exploits Cisco Catalyst 2960 ROCEM RCE vulnerability. "
+                       "If target is vulnerable, it is possible to patch execution flow "
+                       "to allow credless telnet interaction with highest privilege level.",
+        "authors": (
+            "Artem Kondratenko <@artkond>",  # analysis & python exploit
+            "Marcin Bury <marcin[at]threat9.com>"  # routersploit module
+        ),
+        "references": (
+            "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3881",
+            "https://artkond.com/2017/04/10/cisco-catalyst-remote-code-execution/",
+            "https://www.exploit-db.com/exploits/41872/",
+            "https://www.exploit-db.com/exploits/41874/",
+        ),
+        "devices": (
+            "Cisco Catalyst 2960 IOS 12.2(55)SE1",
+            "Cisco Catalyst 2960 IOS 12.2(55)SE11",
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")
     port = OptPort(23, "Target Telnet port")
 
-    action = OptString('set', 'set / unset credless authentication for Telnet service')
-    device = OptInteger(-1, 'Target device - use "show devices"')
+    action = OptString("set", "set / unset credless authentication for Telnet service")
+    device = OptInteger(-1, "Target device - use 'show devices'")
 
     def __init__(self):
         self.payloads = [

routersploit/modules/exploits/routers/cisco/dpc2420_info_disclosure.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
         "name": "Cisco DPC2420 Info Disclosure",
         "description": "Module exploits Cisco DPC2420 information disclosure vulnerability "
                        "which allows reading sensitive information from the configuration file.",
-        "authors": [
+        "authors": (
             "Facundo M. de la Cruz (tty0) <fmdlc[at]code4life.com.ar>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/23250/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Cisco DPC2420",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/cisco/firepower_management60_path_traversal.py

@@ -8,18 +8,18 @@ class Exploit(HTTPClient):
         "name": "Cisco Firepower Management 6.0 Path Traversal",
         "description": "Module exploits Cisco Firepower Management 6.0 Path Traversal vulnerability. "
                        "If the target is vulnerable, it is possible to retrieve content of the arbitrary files.",
-        "authors": [
+        "authors": (
             "Matt",  # vulnerability discovery
             "sinn3r",  # Metasploit module
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6435",
             "https://blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunking",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Cisco Firepower Management Console 6.0",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/cisco/firepower_management60_rce.py

@@ -8,18 +8,18 @@ class Exploit(SSHClient, HTTPClient):
         "name": "Cisco Firepower Management 6.0 RCE",
         "description": "Module exploits Cisco Firepower Management 6.0 Remote Code Execution vulnerability. "
                        "If the target is vulnerable, it is create backdoor account and authenticate through SSH service.",
-        "authors": [
+        "authors": (
             "Matt",  # vulnerability discovery
             "sinn3r",  # Metasploit module
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6433",
             "https://blog.korelogic.com/blog/2016/10/10/virtual_appliance_spelunking",
-        ],
-        "devices": [
-            "Cisco Firepower Management Console 6.0"
-        ],
+        ),
+        "devices": (
+            "Cisco Firepower Management Console 6.0",
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/cisco/ios_http_authorization_bypass.py

@@ -9,15 +9,15 @@ class Exploit(HTTPClient):
         "description": "HTTP server for Cisco IOS 11.3 to 12.2 allows attackers "
                        "to bypass authentication and execute arbitrary commands, "
                        "when local authorization is being used, by specifying a high access level in the URL.",
-        "authors": [
-            "renos stoikos <rstoikos[at]gmail.com>"  # routesploit module
-        ],
-        "references": [
+        "authors": (
+            "renos stoikos <rstoikos[at]gmail.com>",  # routesploit module
+        ),
+        "references": (
             "http://www.cvedetails.com/cve/cve-2001-0537",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "IOS 11.3 -> 12.2 are reportedly vulnerable",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/cisco/secure_acs_bypass.py

@@ -9,18 +9,18 @@ class Exploit(HTTPClient):
                        "password change requests to be issued for any user in the local store. "
                        "Instances of Secure ACS running version 5.1 with patches 3, 4, or 5 as well "
                        "as version 5.2 with either no patches or patches 1 and 2 are vulnerable.",
-        "authors": [
+        "authors": (
             "Jason Kratzer <pyoor[at]flinkd.org>",  # vulnerability discovery & metasploit module
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://www.cisco.com/en/US/products/csa/cisco-sa-20110330-acs.html",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Cisco Secure ACS version 5.1 with patch 3, 4, or 5 installed and without patch 6 or later installed",
             "Cisco Secure ACS version 5.2 without any patches installed",
             "Cisco Secure ACS version 5.2 with patch 1 or 2 installed and without patch 3 or later installed",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/cisco/ucm_info_disclosure.py

@@ -7,17 +7,17 @@ class Exploit(UDPClient):
         "name": "Cisco UCM Info Disclosure",
         "description": "Module exploits information disclosure vulnerability in Cisco UCM devices. "
                        "If the target is vulnerable it is possible to read sensitive information through TFTP service.",
-        "authors": [
+        "authors": (
             "Daniel Svartman <danielsvartman[at]gmail.com",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/30237/",
             "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7030",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Cisco UCM",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/cisco/ucs_manager_rce.py

@@ -8,17 +8,17 @@ class Exploit(HTTPClient):
         "name": "Cisco UCS Manager RCE",
         "description": "Module exploits Cisco UCS Manager 2.1 (1b) Remote Code Execution vulnerability which "
                        "allows executing commands on operating system level.",
-        "authors": [
+        "authors": (
             "thatchriseckert",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/39568/",
             "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Cisco UCS Manager 2.1 (1b)",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/cisco/unified_multi_path_traversal.py

@@ -8,15 +8,15 @@ class Exploit(HTTPClient):
         "description": "Module exploits path traversal vulnerability in Cisco Unified Communications Manager, "
                        "Cisco Unified Contact Center Express and Cisco Unified IP Interactive Voice Response devices."
                        "If the target is vulnerable it allows to read files from the filesystem.",
-        "authors": [
+        "authors": (
             "Facundo M. de la Cruz (tty0) <fmdlc[at]code4life.com.ar>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/36256/",
             "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3315",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Cisco Unified Communications Manager 5.x",
             "Cisco Unified Communications Manager 6.x < 6.1(5)",
             "Cisco Unified Communications Manager 7.x < 7.1(5b)",
@@ -25,7 +25,7 @@ class Exploit(HTTPClient):
             "Cisco Unified IP Interactive Voice Response < 6.0(1)",
             "Cisco Unified IP Interactive Voice Response 7.0(x) < 7.0(2)",
             "Cisco Unified IP Interactive Voice Response 8.0(x) < 8.5(1)",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/cisco/video_surv_path_traversal.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
         "name": "Cisco Video Surveillance Path Traversal",
         "description": "Module exploits path traversal vulnerability in Cisco Video Surveillance Operations Manager 6.3.2 devices. "
                        "If the target is vulnerable it allows to read files from the filesystem.",
-        "authors": [
+        "authors": (
             "b.saleh",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/38389/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Cisco Video Surveillance Operations Manager 6.3.2",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/comtrend/ct_5361t_password_disclosure.py

@@ -8,15 +8,15 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "Comtrend CT 5361T Password Disclosure",
         "description": "WiFi router Comtrend CT 5361T suffers from a Password Disclosure Vulnerability",
-        "authors": [
+        "authors": (
             "TUNISIAN CYBER",  # routersploit module
-        ],
-        "references": [
-            "https://packetstormsecurity.com/files/126129/Comtrend-CT-5361T-Password-Disclosure.html"
-        ],
-        "devices": [
+        ),
+        "references": (
+            "https://packetstormsecurity.com/files/126129/Comtrend-CT-5361T-Password-Disclosure.html",
+        ),
+        "devices": (
             "Comtrend CT 5361T (more likely CT 536X)",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dcs_930l_auth_rce.py

@@ -6,16 +6,16 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "D-Link DCS-930L Auth RCE",
         "description": "Module exploits D-Link DCS-930L Remote Code Execution vulnerability which allows executing command on the device.",
-        "authors": [
+        "authors": (
             "Nicholas Starke <nick[at]alephvoid.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/39437/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DCS-930L",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dgs_1510_add_user.py

@@ -12,14 +12,14 @@ class Exploit(HTTPClient):
         "description": "D-Link DGS-1510-28XMP, DGS-1510-28X, DGS-1510-52X, DGS-1510-52, DGS-1510-28P, DGS-1510-28 and DGS-1510-20 "
                        "Websmart devices with firmware before 1.31.B003 allow attackers to conduct Unauthenticated Information Disclosure "
                        "attacks via unspecified vectors.",
-        "authors": [
+        "authors": (
             "Varang Amin",  # vulnerability discovery
             "Dino Causevic"  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/41662/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DGS-1510-28XMP",
             "D-Link DGS-1510-28X",
             "D-Link DGS-1510-52X",
@@ -27,7 +27,7 @@ class Exploit(HTTPClient):
             "D-Link DGS-1510-28P",
             "D-Link DGS-1510-28",
             "D-Link DGS-1510-20"
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dir_300_320_600_615_info_disclosure.py

@@ -8,20 +8,20 @@ class Exploit(HTTPClient):
         "name": "D-Link DIR-300 & DIR-320 & DIR-600 & DIR-615 Info Disclosure",
         "description": "Module explois information disclosure vulnerability in D-Link DIR-300, DIR-320, DIR-600,"
                        "DIR-615 devices. It is possible to retrieve sensitive information such as credentials.",
-        "authors": [
+        "authors": (
             "tytusromekiatomek <tytusromekiatomek[at]inbox.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
             "Aleksandr Mikhaylov <chelaxe[at]gmail.com>",  # routersploit module
-        ],
-        "references": [
-            "http://seclists.org/bugtraq/2013/Dec/11"
-        ],
-        "devices": [
+        ),
+        "references": (
+            "http://seclists.org/bugtraq/2013/Dec/11",
+        ),
+        "devices": (
             "D-Link DIR-300 (all)",
             "D-Link DIR-320 (all)",
             "D-Link DIR-600 (all)",
             "D-Link DIR-615 (fw 4.0)",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dir_300_320_615_auth_bypass.py

@@ -7,19 +7,19 @@ class Exploit(HTTPClient):
         "name": "D-Link DIR-300 & DIR-320 & DIR-615 Auth Bypass",
         "description": "Module exploits authentication bypass vulnerability in D-Link DIR-300, DIR-320, DIR-615 "
                        "revD devices. It is possible to access administration panel without providing password.",
-        "authors": [
+        "authors": (
             "Craig Heffner",  # vulnerability discovery
             "Karol Celin",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://www.devttys0.com/wp-content/uploads/2010/12/dlink_php_vulnerability.pdf",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DIR-300",
             "D-Link DIR-600",
             "D-Link DIR-615 revD",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dir_300_600_rce.py

@@ -7,19 +7,19 @@ class Exploit(HTTPClient):
         "name": "D-Link DIR-300 & DIR-600 RCE",
         "description": "Module exploits D-Link DIR-300, DIR-600 Remote Code Execution vulnerability "
                        "which allows executing command on operating system level with root privileges.",
-        "authors": [
+        "authors": (
             "Michael Messner <devnull[at]s3cur1ty.de>",  # vulnerability discovery
             "Marcin Bury <marcin.bury[at]reverse-shell.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://www.dlink.com/uk/en/home-solutions/connect/routers/dir-600-wireless-n-150-home-router",
             "http://www.s3cur1ty.de/home-network-horror-days",
             "http://www.s3cur1ty.de/m1adv2013-003",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DIR 300",
             "D-Link DIR 600",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dir_300_645_815_upnp_rce.py

@@ -6,20 +6,20 @@ class Exploit(UDPClient):
     __info__ = {
         "name": "D-Link DIR-300 & DIR-645 & DIR-815 UPNP RCE",
         "description": "Module exploits D-Link DIR-300, DIR-645 and DIR-815 UPNP Remote Code Execution vulnerability which allows executing command on the device.",
-        "authors": [
+        "authors": (
             "Zachary Cutlip",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://github.com/zcutlip/exploit-poc/tree/master/dlink/dir-815-a1/upnp-command-injection",
             "http://shadow-file.blogspot.com/2013/02/dlink-dir-815-upnp-command-injection.html",
             "https://www.exploit-db.com/exploits/34065/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DIR-300",
             "D-Link DIR-645",
             "D-Link DIR-815",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dir_645_815_rce.py

@@ -6,14 +6,14 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "D-Link DIR-645 & DIR-815 RCE",
         "description": "Module exploits D-Link DIR-645 and DIR-815 Remote Code Execution vulnerability which allows executing command on the device.",
-        "authors": [
+        "authors": (
             "Michael Messner <devnull[at]s3cur1ty.de>",  # Vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://www.s3cur1ty.de/m1adv2013-017",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "DIR-815 v1.03b02",
             "DIR-645 v1.02",
             "DIR-645 v1.03",
@@ -23,7 +23,7 @@ class Exploit(HTTPClient):
             "DIR-412 Ver 1.14WWB02",
             "DIR-456U Ver 1.00ONG",
             "DIR-110 Ver 1.01",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dir_645_password_disclosure.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "D-Link DIR-645 Password Disclosure",
         "description": "Module exploits D-Link DIR-645 password disclosure vulnerability.",
-        "authors": [
+        "authors": (
             "Roberto Paleari <roberto[at]greyhats.it>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://packetstormsecurity.com/files/120591/dlinkdir645-bypass.txt",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DIR-645 (Versions < 1.03)",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dir_815_850l_rce.py

@@ -4,18 +4,19 @@ from routersploit.core.udp.udp_client import UDPClient
 class Exploit(UDPClient):
     __info__ = {
         "name": "D-Link DIR-815 & DIR-850L RCE",
-        "description": "Module exploits D-Link DIR-815 and DIR-850L Remote Code Execution vulnerability which allows executing command on the device.",
-        "authors": [
+        "description": "Module exploits D-Link DIR-815 and DIR-850L Remote Code Execution vulnerability "
+                       "which allows executing command on the device.",
+        "authors": (
             "Samuel Huntley",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/38715/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DIR-815",
             "D-Link DIR-850L",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dir_825_path_traversal.py

@@ -6,16 +6,16 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "D-Link DIR-825 Path Traversal",
         "description": "Module exploits D-Link DIR-825 path traversal vulnerability, which allows reading files from the device.",
-        "authors": [
+        "authors": (
             "Samuel Huntley",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/38718/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DIR-825",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dir_850l_creds_disclosure.py

@@ -8,18 +8,18 @@ class Exploit(HTTPClient):
         "name": "D-Link DIR-850L Creds Disclosure",
         "description": "Module exploits D-Link DIR-850L credentials disclosure vulnerability, "
                        "which allows retrieving administrative credentials.",
-        "authors": [
+        "authors": (
             "Hack2Win",  # vulnerability discovery
             "GH0st3rs",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://packetstormsecurity.com/files/145097/dlink-850-admin-creds-retriever.sh.txt",
             "https://www.rapid7.com/db/modules/exploit/linux/http/dlink_dir850l_unauth_exec",
             "https://blogs.securiteam.com/index.php/archives/3364",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DIR-850L",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dns_320l_327l_rce.py

@@ -9,17 +9,17 @@ class Exploit(HTTPClient):
         "name": "D-Link DNS-320L & DIR-327L RCE",
         "description": "Module exploits D-Link DNS-320L, DNS-327L Remote Code Execution "
                        "vulnerability which allows executing command on the device.",
-        "authors": [
+        "authors": (
             "Gergely Eberhardt",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DNS-320L 1.03b04",
             "D-Link DNS-327L, 1.02",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dsl_2640b_dns_change.py

@@ -7,17 +7,17 @@ class Exploit(HTTPClient):
         "name": "D-Link DSL-2640B DNS Change",
         "description": "Module exploits D-Link DSL-2640B dns change vulnerability. "
                        "If the target is vulnerable it is possible to change dns settings.",
-        "authors": [
+        "authors": (
             "Todor Donev <todor.doven[at]gmail.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/36105/",
             "https://github.com/jh00nbr/Routerhunter-2.0",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DSL-2640B",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dsl_2730_2750_path_traversal.py

@@ -7,18 +7,18 @@ class Exploit(HTTPClient):
         "name": "D-Link DSL-2730U/2750U/2750E Path Traversal",
         "description": "Module exploits D-Link DSL-2730U/2750U/2750E Path Traversal "
                        "vulnerability which allows to read any file on the system.",
-        "authors": [
+        "authors": (
             "Todor Donev <todor.donev[at]gmail.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/40735/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DSL-2730U",
             "D-Link DSL-2750U",
             "D-Link DSL-2750E",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dsl_2730b_2780b_526b_dns_change.py

@@ -7,19 +7,19 @@ class Exploit(HTTPClient):
         "name": "D-Link DSL-2780B & DSL-2730B & DSL-526B DNS Change",
         "description": "Module exploits D-Link DSL-2780B, DSL-2730B and DSL-526B dns change vulnerability. "
                        "If the target is vulnerable it is possible to change dns settings.",
-        "authors": [
+        "authors": (
             "Todor Donev <todor.doven[at]gmail.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/37237/",
             "https://github.com/jh00nbr/Routerhunter-2.0",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DSL-2780B",
             "D-Link DSL-2730B",
             "D-Link DSL-526B",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dsl_2740r_dns_change.py

@@ -7,17 +7,17 @@ class Exploit(HTTPClient):
         "name": "D-Link DSL-2740R DNS Change",
         "description": "Module exploits D-Link DSL-2740R dns change vulnerability. "
                        "If the target is vulnerable it is possible to change dns settings.",
-        "authors": [
+        "authors": (
             "Todor Donev <todor.doven[at]gmail.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/35917/",
             "https://github.com/jh00nbr/Routerhunter-2.0",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DSL-2740R",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dsl_2750b_info_disclosure.py

@@ -8,18 +8,18 @@ class Exploit(HTTPClient):
         "name": "D-Link DSL-2750B Info Disclosure",
         "description": "Module explois information disclosure vulnerability in D-Link DSL-2750B devices. "
                        "It is possible to retrieve sensitive information such as SSID, Wi-Fi password, PIN code.",
-        "authors": [
+        "authors": (
             "Alvaro Folgado",  # vulnerability discovery
             "Jose Rodriguez",  # vulnerability discovery
             "Ivan Sanz",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>", # routersploit module,
-        ],
-        "references": [
+        ),
+        "references": (
             "http://seclists.org/fulldisclosure/2015/May/129",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DSL-2750B EU_1.01",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dsl_2750b_rce.py

@@ -7,17 +7,17 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "D-Link DSL-2750B RCE",
         "description": "Module exploits remote code execution vulnerability in D-Link DSL-2750B devices. ",
-        "authors": [
+        "authors": (
             "p@ql",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>", # routersploit module,
-        ],
-        "references": [
+        ),
+        "references": (
             "http://seclists.org/fulldisclosure/2016/Feb/53",
             "https://packetstormsecurity.com/files/135706/dlinkdsl2750b-exec.txt",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DSL-2750B",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dsp_w110_rce.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
         "name": "D-Link DSP-W110 RCE",
         "description": "Module exploits D-Link DSP-W110 Remote Command Execution vulnerability "
                        "which allows executing command on the operating system level.",
-        "authors": [
+        "authors": (
             "Peter Adkins <peter.adkins[at]kernelpicnic.net",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://github.com/darkarnium/secpub/tree/master/D-Link/DSP-W110",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DSP-W110 (Rev A) - v1.05b01",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dvg_n5402sp_path_traversal.py

