Home page logo
/

nmap-dev logo Nmap Development mailing list archives

mikrotik-routeros-brute.nse - Performs brute force password auditing against Mikrotik's RouterOS API
From: Paulino Calderon <paulino () calderonpale com>
Date: Fri, 6 Jun 2014 18:47:32 -0500

Hi list,

This is a NSE script that attacks Mikrotik’s RouterOS API in case the web and SSH administration interfaces are locked. 
It was tested against RouterOS 6.13. The service does not seem to have a signature yet so I’m including it as well.

description = [[
Performs brute force password auditing against Mikrotik RouterOS devices with the API RouterOS interface enabled.

Additional information:
* http://wiki.mikrotik.com/wiki/API
]]

---
-- @usage
-- nmap -p8728 --script mikrotik-routeros-brute <target>
-- 
-- @output
-- PORT     STATE SERVICE REASON
-- 8728/tcp open  unknown syn-ack
-- | mikrotik-routeros-brute:
-- |   Accounts
-- |     admin:dOsmyvsvJGA967eAnX - Valid credentials
-- |   Statistics
-- |_    Performed 60 guesses in 602 seconds, average tps: 0
--
-- @args mikrotik-routerous-brute.threads sets the number of threads. Default: 1
--
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault