RouterOS Mac-Telnet application for Linux users
Earlier, I wrote about a Wireshark plugin for dissecting Mac-Telnet packets. Now I have created an open source application for connecting to a RouterOS router via its MAC address from Linux without having to install Wine. At the time of writing the project is still in “alpha” stage. But it is fully functional. Though it will probably be rewritten soon. I feel that the second time you write the same application, it tends to be more robust and thought through.. The first time is more of a proof of concept, and I let myself do a lot of short-cuts, just to be able to see it working.
The source code can be found at github. Just find the “download source” link at the top of the page.
To compile it, simply untar it, and compile it with “make” .
Because it needs to alter the frame headers, it uses RAW sockets, which means that you will need root access to use this tool.
To find the MAC address of connected routers, try the included tool mndp. It might take up to 2 minutes to find all routers, since it is a passive tool that waits for the routers to broadcast their info on the network:
# ./mndp Searching for MikroTik routers... Abort with CTRL+C. 0:c:42:43:58:a5 HMG |
HMG is my name of the found router, set in the Identity section of the router.
Here are some mac-telnet usage information:
# ./mactelnet --help Usage: ./mactelnet <ifname> <MAC> <username> [password] Parameters: ifname Network interface that the RouterOS resides on. (ex: eth0) MAC MAC-Address of the RouterOS device. Use mndp to discover them. username Your username. password Your password. |
Tip: Log out using CTRL+D on your keyboard.
Usage example:
# sudo ./mactelnet eth0 0:c:42:43:58:a5 admin mysecretpass Connecting to 0:c:42:43:58:a5...done MMM MMM KKK TTTTTTTTTTT KKK MMMM MMMM KKK TTTTTTTTTTT KKK MMM MMMM MMM III KKK KKK RRRRRR OOOOOO TTT III KKK KKK MMM MM MMM III KKKKK RRR RRR OOO OOO TTT III KKKKK MMM MMM III KKK KKK RRRRRR OOO OOO TTT III KKK KKK MMM MMM III KKK KKK RRR RRR OOOOOO TTT III KKK KKK MikroTik RouterOS 4.0 (c) 1999-2009 http://www.mikrotik.com/ [admin@HMG] > |
[UPDATE]
Omni Flux sent me a patch that speeds up the MNDP discovery time by sending out a MNDP request before waiting for replies. Thanks!
He also informed me that his tests showed that you could send all the mac-telnet traffic to- and from- the broadcast address. This means that you would not need socket_raw (read: root privileges) capabillities to be able to send data to the router.
So the latest version of mactelnet, now also as a binary .deb package below, can be used without root privileges, unless you don’t want all data from your session to be broadcasted on your local network. You can optionally use the “old” method, where it uses the destination routers mac address as destination instead of broadcast.
Heres the latest “stable”: v0.1 version
Source tarball
Ubuntu/Debian binary package
Last commits on MAC-Telnet at GitHub
- 22.04.2024 - Fix dist build errors
- 22.04.2024 - Add support for auto-reloading available network interfaces on OS X a…
- 13.04.2024 - Release v0.5.1
- 13.04.2024 - Add support for --without-mactelnetd to configure script
- 07.04.2024 - Release v0.5.0
[…] You can read more and download the source here. […]
May 27th, 2011 at 08:12Very nice. Just tried it. Will be very useful in my line of work with configuring various Mikrotik hardware.
Thanks.
August 5th, 2011 at 07:11hi. good job man.
October 13th, 2011 at 01:11Thank you for your work – result is realy handy.
January 30th, 2012 at 13:08when you make mac-server
June 16th, 2012 at 23:55Great job man, but i m getting an error while compiling the package ! here it is :
[root@netview11 – /haakonnessjoen-MACTelnet-Debian-Packaging-be79190 # make all install
July 22nd, 2012 at 09:09cc -Wall -o macping macping.c interfaces.o protocol.o
protocol.o: In function `parse_mndp’:
protocol.c:(.text+0x8a6): undefined reference to `le32toh’
collect2: ld returned 1 exit status
make: *** [macping] Error 1
i was able to install the first release that didn’t contain mcping. every other release i get this issue.
please help me. Thanks in advance.
hi again, sorry but i m getting another issue, using mndp from the first release i can find the mikrotik mac address but when trying to connect to it it says time out,
[root@netview11 – / # mndp
July 22nd, 2012 at 09:19Searching for MikroTik routers… Abort with CTRL+C.
d4:ca:6d:20:4e:34 Mikrotik
[root@netview11 – / # mactelnet eth1 d4:ca:6d:20:4e:34
Login: admin
Passsword:
Connecting to d4:ca:6d:20:4e:34…Connection timed out
Again thank you .
hi sorry for another post but my issue fixed using -n parameter ,Thanks. :D
July 22nd, 2012 at 09:32I have already done it. You can install it in debian/ubuntu by typing “sudo apt-get install mactelnet-server”, or download the source from my github page.
