RouterOS Mac-Telnet application for Linux users

Earlier, I wrote about a Wireshark plugin for dissecting Mac-Telnet packets. Now I have created an open source application for connecting to a RouterOS router via its MAC address from Linux without having to install Wine. At the time of writing the project is still in “alpha” stage. But it is fully functional. Though it will probably be rewritten soon. I feel that the second time you write the same application, it tends to be more robust and thought through.. The first time is more of a proof of concept, and I let myself do a lot of short-cuts, just to be able to see it working.

The source code can be found at github. Just find the “download source” link at the top of the page.

To compile it, simply untar it, and compile it with “make” .
Because it needs to alter the frame headers, it uses RAW sockets, which means that you will need root access to use this tool.

To find the MAC address of connected routers, try the included tool mndp. It might take up to 2 minutes to find all routers, since it is a passive tool that waits for the routers to broadcast their info on the network:

# ./mndp
Searching for MikroTik routers... Abort with CTRL+C.
  0:c:42:43:58:a5 HMG

HMG is my name of the found router, set in the Identity section of the router.

Here are some mac-telnet usage information:

# ./mactelnet --help
Usage: ./mactelnet <ifname> <MAC> <username> [password]
 
Parameters:
  ifname    Network interface that the RouterOS resides on. (ex: eth0)
  MAC       MAC-Address of the RouterOS device. Use mndp to discover them.
  username  Your username.
  password  Your password.

Tip: Log out using CTRL+D on your keyboard.

Usage example:

# sudo ./mactelnet eth0 0:c:42:43:58:a5 admin mysecretpass
Connecting to 0:c:42:43:58:a5...done
 
 
  MMM      MMM       KKK                          TTTTTTTTTTT      KKK
  MMMM    MMMM       KKK                          TTTTTTTTTTT      KKK
  MMM MMMM MMM  III  KKK  KKK  RRRRRR     OOOOOO      TTT     III  KKK  KKK
  MMM  MM  MMM  III  KKKKK     RRR  RRR  OOO  OOO     TTT     III  KKKKK
  MMM      MMM  III  KKK KKK   RRRRRR    OOO  OOO     TTT     III  KKK KKK
  MMM      MMM  III  KKK  KKK  RRR  RRR   OOOOOO      TTT     III  KKK  KKK
 
  MikroTik RouterOS 4.0 (c) 1999-2009       http://www.mikrotik.com/
 
 
[admin@HMG] >

[UPDATE]
Omni Flux sent me a patch that speeds up the MNDP discovery time by sending out a MNDP request before waiting for replies. Thanks!

He also informed me that his tests showed that you could send all the mac-telnet traffic to- and from- the broadcast address. This means that you would not need socket_raw (read: root privileges) capabillities to be able to send data to the router.

So the latest version of mactelnet, now also as a binary .deb package below, can be used without root privileges, unless you don’t want all data from your session to be broadcasted on your local network. You can optionally use the “old” method, where it uses the destination routers mac address as destination instead of broadcast.

Heres the latest “stable”: v0.1 version
Source tarball
Ubuntu/Debian binary package

Last commits on MAC-Telnet at GitHub

Posted October 1st, 2010 in C, mikrotik, routeros.

19 comments:

  1. Mac Telnet Utility for Debian/Ubuntu « blog @ bluebliss:

    [...] You can read more and download the source here. [...]

  2. Dean:

    Very nice. Just tried it. Will be very useful in my line of work with configuring various Mikrotik hardware.

    Thanks.

  3. zixo:

    hi. good job man.

  4. Pavel:

    Thank you for your work – result is realy handy.

  5. guest:

    when you make mac-server

  6. hussain:

    Great job man, but i m getting an error while compiling the package ! here it is :

    [root@netview11 - /haakonnessjoen-MACTelnet-Debian-Packaging-be79190 # make all install
    cc -Wall -o macping macping.c interfaces.o protocol.o
    protocol.o: In function `parse_mndp':
    protocol.c:(.text+0x8a6): undefined reference to `le32toh'
    collect2: ld returned 1 exit status
    make: *** [macping] Error 1
    i was able to install the first release that didn’t contain mcping. every other release i get this issue.
    please help me. Thanks in advance.

  7. hussain:

    hi again, sorry but i m getting another issue, using mndp from the first release i can find the mikrotik mac address but when trying to connect to it it says time out,

    [root@netview11 – / # mndp
    Searching for MikroTik routers… Abort with CTRL+C.
    d4:ca:6d:20:4e:34 Mikrotik
    [root@netview11 – / # mactelnet eth1 d4:ca:6d:20:4e:34
    Login: admin
    Passsword:
    Connecting to d4:ca:6d:20:4e:34…Connection timed out
    Again thank you .

  8. hussain:

    hi sorry for another post but my issue fixed using -n parameter ,Thanks. :D

  9. Håkon Nessjøen:

    I have already done it. You can install it in debian/ubuntu by typing “sudo apt-get install mactelnet-server”, or download the source from my github page.

