🕵️I hacked my MikroTik with Kali Linux, this is scary stuff!
Рет қаралды 37,871
Күн бұрынThis video is for entertainment and educational purposes only!!! Do not use any of these tools on a live environment without proper permission to do so. I hope this video helps many of you get into the InfoSec world and helps you with looking at how to mitigating any possible threats that may be lurking out there. Stay safe!
Support the Channel:
⭐Become a Patreon: / thenetworkberg
⭐Become a KZbin Member: / @thenetworkberg
Social Media:
🌏 thenetworkberg.com
🌏 / thenetworkberg
🌏 / bergnetwork
🌏 / the-network-berg-39451...
MTCNA Playlist:
• Free MTCNA RoSv6
Timestamps:
00:00 - Introduction
00:53 - Brief Kali overview
01:56 - Installing Kali on EVE
03:25 - Building a topology
07:20 - NMAP usage (Port Scan)
09:05 - Exploiting old firmware
Intro "Hacking" video is from an amazing movie that's right here on KZbin called "Kung Fury" Go and give it a watch :D!!!
Thanks again for watching
@TheNetworkBerg 2 жыл бұрын
Kali Linux documentation: www.kali.org/docs/
@jasmenter 2 жыл бұрын
Many Thanks really informative and to the point. Thanks for your efforts again.
@RavingMad 2 жыл бұрын
I love to learn these kinda topics and would appreciate more videos on these topics from you. Mainly because you tie it specifically to MikroTik.
@TheNetworkBerg 2 жыл бұрын
Would definitely love to do more "hacking" scenarios like this with MikroTik for educational purposes. I also find it extremely interesting and I enjoy learning about it myself.
@RavingMad 2 жыл бұрын
@@TheNetworkBerg You have an advantage of being a networking and MikroTik guru. I have technology background but not much in networking. Since the global pandemic began, I got curious about MikroTik while solving connectivity challenges at home. Now I'm all into MikroTik and your content has been life saver. Of course RouterOS is so amazing with endless possibilities, that with the help of your videos (and a few others on YT) I've been able to keep trying new things with my networking stack. I am very glad that you're looking into the area of security and pen. testing and I'm going to use use this to make my network bullet proof. With the metaverse dawning upon us I think it's very important to get all our home networks "bullet" proof to protect against the criminals of the metaverse. Thank you.
@ilyosjon 2 жыл бұрын
Thank you for informing. Great video!
@TheNetworkBerg 2 жыл бұрын
Glad it was helpful!
@mrbob5572 2 жыл бұрын
you are making great videos.keep it up!👍
@TheNetworkBerg 2 жыл бұрын
Glad you like them!
@ddvelzen 2 жыл бұрын
Great demo on EVE NG... From personal experience Mikrotik routers and switches are powerful, rock solid and secure if you keep the software up to date and configure them properly. And make sure you have good monitoring and alerting in place... I
@TheNetworkBerg 2 жыл бұрын
Definitely! MikroTik is great as long as you keep up with best practices and regularly update your firmware.
@JUAN199062 2 жыл бұрын
does it still have a effect if you have a filter rule in place that drops all port scanners?suppose to be "covered" then?
@TheNetworkBerg 2 жыл бұрын
It's definitely a good precaution and something I would suggest having active, though it also isn't complete protection either since the service might still be available and someone could just connect to the service directly even if a port scan reveals nothing. Unlikely but still possible, the best protection is either to limit how these services are accessible, firmware upgrades or just disabling them completely if not in use.
@defaultroute 2 жыл бұрын
You raised some great points that making sure firmware is up to date and adding access security mitigates everything but day zero attacks. I feel bad that people make fun of mikrotik as a ‘basic and cheap’ networking device. They deserve more attention. Adding fuel to the fire by showing obvious exploits is a little unfair no? I don’t mean to sound horrible, but your video comment made it click baity and I felt like mikrotik in general may be a bad choice. Sorry for my comment. I don’t mean negativity. You do great great work.
@TheNetworkBerg 2 жыл бұрын
No, I don't think it's unfair since a recent study has shown that there are nearly 300 000 MikroTiks running with firmware versions from 2018 on the internet that are exploitable in such a manner because people are either not aware of the security risks or they are just too lazy to update their firmware.
