The first 4 bytes are decrypted and compared to 0xB1A1AC88 to check if password is correct before performing a decryption.RC4 cipher is used to encrypt or decrypt 0x300 (256 * 3 = 768) bytes (of arbitrary value).salt+password result is hashed using SHA1.A random salt of 32 bytes is generated ( RouterOS only populates the first 16 bytes, mistake?) (Fixed).If you have very large wordlist files, you can use parallel brute forcingĬargo run -release - bruteforce -i MikroTik-encrypted.backup -w wordlist.txt -p Header structure Plaintext version Size (byte)Įncrypted Magic 0xB1A1AC88 to verify if password is correct Pack all IDX and DAT files from a given directory in a plaintext backupĬargo run - pack -d unpacked_backup -o MikroTik-plaintext.backup Bruteforceīruteforce the password of an encrypted backup using a wordlist fileĬargo run -release - bruteforce -i MikroTik-encrypted.backup -w wordlist.txt Tools to encrypt/decrypt and pack/unpack RouterOS v6.13+ backup files Usage examples InfoĬargo run - info -i MikroTik.backup DecryptĬonvert an encrypted backup to a plaintext backupĬargo run - decrypt -i MikroTik-encrypted.backup -o MikroTik-plaintext.backup -p password EncryptĬonvert a plaintext backup to an encrypted backupĬargo run - encrypt -i MikroTik-plaintext.backup -o MikroTik-encrypted.backup -e AES -p password UnpackĮxtract all IDX and DAT files from a plaintext backup in a given directoryĬargo run - unpack -i MikroTik-plaintext.backup -d unpacked_backup Pack
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |