MKBRUTUS is a Password bruteforcer for MikroTik devices or boxes running RouterOS. MKBRUTUS is a tool developed in Python 3 that performs bruteforce attacks (dictionary-based) systems against RouterOS (ver. 3.x or newer) which have the 8728/TCP port open. Currently has all the basic features of a tool to make dictionary-based attacks, but in the future we plan to incorporate other options.
Some boxes running Mikrotik RouterOS (3.x or newer) have the API port enabled (by default, in the port 8728/TCP) for administrative purposes instead SSH, Winbox or HTTPS (or have all of them). This is (another) attack vector as it might be possible to perform a bruteforce to obtain valid credentials if no protection is available on that port. As the API uses a specific privative protocol, some code published by the vendor was included. Python 3.x is required in order to run this tool.
Linux :: MKBRUTUS