CVE-2018-14847 PoC — Winbox for MikroTik RouterOS 安全漏洞

Source

https://github.com/mahmoodsabir/mikrotik-beast

Associated Vulnerability

Title:Winbox for MikroTik RouterOS 安全漏洞 (CVE-2018-14847)
Description:MikroTik RouterOS是一套路由操作系统。Winbox for MikroTik RouterOS是一个用于管理MikroTik RouterOS系统的应用程序。 Winbox for MikroTik RouterOS 6.42及之前版本中存在安全漏洞。远程攻击者可通过修改请求利用该漏洞绕过身份验证并读取任意文件。

Description

  Mass MikroTik WinBox Exploitation tool, CVE-2018-14847

Readme

                                                          
                                                               
# Mikrotik Beast tool
  Mass MikroTik WinBox Exploitation tool, CVE-2018-14847     
  This tool allows you to scan a range of network hosts (CIDR) against the CVE-2018-14847 winbox exploit.
  
# Usage 
` $ python3 mikrotikbeast.py`
# 
 <b>Accepted input examples </b><br/>
- Example 1: '192.168.5.0/24'<br/>
- Example 2: '172.16.0.0/16'<br/>
#
  
NOTES:  
This is just an addition to the orginal work @ [BigNerd95/WinboxExploit](https://github.com/BigNerd95/WinboxExploit). <br>
This my first python attempt!. <br>
This is created to help in pentesting in a ISP enviornment. <br>

File Snapshot


 [4.0K]  /data/pocs/06cb5390177d7c209670c5b6727c2c804e7f8e97
├── [1.5K]  extract_user.py
├── [3.2K]  mikrotikbeast.py
└── [ 703]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!