Audit Report - mrhenrike/MikrotikAPI-BF GitHub Wiki
Audit Report
Language: English · Português (pt-BR)
MikrotikAPI-BF can generate professional pentest audit reports and SARIF output for CI/CD integration.
Generate an Audit Report
python mikrotikapi-bf.py -t 192.168.88.1 -d combos.txt \
--export-all \
--audit-report
Output: results/audit_report_192.168.88.1_20260328_123456.pdf
Report Contents
1. Executive Summary
- Engagement type and scope
- Date and duration
- Critical findings summary (credential exposure, CVEs)
- Overall risk rating
2. Target Information
- IP, port, hostname
- RouterOS version and board model
- Serial number
- Open ports and enabled services
3. Findings
3.1 Credential Exposure
| Finding | Severity | CVSS |
|---|---|---|
| Default credentials accepted | Critical | 9.8 |
| Weak password policy (< 8 chars) | High | 8.1 |
3.2 Vulnerability Assessment (CVEs)
List of CVEs applicable to the detected RouterOS version, with:
- CVE ID, CVSS score, description
- Affected component and attack vector
- Patch/mitigation status
3.3 Validated Service Access
Which services (FTP, SSH, Telnet, API) were accessible with the found credentials.
4. Risk Rating
| Service | Status | Risk |
|---|---|---|
| RouterOS API (8728) | Vulnerable | Critical |
| FTP (21) | Accessible | High |
| SSH (22) | Accessible | High |
| Telnet (23) | Accessible | Critical |
5. Recommendations
- Change default credentials immediately
- Disable unused services (Telnet, FTP, Winbox if unused)
- Update RouterOS firmware to latest stable
- Enable API only over TLS (port 8729)
- Implement IP access lists for management services
- Set strong password policy (minimum 12 characters, complexity)
6. Appendix
- Full attempt log (timestamps, usernames, passwords tried)
- Scan configuration and parameters
Customizing the Report
You can add client information to the report via environment variables:
MKBF_CLIENT_NAME="ACME Corp" \
MKBF_ENGAGEMENT="Internal Network Assessment" \
MKBF_ANALYST="Andre Henrique" \
python mikrotikapi-bf.py -t 192.168.88.1 -d combos.txt --audit-report
8-Phase Security Audit (v3.10.0+)
The --audit flag runs an automated 8-phase security audit via the REST API:
python mikrotikapi-bf.py -t 192.168.88.1 --audit -U admin -P pass --export sarif
| Phase | Description |
|---|---|
| 1 | System enumeration (identity, resources, packages, health) |
| 2 | Service & network mapping |
| 3 | User & credential audit (blank/default passwords) |
| 4 | REST API injection testing (scheduler, path traversal, SSRF) |
| 5 | Winbox protocol probing (port 8291) |
| 6 | SNMP analysis (default communities) |
| 7 | Debug/undocumented endpoint discovery |
| 8 | Configuration export & firewall audit |
Output: SARIF v2.1.0 JSON + JSON/CSV/XML/TXT (with --export-all).
Run Specific Exploit (v3.10.0+)
python mikrotikapi-bf.py -t 192.168.88.1 --run-exploit CVE-2018-14847
100 registered exploit PoCs available. List them with --scan-cve --all-cves.