Quick Start - mrhenrike/MikrotikAPI-BF GitHub Wiki

Quick Start

Language: English · Português (pt-BR)

Get your first result in under 60 seconds.

Step 1 — Clone and Install

git clone https://github.com/mrhenrike/MikrotikAPI-BF.git
cd MikrotikAPI-BF
python -m venv .venv && source .venv/bin/activate  # Linux/macOS
python -m venv .venv && .venv\Scripts\activate      # Windows
pip install -r requirements.txt

Step 2 — Single Credential Test

python mikrotikapi-bf.py -t 192.168.88.1 -U admin -P admin

Step 3 — Wordlist Attack

python mikrotikapi-bf.py -t 192.168.88.1 \
  -u examples/usernames.txt \
  -p examples/passwords.txt \
  --progress

Step 4 — Combo File Attack

python mikrotikapi-bf.py -t 192.168.88.1 -d examples/combos.txt --progress

Step 5 — Export Results

python mikrotikapi-bf.py -t 192.168.88.1 -d examples/combos.txt \
  --export-all \
  --audit-report \
  --progress

Output files: results/mikrotik_*.json, .csv, .xml, .txt, audit_report_*.pdf

Typical Pentest Flow

# 1. Discover Mikrotik devices on subnet
python mikrotikapi-bf.py --discover -n 192.168.1.0/24 --progress

# 2. Fingerprint target
python mikrotikapi-bf.py -t 192.168.88.1 --fingerprint -v

# 3. Stealth wordlist attack
python mikrotikapi-bf.py -t 192.168.88.1 -d combos.txt --stealth --progress

# 4. Post-login service validation
python mikrotikapi-bf.py -t 192.168.88.1 -U admin -P found_password \
  --validate ftp,ssh,telnet --progress

# 5. Export full audit report
python mikrotikapi-bf.py -t 192.168.88.1 -d combos.txt \
  --export-all --audit-report

# 6. Run specific exploit (v3.10.0+)
python mikrotikapi-bf.py -t 192.168.88.1 --run-exploit CVE-2018-14847

# 7. Full 8-phase security audit with SARIF (v3.10.0+)
python mikrotikapi-bf.py -t 192.168.88.1 --audit -U admin -P found_password \
  --export sarif

See also: Usage Examples · API Reference