August 27th, 2012 at 11:09They should be in glibc on your linux. Are you sure you have installed all development-essential headers on your linux distribution?
August 27th, 2012 at 11:24Look at your glibc’s endian.h file for the definitions of le32toh.
It might also be a bug that has been fixed in later versions, that prevented you to use it without -n. :)
August 27th, 2012 at 11:25I’ve had very good use of this tool, it saved me from having to climb ladders during Winter when the routers crapped out because of a license issue.
I’m eternally grateful for this tool you made!
We are no longer using the MikroTik boards and their antennas, so I’m wondering if you’d be interested in this equipment for free as a token of my appreciation. I do understand if you don’t as this is not new technology.
Equipment:
* A splash-proof enclosure with RB433 + 2x R52 interfaces + PSU
* Three P2P antennas with built-in RB411 cards, POE-splits and PSUs
* Two 180° antennas
* Probably a few more interfaces and MikroTik boards
If this is interesting to you I’ll post it to you.
Vennleg helsing Robert Grønning, IT Ansvarleg ved UWC Red Cross Nordic i Flekke, Sogn og Fjordane
October 31st, 2012 at 15:38I have an issue with that tool and Fedora 18: it seems that device naming is an issue. My LAN device is named as p4p1, but mac-telnet nor mndp are able to hear nothing. The mndp is silent, but mac-telnet is openly complaining:
[root@l2ppar haakonnessjoen-MAC-Telnet-ed9ad77]# ./mactelnet p4p1 d4:ca:6d:2c:73:6a admin
Searching for ‘p4p1’…not found
[root@l2ppar haakonnessjoen-MAC-Telnet-ed9ad77]# ifconfig
eth1: flags=4163 mtu 1500
inet 192.168.225.7 netmask 255.255.255.0 broadcast 192.168.225.255
inet6 fe80::aed:b9ff:fee1:2f57 prefixlen 64 scopeid 0x20
ether 08:ed:b9:e1:2f:57 txqueuelen 1000 (Ethernet)
RX packets 36656 bytes 50537991 (48.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 2826
TX packets 23064 bytes 2249930 (2.1 MiB)
TX errors 3 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 17
lo: flags=73 mtu 16436
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 0 (Local Loopback)
RX packets 24 bytes 2492 (2.4 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 24 bytes 2492 (2.4 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
p4p1: flags=4163 mtu 1500
inet 192.168.0.123 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::3e97:eff:fe3f:e8d3 prefixlen 64 scopeid 0x20
ether 3c:97:0e:3f:e8:d3 txqueuelen 1000 (Ethernet)
RX packets 36 bytes 4127 (4.0 KiB)
RX errors 0 dropped 7 overruns 0 frame 0
TX packets 17 bytes 3207 (3.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@l2ppar haakonnessjoen-MAC-Telnet-ed9ad77]#
At the same time the Wireshark is seeing packets on device p4p1.
Note: Install instructions are a bit wrong as well – “tar zxvf haakonness*.tar.gz” should be “tar zxvf master”
January 7th, 2013 at 16:16Hi,
I think you are using an old syntax of the mactelnet command. If you look at the latest README for mactelnet, the syntax no longer needs the interface name of your machine.
So instead of:
mactelnet p4p1 d4:ca:6d:2c:73:6a admin
Use:
January 7th, 2013 at 17:45mactelnet d4:ca:6d:2c:73:6a -u admin
Thanks, for the mac-telnet I am now able to login into a MikroTik RB112 device I have for the testing, but mndp still does not see any announcements. What to do about it?
January 7th, 2013 at 18:20A little addition – the mndp seems to be able to see the device, but only if it is in the same subnet as itself. Is it intentional? How to let it see every MNDP packet traveling down the wire?
January 7th, 2013 at 18:40Please, make the RPM package for RH/Fedora based systems
April 30th, 2013 at 11:00Hi Håkon, congratulations, Great Job !
Unfortunately, this application didn’t work is my environment.
