Name Project :0day Mikrotik | Mikrotik WinBox Exploit
CVE :CVE-2018-14847
Last version :1.0.0
Last updated : 25/07/2018
Defective version: Mikrotik WinBox 6.42
Programming language : Python
youtube : https://youtu.be/h6JSNFhQUN8
Company name : acyber (IT Security Lab Iran)
MikroTik is a Latvian company which was founded in 1996 to develop routers and wireless ISP systems. MikroTik now provides hardware and software for Internet connectivity in most of the countries around the world. Our experience in using industry standard PC hardware and complete routing systems allowed us in 1997 to create the RouterOS software system that provides extensive stability, controls, and flexibility for all kinds of data interfaces and routing. In 2002 we decided to make our own hardware, and the RouterBOARD brand was born. We have resellers in most parts of the world, and customers in probably every country on the planet. Our company is located in Riga, the capital city of Latvia and has more than 140 employees.
From Winbox v3.14, the following security features are used:
Winbox.exe is signed with an Extended Validation certificate, issued by SIA Mikrotīkls (MikroTik).
WinBox uses ECSRP for key exchange and authentication (requires new winbox version).
Both sides verify that other side knows password (no man in the middle attack is possible).
Winbox in RoMON mode requires that agent is the latest version to be able to connect to latest version routers.
Winbox uses AES128-CBC-SHA as encryption algorithm (requires winbox version 3.14 or above).
- Author : Mohamamd javad Joshani Disfani (mr.mtwoj)
- Linkedin : https://ir.linkedin.com/in/joshani
- E-Mail : [email protected]
- Website : www.acyber.ir
- Twitter : @mrmtwoj
- Github : https://github.com/mrmtwoj/0day-mikrotik