nuclei-templates/exposed-panels/mikrotik/mikrotik-routeros.yaml

id: mikrotik-routeros

info:

  name: MikroTik Router OS - Login Panel Detect
  author: gy741
  severity: info
  description: MikroTik Router OS login panel was detected.
  reference:
    - https://systemweakness.com/routeros-user-with-just-ftp-policy-can-write-to-filesystem-cve-2021-27221-e3e45d780dfe
  classification:
    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
    cvss-score: 0.0
    cwe-id: CWE-200
  tags: panel,login

requests:
  - method: GET
    path:
      - '{{BaseURL}}'

    matchers-condition: and
    matchers:
      - type: word
        words:
          - 'If this device is not in your possession, please contact your local network administrator'
          - '.mikrotik.com'
        condition: and
          
      - type: word
        name: router-old
        part: body
        words:
          - '<title>mikrotik routeros > administration</title>'
          - '<title>Mikrotik Router'
          - '<img src="/webcfg/'
          - '<title>MikroTik RouterOS Managing Webpage</title>'
        condition: or

      - type: word
        name: hotspot
        part: body
        words:
          - 'Please log on to use the mikrotik hotspot service'
          - 'mikrotik hotspot > login'
        condition: and

      - type: word
        name: mikrotik-httpproxy
        part: header
        words:
          - "Server: mikrotik httpproxy"

    extractors:
      - type: regex
        group: 1
        regex:
          - "<h1>RouterOS (.+)</h1>"
          - '<div class="top">mikrotik routeros (.[0-9.]+) configuration page</div>'
          - 'routeros (.[0-9.]+) '
          - '<b>MikroTik RouterOS (.[0-9.]+)</b>'
Create mikrotik-routeros.yaml Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2021-06-21 09:56:59 +00:00			`id: mikrotik-routeros`

			`info:`
Merge branch 'main' into patch-1 2022-12-23 09:20:13 +00:00
Update mikrotik-routeros.yaml 2022-12-02 12:08:54 +00:00			`name: MikroTik Router OS - Login Panel Detect`
Create mikrotik-routeros.yaml Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2021-06-21 09:56:59 +00:00			`author: gy741`
			`severity: info`
Dashboard Content Enhancements (#6181) Dashboard Content Enhancements 2022-11-29 14:52:46 +00:00			`description: MikroTik Router OS login panel was detected.`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`reference:`
			`- https://systemweakness.com/routeros-user-with-just-ftp-policy-can-write-to-filesystem-cve-2021-27221-e3e45d780dfe`
Dashboard Content Enhancements (#6181) Dashboard Content Enhancements 2022-11-29 14:52:46 +00:00			`classification:`
			`cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N`
			`cvss-score: 0.0`
			`cwe-id: CWE-200`
Create mikrotik-routeros.yaml Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2021-06-21 09:56:59 +00:00			`tags: panel,login`

			`requests:`
			`- method: GET`
			`path:`
			`- '{{BaseURL}}'`

Update mikrotik-routeros.yaml 2022-12-02 10:29:41 +00:00			`matchers-condition: and`
Create mikrotik-routeros.yaml Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com> 2021-06-21 09:56:59 +00:00			`matchers:`
			`- type: word`
			`words:`
			`- 'If this device is not in your possession, please contact your local network administrator'`
Update mikrotik-routeros.yaml 2022-12-15 18:43:21 +00:00			`- '.mikrotik.com'`
Update mikrotik-routeros.yaml 2021-06-22 06:37:09 +00:00			`condition: and`
Merge branch 'main' into patch-1 2022-12-23 09:20:13 +00:00
Update mikrotik-routeros.yaml 2022-12-15 18:43:21 +00:00			`- type: word`
			`name: router-old`
			`part: body`
			`words:`
			`- '<title>mikrotik routeros > administration</title>'`
			`- '<title>Mikrotik Router'`
			`- '<img src="/webcfg/'`
			`- '<title>MikroTik RouterOS Managing Webpage</title>'`
			`condition: or`

			`- type: word`
			`name: hotspot`
			`part: body`
			`words:`
			`- 'Please log on to use the mikrotik hotspot service'`
			`- 'mikrotik hotspot > login'`
			`condition: and`

			`- type: word`
			`name: mikrotik-httpproxy`
			`part: header`
			`words:`
			`- "Server: mikrotik httpproxy"`

fix: `mikrotik-routeros` template 2022-09-16 14:19:53 +00:00			`extractors:`
			`- type: regex`
			`group: 1`
			`regex:`
Update mikrotik-routeros.yaml 2022-12-15 18:43:21 +00:00			`- "<h1>RouterOS (.+)</h1>"`
			`- '<div class="top">mikrotik routeros (.[0-9.]+) configuration page</div>'`
			`- 'routeros (.[0-9.]+) '`
Merge branch 'main' into patch-1 2022-12-23 09:20:13 +00:00			`- '<b>MikroTik RouterOS (.[0-9.]+)</b>'`