Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-14847 PoC — Winbox for MikroTik RouterOS 安全漏洞

Source
https://github.com/syrex1013/MikroRoot
Associated Vulnerability
Title:Winbox for MikroTik RouterOS 安全漏洞 (CVE-2018-14847)
Description:MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface.
Description
Automated version of CVE-2018-14847 (MikroTik Exploit)
Readme
# MikroRoot
Automated version of CVE-2018-14847. It will scrape shodan for vulnerable host and then try to exploit them.

# How to use      
Note that this script will NOT run with Python2.x. Use only Python 3+       

MikroRoot:        
`python3 MikroRoot.py -k SHODAN_KEY -p page count`           
`User: ncss`        
`Pass: ncss!@#2018`     
`IP: 1.2.3.4`         

# Arguments       
**-p** page count to scrape       
**-k** Shodan key       
        
# Author of exploit    
**https://github.com/BasuCert/WinboxPoC**
File Snapshot

 [4.0K]  /data/pocs/6ffff834778572f01b74779204d4a9c81f3e3b5c
├── [1.4K]  extract_user.py
├── [2.4K]  MikroRoot.py
└── [ 527]  README.md

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →