Jump to content

Mikrotik/RouterOS webfig login hack

Dante Alighieri

Recommended Posts

I am dealing with this Mikrotik switch (RouterOS ver. 6.47.1, the latest one unfortunately) on which I would like to try to recover the password (random generated with numbers, symbols, ecc.)

Here is what I have tried so far:

- Attack on dictionary with MKBRUTUS (https ://github.com/mkbrutusproject/MKBRUTUS) without concluding anything.
- Specially created nmap script (https ://nmap.org/nsedoc/scripts/mikrotik-routeros-brute.html)
which targets port 8728. The script seems to go on forever without concluding anything.
- Tried various exploits from exploitdb, but it seems that this 6.47.1 is invulnerable.
- Tried to listen with wireshark and arp poison with ettercap while typing the password since the login page is an http and not https, but it seems that webfig also encrypts non https connections, so noyhing to do here.

Now I ask you,
what else can I try before giving up? I need a remote attack since of course the managed switch is not in my possession
I have a lot of open ports (http, 8728, and of course Winbox, SSH , FTP and telnet) ...

Link to comment
Share on other sites

As Digininja allready said, run along kid, we can't help you 🙂

Seriously though. You say it's a remote system, not in your possession ?, do you have written consent to attack it, can we see it ?
If not, you're comiting a crime, stop it, right now, and go do something else, something more constructive for society. Try helping out at the local homeless shelter for a while, donate to the homeless ?

Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...