Community discussions

MikroTik App
 
Dantealighieri
just joined
Topic Author
Posts: 1
Joined: Fri Jul 03, 2020 11:21 pm

Webfig login hack

Fri Jul 03, 2020 11:23 pm

I am dealing with this Mikrotik switch (RouterOS ver. 6.42.11) on which I would like to try to recover the password (12 characters long, random generated with numbers, symbols, ecc.) but primarily to study how certain things work, since I alrady have the password.

Here is what I have tried so far:

- Attack on dictionary with MKBRUTUS (https ://github.com/mkbrutusproject/MKBRUTUS) without concluding anything.
- Specially created nmap script (https ://nmap.org/nsedoc/scripts/mikrotik-routeros-brute.html)
which targets port 8728. The script seems to go on forever without concluding anything.
- Tried various exploits from exploitdb, but it seems that this 6.42.11 is invulnerable.
- Tried to listen with wireshark and arp poison with ettercap while typing the password since the login page is an http and not https, but it seems that webfig also encrypts non https connections, so noyhing to do here.

Now I ask you,
what else can I try before hitting the reset button?

I have a lot of open ports (http, 8728, and of course Winbox, SSH , FTP and telnet) ...
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1806
Joined: Sat Dec 24, 2016 11:17 am
Location: jo.overland at gmail.com

Re: Webfig login hack

Sat Jul 18, 2020 7:12 pm

No there are no simple way to hack this stupid router. Its very secure.
 
How to use Splunk to monitor your MikroTik Router(s)

MikroTik->Splunk
 
 
Hiji56
just joined
Posts: 11
Joined: Mon Aug 06, 2018 10:21 pm

Re: Webfig login hack

Sun Jul 19, 2020 1:34 am

Interesting , does it legal to post any solution here? (i don't have any)

Why don't you just look at mikrotik change log update and find all patch with "CVE-" after 6.42.11?
I remember few loud news like "immediately update your microtik or it's not safe!!!"
 
User avatar
vecernik87
Forum Veteran
Forum Veteran
Posts: 735
Joined: Fri Nov 10, 2017 8:19 am

Re: Webfig login hack

Sun Jul 19, 2020 5:34 am

OP is funny. On the one hand, he is aware of tenable's exploits. On the other hand, he is unable to use them (despite the fact there is Proof of Concept script for every single exploit).

@OP:
Just reset the thing and live with it...
Nobody with consiousness will guide you how to hack a device.
Sincerely yours,
piece of shit
 
Pea
Member Candidate
Member Candidate
Posts: 225
Joined: Fri Jul 17, 2015 11:07 pm
Location: Czech

Re: Webfig login hack

Sun Jul 19, 2020 10:03 am

Troll Dantealighieri detected. Don't feed the troll!
 
msatter
Forum Guru
Forum Guru
Posts: 1878
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Webfig login hack

Sun Jul 19, 2020 12:36 pm

Maybe it eats pieces of shit. Trolls may like that to eat.

ps. only real, shit should be fed.
One RB4011 (cooled) and a RB760iGS (hEX S) in series. The 4011 Does PPPoE/IKEv2.
The cooler: viewtopic.php?f=3&t=138613&start=300#p799879
Running:
RouterOS 6.48beta35 / Winbox 3.27 64bits / MikroTik APP 1.3.15
 
User avatar
Jotne
Forum Guru
Forum Guru
Posts: 1806
Joined: Sat Dec 24, 2016 11:17 am
Location: jo.overland at gmail.com

Re: Webfig login hack

Mon Jul 20, 2020 11:32 pm

I guess you post will be reported and deleted. Who do you expect someone reply to your post using this type of language.
Starting by calling MT Routers a pieces of shit.

A better question would be:
I have a remote router (mine) that I have lost password to. Is there a way to enter it, maybe using a hack.
You could also post whats the version of RouterOS. There was some version with bad software that it was possible to hack Winbox interface (depening on version)
Normally you should never open winbox to internet, insted use VPN.

Travel to the router and reset it.
 
How to use Splunk to monitor your MikroTik Router(s)

MikroTik->Splunk
 
 
Sob
Forum Guru
Forum Guru
Posts: 5905
Joined: Mon Apr 20, 2009 9:11 pm

Re: Webfig login hack

Mon Jul 20, 2020 11:49 pm

To be fair, he did include "please" this time.
People who quote full posts should be spanked with ethernet cable. Some exceptions for multi-topic threads may apply. Not intended as incentive for masochists.
 
msatter
Forum Guru
Forum Guru
Posts: 1878
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Webfig login hack

Tue Jul 21, 2020 12:06 am

To be fair, he did include "please" this time.
No shit!


@Sob....spank me.
One RB4011 (cooled) and a RB760iGS (hEX S) in series. The 4011 Does PPPoE/IKEv2.
The cooler: viewtopic.php?f=3&t=138613&start=300#p799879
Running:
RouterOS 6.48beta35 / Winbox 3.27 64bits / MikroTik APP 1.3.15
 
simplextech
just joined
Posts: 5
Joined: Thu Jun 18, 2020 10:09 pm

Re: Webfig login hack

Tue Jul 21, 2020 12:13 am

Is it wrong that I'm highly amused by this?
 
Pea
Member Candidate
Member Candidate
Posts: 225
Joined: Fri Jul 17, 2015 11:07 pm
Location: Czech

Re: Webfig login hack

Tue Jul 21, 2020 12:28 am

Don't feed the troll!
:)
 
msatter
Forum Guru
Forum Guru
Posts: 1878
Joined: Tue Feb 18, 2014 12:56 am
Location: Netherlands / Nīderlande

Re: Webfig login hack

Tue Jul 21, 2020 12:42 am

Is it wrong that I'm highly amused by this?
That depends on your perspective.
One RB4011 (cooled) and a RB760iGS (hEX S) in series. The 4011 Does PPPoE/IKEv2.
The cooler: viewtopic.php?f=3&t=138613&start=300#p799879
Running:
RouterOS 6.48beta35 / Winbox 3.27 64bits / MikroTik APP 1.3.15
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 5129
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Webfig login hack

Tue Jul 21, 2020 1:49 am

Don't anybody tell him the secret winbox port# !
I'd rather manage rats than software. Follow my advice at your own risk! (Sob & mkx forced me to write that!)
MTUNA Certified, by the Ascerbic Llama!
 
simplextech
just joined
Posts: 5
Joined: Thu Jun 18, 2020 10:09 pm

Re: Webfig login hack

Tue Jul 21, 2020 1:51 am

Don't anybody tell him the secret winbox port# !
The one on page 42 of the wiki?
 
Pea
Member Candidate
Member Candidate
Posts: 225
Joined: Fri Jul 17, 2015 11:07 pm
Location: Czech

Re: Webfig login hack

Tue Jul 21, 2020 7:46 am

Thank you, I didn't know that page 42 describes the God mode universal password and secret port 666. But it has scary side effects when used by troll!

Who is online

Users browsing this forum: No registered users and 46 guests