Nmap Development mailing list archives
Re: mikrotik-routeros-brute.nse - Performs brute force password auditing against Mikrotik's RouterOS API
From: Paulino Calderon <paulino () calderonpale com>
Date: Sun, 8 Jun 2014 09:30:17 -0500
Oops, just realized the attachment was not included. You can download the script here: https://bitbucket.org/cldrn/nmap-nse-scripts/raw/8e83cb18e1d08c50426e640035ef3b647a568559/scripts/6.x/mikrotik-routeros-brute.nse Cheers. On Jun 6, 2014, at 6:47 PM, Paulino Calderon <paulino () calderonpale com> wrote:
Hi list, This is a NSE script that attacks Mikrotik’s RouterOS API in case the web and SSH administration interfaces are locked. It was tested against RouterOS 6.13. The service does not seem to have a signature yet so I’m including it as well. description = [[ Performs brute force password auditing against Mikrotik RouterOS devices with the API RouterOS interface enabled. Additional information: * http://wiki.mikrotik.com/wiki/API ]] --- -- @usage -- nmap -p8728 --script mikrotik-routeros-brute <target> -- -- @output -- PORT STATE SERVICE REASON -- 8728/tcp open unknown syn-ack -- | mikrotik-routeros-brute: -- | Accounts -- | admin:dOsmyvsvJGA967eAnX - Valid credentials -- | Statistics -- |_ Performed 60 guesses in 602 seconds, average tps: 0 -- -- @args mikrotik-routerous-brute.threads sets the number of threads. Default: 1 -- <mikrotik-routeros-brute.nse>
_______________________________________________ Sent through the dev mailing list http://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- mikrotik-routeros-brute.nse - Performs brute force password auditing against Mikrotik's RouterOS API Paulino Calderon (Jun 06)
- Re: mikrotik-routeros-brute.nse - Performs brute force password auditing against Mikrotik's RouterOS API Paulino Calderon (Jun 08)