@@ -7,17 +7,17 @@ class Exploit(HTTPClient):
         "name": "D-Link DVG-N5402SP Path Traversal",
         "description": "Module exploits D-Link DVG-N5402SP path traversal "
                        "vulnerability, which allows reading files form the device.",
-        "authors": [
+        "authors": (
             "Karn Ganeshen",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/39409/",
             "http://ipositivesecurity.blogspot.com/2016/02/dlink-dvgn5402sp-multiple-vuln.html",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DVG-N5402SP",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dwl_3200ap_password_disclosure.py

@@ -8,16 +8,16 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "D-Link DWL-3200AP Password Disclosure",
         "description": "Exploits D-Link DWL3200 access points weak cookie value.",
-        "authors": [
+        "authors": (
             "pws",  # Vulnerability discovery
             "Josh Abraham <sinisterpatrician[at]google.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/34206/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DWL-3200AP",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dwr_932_info_disclosure.py

@@ -8,16 +8,16 @@ class Exploit(HTTPClient):
         "name": "D-Link DWR-932 Info Disclosure",
         "description": "Module explois information disclosure vulnerability in D-Link DWR-932 devices. "
                        "It is possible to retrieve sensitive information such as credentials.",
-        "authors": [
+        "authors": (
             "Saeed reza Zamanian",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/39581/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DWR-932",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/dwr_932b_backdoor.py

@@ -10,16 +10,16 @@ class Exploit(TCPClient, TelnetClient):
         "name": "D-Link DWR-932B",
         "description": "Module exploits D-Link DWR-932B backdoor vulnerability which allows "
                        "executing command on operating system level with root privileges.",
-        "authors": [
+        "authors": (
             "Pierre Kim @PierreKimSec",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://pierrekim.github.io/advisories/2016-dlink-0x00.txt",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DWR-932B",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/dlink/multi_hedwig_cgi_exec.py

@@ -8,20 +8,20 @@ class Exploit(HTTPClient):
         "name": "D-Link Hedwig CGI RCE",
         "description": "Module exploits buffer overflow vulnerablity in D-Link Hedwig CGI component, "
                        "which leads to remote code execution.",
-        "authors": [
+        "authors": (
             "Austin <github.com/realoriginal>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://securityadvisories.dlink.com/security/publication.aspx?name=SAP10008",
             "http://www.dlink.com/us/en/home-solutions/connect/routers/dir-645-wireless-n-home-router-1000",
             "http://roberto.greyhats.it/advisories/20130801-dlink-dir645.txt",
             "https://www.exploit-db.com/exploits/27283/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DIR-645 Ver. 1.03",
             "D-Link DIR-300 Ver. 2.14",
             "D-Link DIR-600",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")
@@ -30,8 +30,7 @@ class Exploit(HTTPClient):
     def run(self):
         if self.check():
             print_success("Target is vulnerable")
-            print_status("Invoking command loop...")
-            shell(self, architecture="mipsle", method="echo", locaiton="/tmp",
+            shell(self, architecture="mipsle", method="echo", location="/tmp",
                   echo_options={"prefix": "\\\\x"}, exec_binary="chmod 777 {0} && {0} && rm {0}")
         else:
             print_error("Target is not vulnerable")

routersploit/modules/exploits/routers/dlink/multi_hnap_rce.py

@@ -6,17 +6,17 @@ class Exploit(HTTPClient):
         "name": "D-Link Multi HNAP RCE",
         "description": "Module exploits HNAP remote code execution vulnerability in multiple D-Link "
                        "devices which allows executing commands on the device.",
-        "authors": [
+        "authors": (
             "Samuel Huntley",  # vulnerability discovery
             "Craig Heffner",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/37171/",
             "https://www.exploit-db.com/exploits/38722/",
             "http://www.devttys0.com/2015/04/hacking-the-d-link-dir-890l/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "D-Link DIR-645",
             "D-Link AP-1522 revB",
             "D-Link DAP-1650 revB",
@@ -30,7 +30,7 @@ class Exploit(HTTPClient):
             "D-Link DIR-645",
             "D-Link TEW-751DR",
             "D-Link TEW-733GR",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/fortinet/fortigate_os_backdoor.py

@@ -8,20 +8,21 @@ from routersploit.core.ssh.ssh_client import SSHClient
 
 class Exploit(SSHClient):
     __info__ = {
-        'name': 'FortiGate OS 4.x-5.0.7 Backdoor',
-        'description': 'Module exploits D-Link DNS-320L, DNS-327L Remote Code Execution vulnerability which allows executing command on the device.',
-        'authors': [
-            'operator8203',  # vulnerability discovery
-            'Marcin Bury <marcin[at]threat9.com>',  # routersploit module
-        ],
-        'references': [
-            'http://www.dlink.com/uk/en/home-solutions/connect/routers/dir-600-wireless-n-150-home-router',
-            'http://www.s3cur1ty.de/home-network-horror-days',
-            'http://www.s3cur1ty.de/m1adv2013-003',
-        ],
-        'devices': [
-            'FortiGate OS Version 4.x-5.0.7',
-        ]
+        "name": "FortiGate OS 4.x-5.0.7 Backdoor",
+        "description": "Module exploits D-Link DNS-320L, DNS-327L Remote Code Execution vulnerability "
+                       "which allows executing command on the device.",
+        "authors": (
+            "operator8203",  # vulnerability discovery
+            "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
+        ),
+        "references": (
+            "http://www.dlink.com/uk/en/home-solutions/connect/routers/dir-600-wireless-n-150-home-router",
+            "http://www.s3cur1ty.de/home-network-horror-days",
+            "http://www.s3cur1ty.de/m1adv2013-003",
+        ),
+        "devices": (
+            "FortiGate OS Version 4.x-5.0.7",
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/huawei/e5331_mifi_info_disclosure.py

@@ -8,16 +8,16 @@ class Exploit(HTTPClient):
         "name": "Huawei E5331 Info Disclosure",
         "description": "Module exploits information disclosure vulnerability in Huawei E5331 MiFi Mobile Hotspot"
                        "devices. If the target is vulnerable it allows to read sensitive information.",
-        "authors": [
+        "authors": (
             "J. Greil https://www.sec-consult.com",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/32161/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Huawei E5331 MiFi Mobile Hotspot",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address: 192.168.1.1")

routersploit/modules/exploits/routers/huawei/hg520_info_dislosure.py

@@ -8,16 +8,16 @@ class Exploit(UDPClient):
         "name": "Huawei HG520 Information Disclosure",
         "description": "Module exploits Huawei EchoLife HG520 information disclosure vulnerablity. "
                        "If the target is vulnerable it is possible to retrieve sensitive information.",
-        "authors": [
+        "authors": (
             "hkm",  # vulnerablity discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/12298/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Huawei HG520",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/huawei/hg530_hg520b_password_disclosure.py

@@ -8,17 +8,17 @@ class Exploit(HTTPClient):
         "name": "Huawei HG530 & HG520b Password Disclosure",
         "description": "Module exploits password disclosure vulnerability in Huawei HG530 and HG520b devices. "
                        "If the target is vulnerable it allows to read credentials.",
-        "authors": [
+        "authors": (
             "Fady Mohamed Osman (@fady_osman)",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/37424/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Huawei Home Gateway HG530",
             "Huawei Home Gateway HG520b",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/huawei/hg866_password_change.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
         "name": "Huawei HG866 Password Change",
         "description": "Module exploits password change vulnerability in Huawei HG866 devices. "
                        "If the target is vulnerable it allows to change administration password.",
-        "authors": [
+        "authors": (
             "hkm",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/19185/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Huawei HG866",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/ipfire/ipfire_oinkcode_rce.py

@@ -8,16 +8,16 @@ class Exploit(HTTPClient):
         "name": "IPFire Oinkcode RCE",
         "description": "Module exploits IPFire < 2.19 Core Update 110 Remote Code Execution vulnerability "
                        "which allows executing command on operating system level.",
-        "authors": [
+        "authors": (
             "0x09AL",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/42149/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "IPFire < 2.19 Core Update 110",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/ipfire/ipfire_shellshock.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
         "name": "IPFire Shellshock",
         "description": "Exploits shellshock vulnerability in IPFire M= 2.15 Core Update 82. "
                        "If the target is vulnerable it is possible to execute commands on operating system level.",
-        "authors": [
+        "authors": (
             "Claudio Viviani",  # vulnerability discovery
             "Marcin Bury <marcin@threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/34839",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "IPFire <= 2.15 Core Update 82",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/juniper/screenos_backdoor.py

@@ -6,17 +6,17 @@ class Exploit(TelnetClient):
     __info__ = {
         'name': 'Juniper ScreenOS Backdoor',
         'description': 'Module exploits Juniper ScreenOS Authentication Backdoor vulnerability. If the target is is possible to authentiate to the device.',
-        'authors': [
+        'authors': (
             'hdm',  # vulnerability discovery
             'Marcin Bury <marcin[at]threat9.com>',  # routersploit module
-        ],
-        'references': [
+        ),
+        'references': (
             'https://community.rapid7.com/community/infosec/blog/2015/12/20/cve-2015-7755-juniper-screenos-authentication-backdoor',
-        ],
-        'devices': [
+        ),
+        'devices': (
             'Juniper ScreenOS 6.2.0r15 to 6.2.0r18',
             'Juniper ScreenOS 6.3.0r12 to 6.3.0r20',
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/linksys/1500_2500_rce.py

@@ -8,16 +8,16 @@ class Exploit(HTTPClient):
         "description": "Module exploits remote command execution in Linksys E1500/E2500 devices. "
                        "Diagnostics interface allows executing root privileged shell commands is "
                        "available on dedicated web pages on the device.",
-        "authors": [
+        "authors": (
             "Michael Messner",  # vulnerability discovery
             "Esteban Rodriguez (n00py)",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/24475/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Linksys E1500/E2500",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/linksys/smartwifi_password_disclosure.py

@@ -8,17 +8,17 @@ class Exploit(HTTPClient):
         "name": "Linksys SMART WiFi Password Disclosure",
         "description": "Exploit implementation for Linksys SMART WiFi Password Disclosure vulnerability. "
                        "If target is vulnerable administrator's MD5 passsword is retrieved.",
-        "authors": [
+        "authors": (
             "Sijmen Ruwhof",  # vulnerability discovery
             "0BuRner",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.kb.cert.org/vuls/id/447516",
             "http://sijmen.ruwhof.net/weblog/268-password-hash-disclosure-in-linksys-smart-wifi-routers",
             "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8243",
             "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8243",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Linksys EA2700 < Ver.1.1.40 (Build 162751)",
             "Linksys EA3500 < Ver.1.1.40 (Build 162464)",
             "Linksys E4200v2 < Ver.2.1.41 (Build 162351)",
@@ -29,7 +29,7 @@ class Exploit(HTTPClient):
             "Linksys EA6500 < Ver.1.1.40 (Build 160989)",
             "Linksys EA6700 < Ver.1.1.40 (Build 160989)",
             "Linksys EA6900 < Ver.1.1.42 (Build 161129)",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/linksys/wap54gv3_rce.py

@@ -9,16 +9,16 @@ class Exploit(HTTPClient):
         "description": "Module exploits remote command execution in Linksys WAP54Gv3 devices. "
                        "Debug interface allows executing root privileged shell commands is available "
                        "on dedicated web pages on the device.",
-        "authors": [
+        "authors": (
             "Phil Purviance",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://seclists.org/bugtraq/2010/Jun/93",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Linksys WAP54Gv3",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/linksys/wrt100_110_rce.py

@@ -8,18 +8,18 @@ class Exploit(HTTPClient):
         "description": "Module exploits remote command execution in Linksys WRT100/WRT110 devices. "
                        "If the target is vulnerable, command loop is invoked that allows executing commands "
                        "on operating system level.",
-        "authors": [
+        "authors": (
             "Craig Young",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-3568",
             "http://seclists.org/bugtraq/2013/Jul/78",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Linksys WRT100",
             "Linksys WRT110",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/movistar/adsl_router_bhs_rta_path_traversal.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
         "name": "Movistar ADSL Router BHS_RTA Path Traversal",
         "description": "Module exploits Movistar ADSL Router BHS_RTA Path Traversal "
                        "vulnerability which allows to read any file on the system.",
-        "authors": [
+        "authors": (
             "Todor Donev <todor.donev[at]gmail.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/40734/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Movistar ADSL Router BHS_RTA",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/multi/misfortune_cookie.py

@@ -7,19 +7,19 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "Misfortune Cookie",
         "description": "Exploit implementation for Misfortune Cookie Authentication Bypass vulnerability.",
-        "authors": [
+        "authors": (
             "Check Point <www.checkpoint.com>",  # vulnerability discovery
             "Jan Trencansky",  # proof of concept exploit
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
             "Milad Doorbash <milad.doorbash[at]gmail.com>",  # authentication bypass exploit
-        ],
-        "references": [
+        ),
+        "references": (
             "http://mis.fortunecook.ie/",
             "http://embedsec.systems/embedded-device-security/2015/02/16/Misfortune-Cookie-CVE-2014-9222-Demystified.html",
             "http://piotrbania.com/all/articles/tplink_patch",
             "https://www.nccgroup.trust/globalassets/our-research/uk/whitepapers/2015/10/porting-the-misfortune-cookie-exploit-whitepaperpdf",
-        ],
-        "devices": [
+        ),
+        "devices": (
             #         brand       # model        # firmware
             {'name': "Azmoon     AZ-D140W        2.11.89.0(RE2.C29)3.11.11.52_PMOFF.1", 'number': 107367693, 'offset': 13},  # 0x803D5A79        # tested
             {'name': "Billion    BiPAC 5102S     Av2.7.0.23 (UE0.B1C)", 'number': 107369694, 'offset': 13},  # 0x8032204d                       # ----------
@@ -107,7 +107,7 @@ class Exploit(HTTPClient):
             {'name': "TP-Link   TD-W8961ND      V3_120830", 'number': 107353414, 'offset': 36},  # 0x803605B4                                   # ----------
             {'name': "ZyXEL     P-660R-T3       3.40(BOQ.0)C0", 'number': 107369567, 'offset': 21},  # 0x803db071                               # tested
             {'name': "ZyXEL     P-660RU-T3      3.40(BJR.0)C0", 'number': 107369567, 'offset': 21},  # 0x803db071
-        ],
+        ),
     }
 
     # *---------- means data for this firmware is obtained from other tested firmwares.

routersploit/modules/exploits/routers/multi/rom0.py

@@ -11,17 +11,17 @@ class Exploit(HTTPClient):
         "name": "RomPager ROM-0",
         "description": "Exploits RomPager ROM-0 authentication bypass vulnerability that allows downloading "
                        "rom file and extract password without credentials.",
-        "authors": [
+        "authors": (
             "0BuRner",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://cve.mitre.org/cgi-bin/cvename.cgi?name=2014-4019",
             "http://www.osvdb.org/show/osvdb/102668",
             "https://dariusfreamon.wordpress.com/tag/rompager/",
             "http://rootatnasro.wordpress.com/2014/01/11/how-i-saved-your-a-from-the-zynos-rom-0-attack-full-disclosure/",
             "https://antoniovazquezblanco.github.io/docs/advisories/Advisory_RomPagerXSS.pdf",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "AirLive WT-2000ARM (2.11.6.0(RE0.C29)3.7.6.1)",
             "D-Link DSL-2520U (1.08 Hardware Version: B1)",
             "D-Link DSL-2640R",
@@ -41,7 +41,7 @@ class Exploit(HTTPClient):
             "ZyXEL ES-2024",
             "ZyXEL Prestige P-2602HW",
             "ZyXEL Prestige 782R",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/multi/tcp_32764_info_disclosure.py

@@ -9,14 +9,14 @@ class Exploit(TCPClient):
         "name": "TCP-32764 Info Disclosure",
         "description": "Exploits backdoor functionality that allows fetching "
                        "credentials for administrator user.",
-        "authors": [
+        "authors": (
             "Eloi Vanderbeken",  # vulnerability discovery & proof of concept exploit
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://github.com/elvanderb/TCP-32764",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Cisco RVS4000 fwv 2.0.3.2 & 1.3.0.5",
             "Cisco WAP4410N",
             "Cisco WRVS4400N",
@@ -40,7 +40,7 @@ class Exploit(TCPClient):
             "Netgear DGND3300Bv2 fwv 2.1.00.53_1.00.53GR",
             "Netgear DM111Pv2",
             "Netgear JNR3210",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/multi/tcp_32764_rce.py

@@ -8,14 +8,14 @@ class Exploit(TCPClient):
         "name": "TCP-32764 RCE",
         "description": "Exploits backdoor functionality that allows executing commands "
                        "on operating system level.",
-        "authors": [
+        "authors": (
             "Eloi Vanderbeken",  # vulnerability discovery & proof of concept exploit
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://github.com/elvanderb/TCP-32764",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Cisco RVS4000 fwv 2.0.3.2 & 1.3.0.5",
             "Cisco WAP4410N",
             "Cisco WRVS4400N",
@@ -39,7 +39,7 @@ class Exploit(TCPClient):
             "Netgear DGND3300Bv2 fwv 2.1.00.53_1.00.53GR",
             "Netgear DM111Pv2",
             "Netgear JNR3210",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/netcore/udp_53413_rce.py

@@ -5,12 +5,12 @@ from routersploit.core.udp.udp_client import UDPClient
 class Exploit(UDPClient):
     __info__ = {
         "name": "Netcore/Netis UDP 53413 RCE",
-        "authors": [
-            "Tim Yeh, Trend Micro",  # vulnerability discovery
-            "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
         "description": "Exploits Netcore/Netis backdoor functionality that allows "
                        "executing commands on operating system level.",
+        "authors": (
+            "Tim Yeh, Trend Micro",  # vulnerability discovery
+            "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
+        ),
         "references": (
             "https://www.seebug.org/vuldb/ssvid-90227",
             "http://blog.trendmicro.com/trendlabs-security-intelligence/netis-routers-leave-wide-open-backdoor/",

routersploit/modules/exploits/routers/netgear/dgn2200_dnslookup_cgi_rce.py

@@ -6,20 +6,20 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "Netgear DGN2200 RCE",
         "description": "Exploits Netgear DGN2200 RCE vulnerability through dnslookup.cgi resource.",
-        "authors": [
+        "authors": (
             "SivertPL",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/41459/",
             "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6334",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Netgear DGN2200v1",
             "Netgear DGN2200v2",
             "Netgear DGN2200v3",
             "Netgear DGN2200v4",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/netgear/dgn2200_ping_cgi_rce.py

