This module exploits password reset feature on some TP-Link Archer
routers by leveraging a predictable random number generator seed.

For more details, see this write-up:

https://devcraft.io/posts/2017/07/21/tp-link-archer-c9-admin-password-reset.html

Based on PoC by William Bowling.

Co-authored-by: Merlyn Albery-Speyer <merlyn@newrelic.com>

Please note Pierre also references this post for this vulnerability, and the other source also references this blogpost. 

I plan to contribute more to this project, with more meaningful PRs.

Correct the spelling of "vulnerabilities"

Bumps [requests](https://github.com/psf/requests) from 2.21.0 to 2.31.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.21.0...v2.31.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Co-authored-by: Damian Jude Mascarenhas <67428121+kooldamian28@users.noreply.github.com>

There is a small typo in routersploit/modules/exploits/routers/zte/f460_f660_backdoor.py.

Should read `vulnerability` rather than `vulnerabilty`.

Fixes compatibility with Python 3.8.

* added telstra pass

* Update passwords.txt

* Fixing wordlist creds parsing

* Pinning requests package because of URL normalization in new version

* Update defaults.txt

removed duplicate line with erroneous colon.

* Update defaults.txt

* Deleted erroneous colon from data set.

An erroneous colon was causing a unpacking error.  Removed the line of data. Resolves issue 604.

* add advanced options to scanners, and so modules in order to restrict tests and reduce network impact

* avoid committing Pipfile

* correct help which was not working anymore

* enhance search capabilities

* enhance search with existing options based on current modules

* remove display test

* simplify the non interactive execution process

* correct lint errors

* correct lint errors

* correct OptEncoder error, missing advanced parameter

* Add jovision credential disclosure exploit

* Fix username and password fields being mixed up

* Document jovision credentials disclosure

* Introduce a RESOURCE_DIR to avoid relative hardcoded paths

- Introduce a RESOURCES_DIR similar to other *_DIR
- Add a resources_directory parameter to lookup_vendor() to avoid possible
  hardcoded directory and - if not provided - pick up the default
  RESOURCES_DIR.

* Avoid possible hardcoded relative paths and use RESOURCE_DIR instead

(Otherwise ssh_keys are tried to picked up in in ${PWD} (and mostly
likely failing))

* Avoid hardcoded relative paths and use MODULES_DIR instead

Commit id 9380c047 (probably
accidentally) removed EXPLOITS_DIR use leading to loading
routersploit/modules/exploits relative to the current directory
instead of the installed ones in MODULES_DIR.

* Avoid hardcoded relative paths and use utils.index_modules() instead

* Avoid hardcoded relative paths and use utils.index_modules() instead

* G/C no longer used import/functions

* G/C no longer used module import

* Reintroduce encode and fix a copypasto

* Add missing `.'

Spotted by @lucyoa, thanks!

* Fix a regression on the semantic/name of payloads

payloads should be listed/selected as `<architecture>/<payload>', not
`payloads.<architecture>.<payload>'.

Thanks to @lucyoa!

* Fixing lint errors

* Installing newest pytest

* Upgrading pip on travis

* Force pytest version 4.4.0

* Fixing help typos

* Removing pinning pip version

* Pinning pytest requirement

* support noninteractive mode

* fix linter error in travis build

* Adding multiple tests

* Fixing code style