I realized that MNDP sends broadcast messages to udp port 5678, however routers don’t forward Broadcasts by default and, for many reasons we don’t want it. In my Local networks it’s fine
Anyway, This would be useful if the search was accomplished by the specific range of IP addresses and not via broadcast
March 17th, 2014 at 22:24[]’s
Hi Dave,
I am sorry to hear that it did not work in your environment. But I am afraid you misunderstood the whole concept of “mndp” and “mac-telnet”. It is meant for local network use only. Both mndp and mactelnet is centered about doing communication over the local network without relying on you being on the same subnet. But you are required to be on the same physical network. That is, not being behind a router as you say. That is by design.
March 22nd, 2014 at 13:34Hi Håkon,
You made a really good job!
I have a question relative to its usage through expect or through non tty.
In expect i didn’t succeed in expecting the prompt (” > “) to send my commands
In non-tty usage (through PHP) the authentication fails because of the lack of height/width, i had to modify mactelnet.c to force
plen += add_control_packet(&data, MT_CPTYPE_TERM_WIDTH, &width, 2);
plen += add_control_packet(&data, MT_CPTYPE_TERM_HEIGHT, &height, 2);
with static values, but even with that, i’m unable to interact through mactelnet.
If you have any idea please let me know…
Thank you!
May 13th, 2014 at 17:27Hi Håkon,
May 26th, 2014 at 23:25I ve already compiled your mactelnet to my openwrt router from https://gitorious.org/mactelnet. The problem is in /etc/mactelnet.users. I cannot use this file because I want to use radius login and everybody can see root password (all the passwords) in that file. I need to compare password directly with /etc/passwd (shadow). I changed DUSERFILE from mactelnet.users to shadow in Makefile, but now I must type all the string. Could you help me? Thanks.
Hi Håkon.
All my working life i’m using Linux Fedora. And MACtelnet always worked good in this system for me.
But now (on newest version – Fedora 20) I can’t login even after mndp found my device. See following quote:
… [root@admin ~]# mactelnet -l
… Searching for MikroTik routers… Abort with CTRL+C.
…
… MAC-Address Identity (platform version hardware) uptime
… d4:ca:6d:d7:49:7e Marketingsolutions (MikroTik 6.13 RB951Ui-2HnD) up 0 days 10 hours U5SX-6Q31
… ^C
… [root@admin ~]# mactelnet d4:ca:6d:d7:49:7e -u admin
… Password:
… Connecting to d4:ca:6d:d7:49:7e…Connection failed.
In my firewall UDP port 20561 is opened. SeLinux system I turned off while trying to login. All time during test I been logged in to my RB951Ui-2HnD by Winbox started in Wine.
May 30th, 2014 at 10:05Can you suggest me, how to find the problem and fix it???
Great work! Did anyone tried compiling this for android? It would be very helpful…
May 31st, 2014 at 17:45Hi, is there a way to make the application armhf compatible? I would need it on a Raspberry PI.
June 13th, 2014 at 16:42THX
Nevermind, my mistake!
June 17th, 2014 at 16:36Hi dilnix, you could try using the -n parameter. And update to the latest version of mactelnet from github.
August 22nd, 2014 at 20:43If you are running raspbian on your raspberry pi, you can run:
August 22nd, 2014 at 20:44apt-get install mactelnet-client mactelnet-serverHi Ales,
I am afraid this is not possible, because of how the authentication system of the protocol works. Both sides needs to know the password in plaintext in order to generate the correct md5sum and compare it.
August 22nd, 2014 at 20:47Hi Daren,
Thanks for the info. I will investigate this when I have some spare time.
August 22nd, 2014 at 20:49[…] ke Router Mikrotik Via MAC Address tanpa menggunakan Winbox.exe Ini Tipsnya: Download Tools nya RouterOS Mac-Telnet application for Linux users atau […]
January 23rd, 2017 at 10:02Hi, Is there a way to make the tool work in CentOS ?
Thanks , I really appreciate it.
October 31st, 2017 at 01:23Yes, you should be able to compile it without problems using the instructions on https://github.com/haakonnessjoen/MAC-Telnet .
If it does not compile, you need to install automake, autoconf, libtool and gcc compiler. Search for the packages using your package manager.
November 11th, 2017 at 22:36[…] RouterOS Mac-Telnet application for Linux users […]
February 1st, 2018 at 20:24[…] RouterOS Mac-Telnet application for Linux users […]
May 7th, 2018 at 10:43