CVE-2018-14847

This exploit leverages CVE-2018-14847, a path traversal vulnerability in MikroTik RouterOS, to extract admin credentials and enable a developer backdoor for root access via Telnet/SSH. It interacts with the Winbox service to read sensitive files and create malicious packages.

This repository contains a proof-of-concept exploit for CVE-2018-14847, a critical vulnerability in MikroTik's Winbox protocol that allows arbitrary file read, including plaintext passwords. The exploit leverages a directory traversal flaw in the MAC server protocol to extract sensitive data.

This repository contains a proof-of-concept exploit for CVE-2018-14847, a critical vulnerability in MikroTik's Winbox protocol that allows arbitrary file read, specifically targeting plaintext password files. The exploit includes discovery and exploitation scripts for MAC servers and Winbox services.

This repository contains a functional proof-of-concept exploit for CVE-2018-14847, targeting MikroTik RouterOS to read plaintext credentials via Winbox protocol manipulation. It includes both TCP/IP and MAC server-based exploitation methods.

This repository contains a working proof-of-concept exploit for CVE-2018-14847, targeting MikroTik RouterOS to extract user credentials via Winbox and MAC server protocols. The exploit leverages a directory traversal vulnerability to read the user database file.

This PoC automates the exploitation of CVE-2018-14847, a directory traversal vulnerability in MikroTik RouterOS, to extract user credentials. It uses Shodan for target discovery and crafts malicious packets to dump user data.

This repository contains a C#-based exploit for CVE-2018-14847, targeting MikroTik RouterOS via the Winbox interface. The exploit retrieves user credentials by leveraging a directory traversal vulnerability.

This repository contains a Python-based exploit for CVE-2018-14847, targeting MikroTik WinBox. It scans a CIDR range for vulnerable hosts and extracts user credentials by exploiting a directory traversal vulnerability.

This is a functional PoC exploit for CVE-2018-14847, targeting a directory traversal vulnerability in MikroTik RouterOS WinBox interface. It allows unauthenticated remote attackers to read arbitrary files, including credentials, by crafting malicious packets.

This exploit leverages CVE-2018-14847, a path traversal vulnerability in MikroTik RouterOS, to extract admin credentials and enable a developer backdoor for root access via Telnet/SSH. It creates files on the target system to facilitate unauthorized access.

This repository contains a Python-based proof-of-concept exploit for CVE-2018-14847, a critical WinBox vulnerability allowing arbitrary file read of plaintext passwords. The exploit sends crafted packets to extract user credentials from vulnerable MikroTik RouterOS devices.

This repository contains a Python-based exploit for CVE-2018-14847, which targets MikroTik RouterOS to create a global proxy via PPTP VPN configuration. It includes functionality to extract user credentials and automate the exploitation process across multiple targets.

This repository contains a proof-of-concept exploit for CVE-2018-14847, targeting MikroTik RouterOS devices. The exploit leverages a directory traversal vulnerability in the Winbox service to read arbitrary files, including plaintext passwords.

This repository contains a functional Python exploit for CVE-2018-14847, which leverages an unauthenticated file read vulnerability in MikroTik RouterOS Winbox service to extract credentials from the user.dat file. The exploit includes payload construction, session handling, and password decryption logic.

This repository contains a functional exploit for CVE-2018-14847, a path traversal vulnerability in MikroTik RouterOS. The exploit leverages the Winbox protocol to extract admin credentials from user.dat without authentication.

This repository contains functional exploit code for CVE-2018-14847, an arbitrary file read vulnerability in MikroTik RouterOS Winbox. The exploit includes both TCP/IP and MAC server (Layer 2) variants, demonstrating the ability to extract sensitive files like user.dat.

This repository contains functional exploit code for CVE-2018-14847, a critical WinBox vulnerability allowing arbitrary file read of plaintext passwords. It includes tools for both TCP/IP and MAC server-based exploitation, demonstrating the vulnerability in Mikrotik RouterOS.

The repository contains a functional exploit for CVE-2018-14847, targeting RouterOS password extraction in versions 6.29 to 6.42. The code includes a dedicated exploit module (CVE-2018-14847.go) within a broader multi-functional scanner/exploit framework (LadonGo).

This repository contains a honeypot implementation that detects and logs exploitation attempts for CVE-2018-14847, a directory traversal vulnerability in MikroTik RouterOS. It does not include functional exploit code but instead monitors for specific malicious payloads targeting the vulnerability.

This repository contains the RouterSploit framework, an exploitation toolkit for embedded devices, including modules for exploits, credential testing, scanners, and payloads. It includes functional exploit code for various vulnerabilities, including CVE-2018-14847, which is an authentication bypass vulnerability in MikroTik RouterOS.