CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/documentation/modules/auxiliary/gather/mikrotik_winbox_fileread.md
Views: 1904
Vulnerable Application
MikroTik RouterOS allows unauthenticated remote attackers to read arbitrary files through a directory traversal through the WinBox interface (typically port 8291).
Vulnerable versions of MikroTik RouterOS:
(bugfix) 6.30.1-6.40.7
(current) 6.29-6.42
(RC) 6.29rc1-6.43rc3
MikroTik images can be downloaded from here
Adding Users
To add users to the MikroTik device, use the following commands:
Get the groups first
Add a user
Verification Steps
Start msfconsole
Do:
use auxiliary/gather/mikrotik_winbox_fileread
Do:
set rhosts [IP]
Do:
run
You should credentials.