  10. Håkon Nessjøen:

    They should be in glibc on your linux. Are you sure you have installed all development-essential headers on your linux distribution?
    Look at your glibc’s endian.h file for the definitions of le32toh.

  11. Håkon Nessjøen:

    It might also be a bug that has been fixed in later versions, that prevented you to use it without -n. :)

  12. Robert Grønning:

    I’ve had very good use of this tool, it saved me from having to climb ladders during Winter when the routers crapped out because of a license issue.

    I’m eternally grateful for this tool you made!

    We are no longer using the MikroTik boards and their antennas, so I’m wondering if you’d be interested in this equipment for free as a token of my appreciation. I do understand if you don’t as this is not new technology.

    Equipment:
    * A splash-proof enclosure with RB433 + 2x R52 interfaces + PSU
    * Three P2P antennas with built-in RB411 cards, POE-splits and PSUs
    * Two 180° antennas
    * Probably a few more interfaces and MikroTik boards

    If this is interesting to you I’ll post it to you.

    Vennleg helsing Robert Grønning, IT Ansvarleg ved UWC Red Cross Nordic i Flekke, Sogn og Fjordane

  13. Ivo Sarak:

    I have an issue with that tool and Fedora 18: it seems that device naming is an issue. My LAN device is named as p4p1, but mac-telnet nor mndp are able to hear nothing. The mndp is silent, but mac-telnet is openly complaining:

    [root@l2ppar haakonnessjoen-MAC-Telnet-ed9ad77]# ./mactelnet p4p1 d4:ca:6d:2c:73:6a admin
    Searching for ‘p4p1′…not found
    [root@l2ppar haakonnessjoen-MAC-Telnet-ed9ad77]# ifconfig
    eth1: flags=4163 mtu 1500
    inet 192.168.225.7 netmask 255.255.255.0 broadcast 192.168.225.255
    inet6 fe80::aed:b9ff:fee1:2f57 prefixlen 64 scopeid 0×20
    ether 08:ed:b9:e1:2f:57 txqueuelen 1000 (Ethernet)
    RX packets 36656 bytes 50537991 (48.1 MiB)
    RX errors 0 dropped 0 overruns 0 frame 2826
    TX packets 23064 bytes 2249930 (2.1 MiB)
    TX errors 3 dropped 0 overruns 0 carrier 0 collisions 0
    device interrupt 17

    lo: flags=73 mtu 16436
    inet 127.0.0.1 netmask 255.0.0.0
    inet6 ::1 prefixlen 128 scopeid 0×10
    loop txqueuelen 0 (Local Loopback)
    RX packets 24 bytes 2492 (2.4 KiB)
    RX errors 0 dropped 0 overruns 0 frame 0
    TX packets 24 bytes 2492 (2.4 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    p4p1: flags=4163 mtu 1500
    inet 192.168.0.123 netmask 255.255.255.0 broadcast 192.168.0.255
    inet6 fe80::3e97:eff:fe3f:e8d3 prefixlen 64 scopeid 0×20
    ether 3c:97:0e:3f:e8:d3 txqueuelen 1000 (Ethernet)
    RX packets 36 bytes 4127 (4.0 KiB)
    RX errors 0 dropped 7 overruns 0 frame 0
    TX packets 17 bytes 3207 (3.1 KiB)
    TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

    [root@l2ppar haakonnessjoen-MAC-Telnet-ed9ad77]#

    At the same time the Wireshark is seeing packets on device p4p1.

    Note: Install instructions are a bit wrong as well – “tar zxvf haakonness*.tar.gz” should be “tar zxvf master”

  14. Håkon Nessjøen:

    Hi,

    I think you are using an old syntax of the mactelnet command. If you look at the latest README for mactelnet, the syntax no longer needs the interface name of your machine.

    So instead of:
    mactelnet p4p1 d4:ca:6d:2c:73:6a admin

    Use:
    mactelnet d4:ca:6d:2c:73:6a -u admin

  15. Ivo Sarak:

    Thanks, for the mac-telnet I am now able to login into a MikroTik RB112 device I have for the testing, but mndp still does not see any announcements. What to do about it?

  16. Ivo Sarak:

    A little addition – the mndp seems to be able to see the device, but only if it is in the same subnet as itself. Is it intentional? How to let it see every MNDP packet traveling down the wire?

  17. dilnix:

    Please, make the RPM package for RH/Fedora based systems

  18. Dave:

    Hi Håkon, congratulations, Great Job !
    Unfortunately, this application didn’t work is my environment.
    I realized that MNDP sends broadcast messages to udp port 5678, however routers don’t forward Broadcasts by default and, for many reasons we don’t want it. In my Local networks it’s fine

    Anyway, This would be useful if the search was accomplished by the specific range of IP addresses and not via broadcast
    []‘s

  19. Håkon Nessjøen:

    Hi Dave,

    I am sorry to hear that it did not work in your environment. But I am afraid you misunderstood the whole concept of “mndp” and “mac-telnet”. It is meant for local network use only. Both mndp and mactelnet is centered about doing communication over the local network without relying on you being on the same subnet. But you are required to be on the same physical network. That is, not being behind a router as you say. That is by design.

Leave a response: