Skip to content
This repository has been archived by the owner on Jan 10, 2024. It is now read-only.
/ metasploit-winbox_settings Public archive

Windows Gather Mikrotik Winbox "Keep Password" Credentials Extractor

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

siddolo/metasploit-winbox_settings

BranchesTags

Repository files navigation

Metasploit - winbox_settings

Post module for Metasploit to extracts Mikrotik Winbox credentials saved in the "settings.cfg.viw" file when the "Keep Password" option is selected in Winbox.

This repository is obsolete. The module is now part of metasploit!

Module options

Module options (post/windows/gather/credentials/winbox_settings):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SESSION  5                yes       The session to run this module on
   VERBOSE  false            no        HexDump settings.cfg.viw files

Example

msf6 post(windows/gather/credentials/winbox_settings) > run

[*] VERBOSE: false
[*] Checking Default Locations...
[*] C:\Users\Administrator\AppData\Roaming\Mikrotik\Winbox\settings.cfg.viw not found ....
[*] Found File at C:\Users\FooBar\AppData\Roaming\Mikrotik\Winbox\settings.cfg.viw
[+] Login: ThisIsUsername
[+] Password: ThisIsPassword
[*] Post module execution completed

Author

Pasquale 'sid' Fiorillo

Thanks to ISGroup ❤️

ko-fi

About

Windows Gather Mikrotik Winbox "Keep Password" Credentials Extractor

Resources

Readme
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages