Joined: Mon Nov 28, 2016 6:31 pm

HELP, How To Reset Protected Protected bootloader Routerboard

Thu Nov 07, 2019 2:04 am

About 40 Mikrotik Devices in my network has been hijacked by someone that wants payment for user and password. they use Protected Bootloader so i can't hardreset using netinstall, Console, Pinhole, etc, reformat-hold-button all my router they make random from 4m to 5m and only 1s reformat-hold-button-max so very dificult to perform a complete reformat of both NAND and RAM.

a few Router has LCD we anable to reset using LCD, they using this setting to prevent we to hard reset.
I refuse to pay the so some my mikrotik router they make briked (Start reboot, start Reboot...)
Video Console Bricked CCR 1036 ... sp=sharing

to perform a complete reformat of both NAND and RAM From When we Count Timer ? From We plug power or Led Turning or LCD Turn?

Joined: Sat Jan 10, 2015 6:45 pm

Re: HELP, How To Reset Protected Protected bootloader Routerboard

Sun Nov 10, 2019 5:23 am

It looks like at least a few (i didnt check all of your ips) routers are still running 6.40.9 which is vulnerable to winbox exploitation to harvest credentials and gain admin-acces on the router afterwards. To be honest: Its your fault that your routers are running that old, vulnerable software. If you additionally opened the Winbox port (or didnt firewall it properly) the attackers were able to read your credentials and login via telnet (which was not firewalled as well as it seems).

There is one chance. Check if you are able to use this exploit if mac-winbox under /tool mac-server mac-winbox is enabled and reachable from local ports: ...

Grab the credentials, unplug the router from the net, login and clean it off. And always upgrade your routers, it cannot be said often enough!

