Jump to content
Dante Alighieri

Mikrotik/RouterOS webfig login hack

Recommended Posts

I am dealing with this Mikrotik switch (RouterOS ver. 6.47.1, the latest one unfortunately) on which I would like to try to recover the password (random generated with numbers, symbols, ecc.)

Here is what I have tried so far:

- Attack on dictionary with MKBRUTUS (https ://github.com/mkbrutusproject/MKBRUTUS) without concluding anything.
- Specially created nmap script (https ://nmap.org/nsedoc/scripts/mikrotik-routeros-brute.html)
which targets port 8728. The script seems to go on forever without concluding anything.
- Tried various exploits from exploitdb, but it seems that this 6.47.1 is invulnerable.
- Tried to listen with wireshark and arp poison with ettercap while typing the password since the login page is an http and not https, but it seems that webfig also encrypts non https connections, so noyhing to do here.

Now I ask you,
what else can I try before giving up? I need a remote attack since of course the managed switch is not in my possession
I have a lot of open ports (http, 8728, and of course Winbox, SSH , FTP and telnet) ...

Share this post


Link to post
Share on other sites

As it is not in your possession then it is probably illegal to be attacking it, in which case, we can't help.

  • Upvote 1

Share this post


Link to post
Share on other sites
Posted (edited)

As Digininja allready said, run along kid, we can't help you 🙂

Seriously though. You say it's a remote system, not in your possession ?, do you have written consent to attack it, can we see it ?
If not, you're comiting a crime, stop it, right now, and go do something else, something more constructive for society. Try helping out at the local homeless shelter for a while, donate to the homeless ?

Edited by NoExecute
  • Upvote 1

Share this post


Link to post
Share on other sites

Come on you b@st@rd$ moralists, I promise I will donate the switch to a homeless like you once I crack it. It's OK now? or maybe you have no idea how to hack it like anyone else in the other useless forums like this?

Share this post


Link to post
Share on other sites
Guest
This topic is now closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...