@defaultroute 2 жыл бұрын
@@TheNetworkBerg you ‘hacked’ a known firmware bug and wrote about how disturbing it was. That was my point. But of course your video was amazing and I wasn’t trying to suggest otherwise. By the way, the upgrade point is a simple admin task and if people get hacked because of their lapse then it’s their fault (but not mikrotik). Check out this guys video for automatic upgrades. kzbin.info/www/bejne/aau8c6mIrdWSosk
@newtonbomb 2 жыл бұрын
@@TheNetworkBerg I work for an ISP that uses mikrotik devices in infrastructure and for CPE. The first couple of years I had to push hard to get it to be standard operating procedure to keep the firmware and bootloader up to date; I was even taught to disable 2 very important default firewall filter rules for us to have remote access on customer premise equipment 😅... needless to say I got them to stop doing that ASAP...
@newtonbomb 2 жыл бұрын
I should also add that I actually really like mikrotik stuff because of how versatile they are and it can be extremely secure if configured/used correctly.
@TheNetworkBerg 2 жыл бұрын
@@newtonbomb Great to hear you guys got some proper procedures in place to keep security up to date. I also LOVE MikroTik because it is as you say very versatile. I have made MikroTiks do things that would require me to either buy additional licensing or completely different hardware with most other big vendors.
@kresimirpecar4925 2 жыл бұрын
First thing I do with every piece of equipement (network or other) is to update firmware... Also checking for new updates every month or so...
@TheNetworkBerg 2 жыл бұрын
That is perfect and is really the best way to approach securing our infrastructure.
@kresimirpecar4925 2 жыл бұрын
@@TheNetworkBerg Yea, also bunch of forwarded ports that is not used anymore, or even worse, no firewall rules at all... That's like asking for a trouble... In Croatia there is quite a lot Mikrotik routers because they are inexpensive and powerful and who knows how many of them are security risk...
@user-rp5jg2eu1c 8 ай бұрын
I tried in v6.48.2 but I'm failed. Am I wrong? or it can't be done?
@jose-m Жыл бұрын
PSD ACTIVE IN MIKROTIK FIREWALL FILTER add action=add-src-to-address-list address-list="Scanner de puertos" address-list-timeout=2w chain=input comment=SCANNERS protocol=tcp psd=21,3s,3,1 add action=drop chain=input protocol=tcp src-address-list="PortScanners"
@Anavllama 2 жыл бұрын
Concur D R U K, if you dont do this, or dont setup this, or remove default, if if if, any router is hackable. Other than that a great demo for me on EVE-NG, as I have just started dabbling in emulation for lab environments (using GN3). This makes me want to reconsider that choice, so any observations/recommendations comparing the two would be helpful. This is also highlights of a very interesting linux package that, if nothing, else would allow one to test a router or lab setup.
@TheNetworkBerg 2 жыл бұрын
Very true, any Firewall, Router, Switch or even server infrastructure has exploits that tend to get patched out. I just specifically used a MikroTik in my example as it is a device that many of my viewers are familiar with and I read an article showing that there are nearly 300 000 MikroTiks on the internet running with old firmware that are in danger of exploitation. You could go to an exploit-db, find another vendor like Cisco or FortiNet and perform similar types of exploits against their devices as well. My personal preference has been EVE-NG for the 3 or so years, I've used GNS3 for a long time before moving over to EVE-NG. Topologies just work a lot cleaner on EVE-NG, there's also no hassle in connecting devices out to the internet and if you use the free version of GNS3 be prepared for all kinds of tweaking and tuning if you need to update your VMWARE player.
@vratos 2 жыл бұрын
I would be great if you use the new version of mikrotik operating system, the 6.40 is very old and insecure
@TheNetworkBerg 2 жыл бұрын
I'm using this version intentionally to showcase exploitation :)
@N45HT 11 ай бұрын
What kind of MikroTik device did u use?
@TheNetworkBerg 11 ай бұрын
It's a CHR, basically a virtual router that you will actively be seen used on VMs or in the cloud like Azure or AWS.
@N45HT 11 ай бұрын
@@TheNetworkBerg Thankyou
@Kakoomalik 2 жыл бұрын
How can we block Chrome and Andriod VPN app in Mikrotik?
@TheNetworkBerg 2 жыл бұрын
You would need a NGFW for those functions, this is not something routers are really designed for. I would suggest adding a firewall like FortiGate or Palo Alto that can do UTM to block specific applications.
@ShopperPlug 2 жыл бұрын
0:46 - Really dude? lol Typing gibberish...
@TheNetworkBerg 2 жыл бұрын
It's a joke, similar to how that gibberish is E=mc3 :)
@saadmalik9885 2 жыл бұрын
I need help
@TheNetworkBerg 2 жыл бұрын
What do you need help with?
@saadmalik9885 2 жыл бұрын
Hi sir
@TheNetworkBerg 2 жыл бұрын
Hello
The Network Berg
Рет қаралды 16 М.