@@ -6,20 +6,20 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "Netgear DGN2200 RCE",
         "description": "Exploits Netgear DGN2200 RCE vulnerability in the ping.cgi script.",
-        "authors": [
+        "authors": (
             "SivertPL",  # vulnerability discovery
             "Josh Abraham <sinisterpatrician[at]google.com>",  # routesploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/41394/",
             "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6077",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Netgear DGN2200v1",
             "Netgear DGN2200v2",
             "Netgear DGN2200v3",
             "Netgear DGN2200v4",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/netgear/jnr1010_path_traversal.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
         "name": "Netgear JNR1010 Path Traversal",
         "description": "Module exploits Netgear JNR1010 Path Traversal vulnerability "
                        "which allows to read any file on the system.",
-        "authors": [
+        "authors": (
             "Todor Donev <todor.donev[at]gmail.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/40736/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Netgear JNR1010",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/netgear/multi_password_disclosure-2017-5521.py

@@ -9,18 +9,18 @@ class Exploit(HTTPClient):
                        "If target is vulnerable administrator\'s password is retrieved. "
                        "This exploit only works if \'password recovery\' in router settings is OFF. "
                        "If the exploit has already been run, then it might not work anymore until device reboot.",
-        "authors": [
+        "authors": (
             "Simon Kenin <Trustwave SpiderLabs>",  # vulnerability discovery
             "0BuRner",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.trustwave.com/Resources/Security-Advisories/Advisories/TWSL2017-003/?fid=8911",
             "https://www.trustwave.com/Resources/SpiderLabs-Blog/CVE-2017-5521--Bypassing-Authentication-on-NETGEAR-Routers/",
             "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5521",
             "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5521",
             "http://kb.netgear.com/30632/Web-GUI-Password-Recovery-and-Exposure-Security-Vulnerability",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Netgear D6220",
             "Netgear D6400",
             "Netgear R6200v2",
@@ -40,7 +40,7 @@ class Exploit(HTTPClient):
             "Netgear WNDR3400v3",
             "Netgear WNR3500Lv2",
             "Netgear WNDR4500v2",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/netgear/multi_rce.py

@@ -7,15 +7,15 @@ class Exploit(HTTPClient):
         "name": "Netgear Multi RCE",
         "description": "Module exploits remote command execution in multiple Netgear devices. If the target is "
                        "vulnerable, command loop is invoked that allows executing commands on operating system level.",
-        "authors": [
+        "authors": (
             "Andrei Costin <andrei[at]firmware.re>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://firmware.re/vulns/acsa-2015-001.php",
             "https://www.blackhat.com/docs/asia-16/materials/asia-16-Costin-Automated-Dynamic-Firmware-Analysis-At-Scale-A-Case-Study-On-Embedded-Web-Interfaces.pdf",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Netgear WG102",
             "Netgear WG103",
             "Netgear WN604",
@@ -29,7 +29,7 @@ class Exploit(HTTPClient):
             "Netgear WNDAP380R(v2)",
             "Netgear WN370",
             "Netgear WND930",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/netgear/n300_auth_bypass.py

@@ -7,15 +7,15 @@ class Exploit(HTTPClient):
         "name": "Netgear N300 Auth Bypass",
         "description": "Module exploits authentication bypass vulnerability in Netgear N300 devices. "
                        "It is possible to access administration panel without providing password.",
-        "authors": [
+        "authors": (
             "Daniel Haake <daniel.haake[at]csnc.de>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2015-007_Netgear_WNR1000v4_AuthBypass.txt",
             "http://www.shellshocklabs.com/2015/09/part-1en-hacking-netgear-jwnr2010v5.html",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Netgear N300",
             "Netgear JNR1010v2",
             "Netgear JNR3000",
@@ -25,7 +25,7 @@ class Exploit(HTTPClient):
             "Netgear WNR2020",
             "Netgear WNR614",
             "Netgear WNR618",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/netgear/prosafe_rce.py

@@ -8,19 +8,19 @@ class Exploit(HTTPClient):
         "name": "Netgear ProSafe RCE",
         "description": "Module exploits remote command execution vulnerability in Netgear ProSafe "
                        "WC9500, WC7600, WC7520 devices. If the target is vulnerable command shell is invoked.",
-        "authors": [
+        "authors": (
             "Andrei Costin <andrei[at]firmware.re>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://firmware.re/vulns/acsa-2015-002.php",
             "https://www.blackhat.com/docs/asia-16/materials/asia-16-Costin-Automated-Dynamic-Firmware-Analysis-At-Scale-A-Case-Study-On-Embedded-Web-Interfaces.pdf",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Netgear ProSafe WC9500",
             "Netgear ProSafe WC7600",
             "Netgear ProSafe WC7520",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/netgear/r7000_r6400_rce.py

@@ -7,17 +7,16 @@ class Exploit(HTTPClient):
         "name": "Netgear R7000 & R6400 RCE",
         "description": "Module exploits remote command execution in Netgear R7000 and R6400 devices. If the target is "
                        "vulnerable, command loop is invoked that allows executing commands on operating system level.",
-        "authors": [
+        "authors": (
             "Chad Dougherty",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://www.sj-vs.net/a-temporary-fix-for-cert-vu582384-cwe-77-on-netgear-r7000-and-r6400-routers/",
             "https://www.exploit-db.com/exploits/40889/",
             "http://www.kb.cert.org/vuls/id/582384",
-
-        ],
-        "devices": [
+        ),
+        "devices": (
             "R6400 (AC1750)",
             "R7000 Nighthawk (AC1900, AC2300)",
             "R7500 Nighthawk X4 (AC2350)",
@@ -25,7 +24,7 @@ class Exploit(HTTPClient):
             "R8000 Nighthawk (AC3200)",
             "R8500 Nighthawk X8 (AC5300)",
             "R9000 Nighthawk X10 (AD7200)",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/netgear/wnr500_612v3_jnr1010_2010_path_traversal.py

@@ -7,19 +7,19 @@ class Exploit(HTTPClient):
         "name": "Netgear WNR500/WNR612v3/JNR1010/JNR2010 Path Traversal",
         "description": "Module exploits Netgear WNR500/WNR612v3/JNR1010/JNR2010 Path Traversal "
                        "vulnerability which allows to read any file on the system.",
-        "authors": [
+        "authors": (
             "Todor Donev <todor.donev[at]gmail.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/40737/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Netgear WNR500",
             "Netgear WNR612v3",
             "Netgear JNR1010",
             "Netgear JNR2010",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/netsys/multi_rce.py

@@ -8,16 +8,16 @@ class Exploit(HTTPClient):
         "name": "Netsys Multi RCE",
         "description": "Exploits Netsys multiple remote command execution vulnerabilities that allows "
                        "executing commands on operating system level.",
-        "authors": [
+        "authors": (
             "admin <admin[at]bbs.00wz.top>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "http://bbs.00wz.top/forum.php?mod=viewthread&tid=12630",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Multiple Netsys",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/shuttle/915wm_dns_change.py

