Community discussions

 
kristoha
just joined
Topic Author
Posts: 3
Joined: Mon Nov 28, 2016 6:31 pm

HELP, How To Reset Protected Protected bootloader Routerboard

Thu Nov 07, 2019 2:04 am

Mikrotik Hijacked.png
Neighbour.jpg
About 40 Mikrotik Devices in my network has been hijacked by someone that wants payment for user and password. they use Protected Bootloader so i can't hardreset using netinstall, Console, Pinhole, etc, reformat-hold-button all my router they make random from 4m to 5m and only 1s reformat-hold-button-max so very dificult to perform a complete reformat of both NAND and RAM.

a few Router has LCD we anable to reset using LCD, they using this setting to prevent we to hard reset.
Protected Bootloader.png


I refuse to pay the so some my mikrotik router they make briked (Start reboot, start Reboot...)
Video Console Bricked CCR 1036
https://drive.google.com/file/d/0BxarcD ... sp=sharing

THERE IS ANOTHER WAY TO HARD RESET ALL MY ROUTER?
to perform a complete reformat of both NAND and RAM From When we Count Timer ? From We plug power or Led Turning or LCD Turn?

Thanks
You do not have the required permissions to view the files attached to this post.
 
Exiver
Member Candidate
Member Candidate
Posts: 113
Joined: Sat Jan 10, 2015 6:45 pm

Re: HELP, How To Reset Protected Protected bootloader Routerboard

Sun Nov 10, 2019 5:23 am

It looks like at least a few (i didnt check all of your ips) routers are still running 6.40.9 which is vulnerable to winbox exploitation to harvest credentials and gain admin-acces on the router afterwards. To be honest: Its your fault that your routers are running that old, vulnerable software. If you additionally opened the Winbox port (or didnt firewall it properly) the attackers were able to read your credentials and login via telnet (which was not firewalled as well as it seems).

There is one chance. Check if you are able to use this exploit if mac-winbox under /tool mac-server mac-winbox is enabled and reachable from local ports: https://github.com/BigNerd95/WinboxExpl ... Exploit.py

Grab the credentials, unplug the router from the net, login and clean it off. And always upgrade your routers, it cannot be said often enough!

Who is online

Users browsing this forum: No registered users and 19 guests