I am dealing with this Mikrotik switch (RouterOS ver. 6.42.11) on which I would like to try to recover the password (12 characters long, random generated with numbers, symbols, ecc.) but primarily to study how certain things work, since I alrady have the password.

Here is what I have tried so far:

- Attack on dictionary with MKBRUTUS (https ://github.com/mkbrutusproject/MKBRUTUS) without concluding anything.
- Specially created nmap script (https ://nmap.org/nsedoc/scripts/mikrotik-routeros-brute.html)
which targets port 8728. The script seems to go on forever without concluding anything.
- Tried various exploits from exploitdb, but it seems that this 6.42.11 is invulnerable.
- Tried to listen with wireshark and arp poison with ettercap while typing the password since the login page is an http and not https, but it seems that webfig also encrypts non https connections, so noyhing to do here.

Now I ask you,
what else can I try before hitting the reset button?

I have a lot of open ports (http, 8728, and of course Winbox, SSH , FTP and telnet) ...

No there are no simple way to hack this stupid router. Its very secure.

Interesting , does it legal to post any solution here? (i don't have any)

Why don't you just look at mikrotik change log update and find all patch with "CVE-" after 6.42.11?
I remember few loud news like "immediately update your microtik or it's not safe!!!"

OP is funny. On the one hand, he is aware of tenable's exploits. On the other hand, he is unable to use them (despite the fact there is Proof of Concept script for every single exploit).

@OP:
Just reset the thing and live with it...
Nobody with consiousness will guide you how to hack a device.
Sincerely yours,
piece of shit

Troll Dantealighieri detected. Don't feed the troll!

Maybe it eats pieces of shit. Trolls may like that to eat.

ps. only real, shit should be fed.

I guess you post will be reported and deleted. Who do you expect someone reply to your post using this type of language.
Starting by calling MT Routers a pieces of shit.

A better question would be:
I have a remote router (mine) that I have lost password to. Is there a way to enter it, maybe using a hack.
You could also post whats the version of RouterOS. There was some version with bad software that it was possible to hack Winbox interface (depening on version)
Normally you should never open winbox to internet, insted use VPN.

Travel to the router and reset it.

To be fair, he did include "please" this time.

To be fair, he did include "please" this time.

No shit!


@Sob....spank me.

Is it wrong that I'm highly amused by this?

Don't feed the troll!

Is it wrong that I'm highly amused by this?

That depends on your perspective.

Don't anybody tell him the secret winbox port# !

Don't anybody tell him the secret winbox port# !

The one on page 42 of the wiki?

Thank you, I didn't know that page 42 describes the God mode universal password and secret port 666. But it has scary side effects when used by troll!