Script MikroTik RouterOS - Anti Hack Protected BootLoader

Advertisement

The operation of this script is very simple but smart, this script will track anyone who intends to activate Mirotik Protected Bootloader, it will be detected immediately and the router will automatically shut down immediately , when the router is turned back on, all the settings of the Protected Bootloader will be reset to the default settings, so any previous malicious intruder pranks will be in vain

If after installing this script the router hangs, don't panic, the script might be working and that means someone is trying to illegally activate the bootloader on the router, if c is true, this can be seen by changing the legend or identity window in Winbox to BOOTLOADER > Min: 00:00:20 - Max: 00:10:00

Why does this script need to change identity or caption in Winbox? I'm trying to think that if the reset button and NetInstall doesn't work, then at least we know how long the "reset hold button" takes and how long it takes to press the reset button for it to work. Please modify it, if you want it to be good, we can also add other information such as email or telegram

For more information, this script can't actually just run through a scheduler, because there are still many holes that we can use to install the script.

You can set multiple locations  to run your scripts.

• DHCP Client
• DHCP Server
• Hotspot Profile
• PPP Profile
• Netwatch tool

#=====================================================

# ANTIHACKER PROTECTED BOOTLOADER BY AVA STUDIO SECURE!

#=====================================================

# Set LocalString

:local logprotectedrouterboot;

:local logreformatholdbutton;

:local logreformatholdbuttonmax;

# Set localInput

:set logprotectedrouterboot "$[/system routerboard setting get protected-routerboot]"

:set logreformatholdbutton "$[/system routerboard setting get reformat-hold-button]"

:set logreformatholdbuttonmax "$[/system routerboard setting get reformat-hold-button-max]"

# Ckeck if Bootloader change to Enable

:if ($logprotectedrouterboot ="enabled") do={

# Set-info reformat hold button on Identity

/system identity set name="BOOTLOADER > Min:$logreformatholdbutton - Max:$logreformatholdbuttonmax"

# Set-back BootLoader to default config

/system routerboard setting set protected-routerboot disabled

/system routerboard setting set reformat-hold-button=20s

/system routerboard setting set reformat-hold-button-max=10m

# delay-5 second

:delay 5s

# Shutdown-mikrotik or use /system reboot

/system shutdown

}

Thanks