Skip to content

mkbrutusproject/MKBRUTUS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

27 Commits

CHANGELOG

CHANGELOG

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

agpl.txt

agpl.txt

 
 

mkbrutus.py

mkbrutus.py

 
 

Repository files navigation

MKBRUTUS.py

Password bruteforcer for MikroTik devices or boxes running RouterOS

AUTHORS:
Ramiro Caire - email: ramiro.caire@gmail.com / Twitter: @rcaire
Federico Massa - email: fmassa@vanguardsec.com / Twitter: @fgmassa

WEB SITES:
http://mkbrutusproject.github.io/MKBRUTUS/
https://github.com/mkbrutusproject/mkbrutus

SUMMARY:
Some boxes running Mikrotik RouterOS (3.x or newer) have the API port enabled (by default, in the port 8728/TCP) for administrative purposes instead SSH, Winbox or HTTPS (or have all of them). This is (another) attack vector as it might be possible to perform a bruteforce to obtain valid credentials if no protection is available on that port. As the API uses a specific privative protocol, some code published by the vendor was included. Python 3.x is required in order to run this tool.

DISCLAIMER:
This tool is intended only for testing Mikrotik devices security in ethical pentest or audits process. The authors are not responsible for any damages you use this tool.

About

Password bruteforcer for MikroTik devices or boxes running RouterOS

Resources

Readme

License

View license
Activity

Stars

177 stars

Watchers

31 watching

Forks

83 forks
Report repository

Releases 3

v1.0.2 Latest
Mar 15, 2014
+ 2 releases

Packages

No packages published

Contributors 4

Languages