progaram get any mikrotik system usernam and passowrd in 3 second

Shadeofspirit · June 9, 2018, 4:56am

so, that means one of the next variants: 1) there are no program to get login and password; 2) this program exist, but doesn’t work with new ROS versions. 3) it works in theory, but basic security rules (nothing extra ordinary) prevent from it.

AliALBedwi · June 9, 2018, 5:04am

i search for all your rnage and i just give you sample
to systems i got them username and pass
1-
80.249.84.182 80 admin:turbo3*(+
admin:turbo3*(+
2-
80.249.83.125 80 admin:GfhjkmJnvbrhjnbrf91 MikroTik RouterOS v6.40.4

i hope you don’t do anything to this systems sir
i just give u a samples to believe that

AliALBedwi · June 9, 2018, 5:17am

public ip 80.249.83.171

opean port www and winbox 8291 sir

Starting Nmap ( https://nmap.org ) at 2018-06-09 04:16 UTC
NSE: Loaded 40 scripts for scanning.
Initiating Ping Scan at 04:16
Scanning 80.249.83.171 [4 ports]
Completed Ping Scan at 04:16, 0.22s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 04:16
Scanning mail.itbel.com (80.249.83.171) [6 ports]
Discovered open port 80/tcp on 80.249.83.171
Discovered open port 8729/tcp on 80.249.83.171
Discovered open port 8728/tcp on 80.249.83.171
Discovered open port 8291/tcp on 80.249.83.171
Completed SYN Stealth Scan at 04:16, 0.22s elapsed (6 total ports)
Initiating Service scan at 04:16

its all close from my side sir

so, that means one of the next variants: 1) there are no program to get login and password; 2) this program exist, but doesn’t work with new ROS versions. 3) it works in theory, but basic security rules (nothing extra ordinary) prevent from it.

no you are wrong
this program its exist and work very excellent
its can got any password and username faster with any version unless 6.40.8 and 6.42.1 just
its also can get a lot other system but we are not care about it
the big problem its the mikrotik

Shadeofspirit · June 9, 2018, 5:18am

this are not my routers, so i wouldn’t check, but as i see in your post - they have old ROS. In 6.42.1 was fix for vulnerability in winbox

AliALBedwi · June 9, 2018, 5:27am

yah not work with 6.42.1 you are right
after my post someone shear this post viewtopic.php?t=133533
and talks about this bug
That’s great work from Mikrotik to slove it
but the big problems a lot systems around the world not upgraded and they not know about it and they trust mikrotik system
here the problem

Shadeofspirit · June 9, 2018, 5:31am

i don’t see any problem in mikrotik, it is the problem of admins. It is so, because there is information in changelog, there were posts in mikrotik twitter, facebook with information about vulnerability and it’s fix. also there was information in many other resources

system · June 9, 2018, 6:49am

That guy just found in first time (in)famous RouterScan and shocked about security in net.
Just upgrade your devices if it’s a MT routers, or use OpenWRT if these devices are shitty home routers abandoded by their manufacturers

Just wonder what he say when he see 3wifi database

Sob · June 9, 2018, 1:28pm

So it’s just the recent WinBox vulnerability? It’s good then. I mean, not good, obviously. That was major screwup on MikroTik’s side, and blaming it on “unsecured routers” in changelog wasn’t fair either, people usually don’t think about fifty-characters passwords as “unsecured”. But it’s good there isn’t another one.

apteixeira · June 9, 2018, 4:01pm

Hello,

Just for testing purpose I just created a VM with IP 201.217.241.120
Try getting password. Clue: password starts with “test” word.
Port: winbox 8291

Regards.

system · June 9, 2018, 6:16pm

That was major screwup on MikroTik’s side, and blaming it on “unsecured routers” in changelog wasn’t fair either, people usually don’t think about fifty-characters passwords as “unsecured”. But it’s good there isn’t another one.

Nope. If you use old system and set up it to connect to the internet via nude ass - just don’t wonder if some kiddies hijack your device.
To succesfully exploit you need not only old firmware but also open winbox port for direct access from wan. Default config do not allow this. If you config router like these manually… well, don’t cry about “Russian hackers”.

jspool · June 9, 2018, 7:36pm

Funny how people are so quick to post an issue without bothering to check to see if its already been discussed.
Anyone exposing management ports to the public facing Internet deserves whatever comes their way.
Attacks from LAN to router and from WAN to router are easily prevented by only allowing trusted IP’s or networks access to management ports. Never rely on others to secure your network.

Sob · June 9, 2018, 11:59pm

I’d like to slightly disagree with last two posters. Now, when fixed version is available, it’s on anyone who keeps the old vulnerable one. But the main problem was, to quote official explanation:

The vulnerability allowed a special tool to connect to the Winbox port, and request the system user database file.

You’re right that when you block connections to WinBox port, it’s safe. But you can’t block everything. What if the vulnerability wasn’t in WinBox server, but in SSTP server? They both depend only on strong passwords (SSTP’s non-standard option to require client certificate doesn’t count, because it’s not compatible with regular clients). If I got hacked because of such vulnerability in SSTP, would you tell me that it’s my fault for leaving SSTP port open to whole world? But it’s the idea of VPNs, to allow users to connect from everywhere. I agree that it doesn’t apply to WinBox, but it’s exactly the same principle.

No hard feelings from me (after all, nothing of mine got hacked), but MikroTik is #1 to blame here. And regarding the “unsecured routers” explanation, only being almost a fanboy prevents me from using “bullshit” as reply.

system · June 11, 2018, 10:30pm

Sob.
In general, all of our enviroinment in this world require some knowledge about “what you doing”.
If I buy microwave oven and it will be hacked - well, manufacturer never told me about “main goal of our microvave oven is security system.”
If MT make his own proprietary vpn, say “main goal is security, blah-blah” and after that it have a vulnerability - shame on MT. But winbox is just a config tool, nothing about security here and MT never say about that’s super-secured, moreover - winbox denied in defconf firewall.

Well, let’s try to see from different point of view.

I buy 20$ cheap tp-link or dlink router. Then open telnet from wan - by default, of course, telnet closed.
And when someone hack into, post "this is shit %manufscturer_name% in facebook. But telnet is nothing about security, it,s just config tool.

Sob · June 12, 2018, 2:54am

Are you saying that if it’s “just a config tool”, it’s allowed to give passwords to anyone who asks? It’s just wrong, no matter what it is, if I have password like “QWnXSS_bX8p8er&C$d?:ZwPMdv” I expect it to be secure enough. It should be, bruteforcing over the net would take a lifetime. And if there’s some other way, it must be horrible mistake done by whoever implemented it.

normis · July 18, 2018, 4:45am

Then the comment would be different. SSTP is not the same as administration access to your device. There are zero reasons to leave winbox access open to all, especially with default port.

Sob · July 18, 2018, 1:41pm

I agree that while SSTP port is supposed to be open, WinBox port should rather not be. But on technical level it’s Service A with its security depending only on strong passwords and bug-free implementation, and Service B with its security depending only on strong passwords and bug-free implementation => exactly the same thing. I don’t plan to beat it to death, what’s done is done. And how to say it, I understand that “but you shouldn’t have had that port open!” is something I would probably also want to say, if I managed to create such nice bug as this.

Sumit15 · June 13, 2020, 10:51am

Go For It:
IP: 103.120.166.42

Alijo0on · March 14, 2021, 1:38pm

Hi please help me
I have deleted my admin user and icant remember the username i created.
Ip : 5.160.78.150