@@ -7,17 +7,17 @@ class Exploit(HTTPClient):
         "name": "Shuttle 915 WM DNS Change",
         "description": "Module exploits Shuttle Tech ADSL Modem-Router 915 WM dns change vulnerability. "
                        "If the target is vulnerable it is possible to change dns settings.",
-        "authors": [
+        "authors": (
             "Todor Donev <todor.doven[at]gmail.com>",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/35995/",
             "https://github.com/jh00nbr/Routerhunter-2.0",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Shuttle Tech ADSL Modem-Router 915 WM",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/technicolor/dwg855_authbypass.py

@@ -8,18 +8,18 @@ class Exploit(HTTPClient):
         "description": "Module exploits Technicolor DWG-855 Authentication Bypass "
                        "vulnerability which allows changing administrator's password.\n\n"
                        "NOTE: This module will errase previous credentials, this is NOT stealthy.",
-        "authors": [
+        "authors": (
             "JPaulMora <https://JPaulMora.GitHub.io>",  # vulnerability discovery, initial routersploit module.
             "0BuRner",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "Bug discovered some time before Aug 2016, this is the first reference to it!\n"
             "This exploit works with any POST parameter, but "
             "changing admin creds gives you access to everything else.",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Technicolor DWG-855",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/technicolor/tc7200_password_disclosure.py

@@ -7,16 +7,16 @@ class Exploit(HTTPClient):
         "name": "Technicolor TC7200 Password Disclosure",
         "description": "Module exploits Technicolor TC7200 password disclosure vulnerability "
                        "which allows fetching administration's password.",
-        "authors": [
+        "authors": (
             "Jeroen - IT Nerdbox",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/31894/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Technicolor TC7200",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/technicolor/tc7200_password_disclosure_v2.py

@@ -10,18 +10,18 @@ class Exploit(HTTPClient):
         "name": "Technicolor TC7200 Password Disclosure V2",
         "description": "Module exploits Technicolor TC7200 password disclosure vulnerability which "
                        "allows fetching administration's password.",
-        "authors": [
+        "authors": (
             "Gergely Eberhardt (@ebux25) from SEARCH-LAB Ltd. (www.search-lab.hu)",  # vulnerability discovery
             "0BuRner",  # routersploit module
             "Bastian Germann",  # improved vulnerability check
-        ],
-        "references": [
+        ),
+        "references": (
             "https://www.exploit-db.com/exploits/40157/",
             "http://www.search-lab.hu/advisories/secadv-20160720",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Technicolor TC7200",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/thomson/twg849_info_disclosure.py

@@ -6,16 +6,16 @@ class Exploit(SNMPClient):
     __info__ = {
         "name": "Thomson TWG849 Info Disclosure",
         "description": "Module exploits Thomson TWG849 information disclosure vulnerability which allows reading sensitive information.",
-        "authors": [
+        "authors": (
             "Sebastian Perez",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://packetstormsecurity.com/files/133631/Thomson-CableHome-Gateway-DWG849-Information-Disclosure.html",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Thomson TWG849",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/thomson/twg850_password_disclosure.py

@@ -6,16 +6,16 @@ class Exploit(HTTPClient):
     __info__ = {
         "name": "Thomson TWG850 Password Disclosure",
         "description": "Module exploits Thomson TWG850 password disclosure vulnerability which allows fetching administration's password.",
-        "authors": [
+        "authors": (
             "Sebastian Perez",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://packetstormsecurity.com/files/136135/Thomson-Router-TWG850-4U-XSS-CSRF-Unauthenticated-Access.html",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "Thomson TWG850",
-        ]
+        )
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

routersploit/modules/exploits/routers/zte/zxv10_rce.py

@@ -10,16 +10,16 @@ class Exploit(HTTPClient):
         "name": "ZTE ZXV10 RCE",
         "description": "Exploits ZTE ZXV10 H108L remote code execution vulnerability "
                        "that allows executing commands on operating system level.",
-        "authors": [
+        "authors": (
             "Anastasios Stasinopoulos",  # vulnerability discovery
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
-        ],
-        "references": [
+        ),
+        "references": (
             "https://github.com/stasinopoulos/ZTExploit/",
-        ],
-        "devices": [
+        ),
+        "devices": (
             "ZTE ZXV10 H108L",
-        ],
+        ),
     }
 
     target = OptIP("", "Target IPv4 or IPv6 address")

tests/conftest.py

@@ -14,6 +14,46 @@ def target():
     with HttpServiceMock("127.0.0.1", 0) as target_:
         yield target_
 
+@pytest.fixture(scope="session")
+def empty_target():
+    with HttpScenarioService("127.0.0.1", 0,
+                             HttpScenario.EMPTY_RESPONSE) as http_service:
+        yield http_service
+
+
+@pytest.fixture(scope="session")
+def trash_target():
+    with HttpScenarioService("127.0.0.1", 0,
+                             HttpScenario.TRASH) as http_service:
+        yield http_service
+
+
+@pytest.fixture(scope="session")
+def not_found_target():
+    with HttpScenarioService("127.0.0.1", 0,
+                             HttpScenario.NOT_FOUND) as http_service:
+        yield http_service
+
+
+@pytest.fixture(scope="session")
+def redirect_target():
+    with HttpScenarioService("127.0.0.1", 0,
+                             HttpScenario.REDIRECT) as http_service:
+        yield http_service
+
+
+@pytest.fixture(scope="session")
+def error_target():
+    with HttpScenarioService("127.0.0.1", 0,
+                             HttpScenario.ERROR) as http_service:
+        yield http_service
+
+
+@pytest.fixture(scope="session")
+def timeout_target():
+    with HttpScenarioService("127.0.0.1", 0,
+                             HttpScenario.TIMEOUT) as http_service:
+        yield http_service
 
 @pytest.fixture
 def generic_target():

tests/test_exploit_info.py

+import pytest
+from routersploit.core.exploit.utils import iter_modules
+
+
+@pytest.mark.parametrize("exploit", iter_modules("./routersploit/modules/exploits/"))
+def test_exploit_info(exploit):
+    info = exploit._Exploit__info__
+
+    assert isinstance(info, dict)
+    assert "name" in info
+    assert isinstance(info["name"], str)
+
+    assert "description" in info 
+    assert isinstance(info["description"], str)
+
+    assert "authors" in info
+    assert isinstance(info["authors"], tuple)
+
+    assert "references" in info
+    assert isinstance(info["references"], tuple)
+
+    assert "devices" in info
+    assert isinstance(info["devices"], tuple)