标签归档:telnetenable

网件netgear系列路由丢失MAC地址改回原厂设定的办法

折腾学习openwrt的测试路由是网件Netgear WNR3500L V1,这个路由也算当年的一个经典型号,配置如下

Broadcom BCM4718A@453MHz
64MiB RAM
8MiB FLASH
4 x 1千兆LAN口
1 USB2.0

总体来说,可玩性很高,性能也还过得去。
这是网件的开源路由,各大路由系统DD-WRT OPENWRT TOMATO等都有支持。

在折腾的过程中,发现MAC地址丢失了,表现为mac地址为 00:FF:FF:FF:FF:FF ,这个问题曾经困扰了我很久,试了很多办法都不能把它改回来,走了很多弯路。

mac丢失并不会影响使用,但强迫症患者表示看到这个mac非常不爽!

近期总算找到办法把它改回出厂mac了,之前没有记录起来,导致又出现这个问题后又是一番查找才解决问题,这里把过程贴下,权作记录方便以后自己查找,也方便后来者遇到和我一样的问题少走弯路。

1、 无论你现在使用的是什么版本的固件,请把它刷回官方固件。
2、 下载网件的telnetenalbe,把telnetEnable.exe解压到你的个人文件夹(省去cd到目录或者加patch的麻烦)。
3、 WIN键+R 打开运行 输入 CMD 打开CMD 输入如下命令 telnetenable.exe 192.168.1.1 00FFFFFFFFFF Gearguy Geardog IP为你路由IP,请做相应更改,最后两参数为用户名密码,注意大小写。
4、 再另外打开一个CMD窗口, telnet 192.168.1.1 登录上去
5、 输入如下命令更改MAC

cd /sbin
burnethermac 设备原MAC地址
reboot #重启退出后门模式

注意mac地址不用加符号,只输入字符就行。
搞定收工。

此办法同样适用于以下网件路由型号

DC112a v1: Works with UDP of version TelnetEnable and adminstration admin/pw, telnet does not require password.
DGN1000v3: Router Firmware Version V1.0.0.14_0.0.14 works, gives access to a BusyBox console w/o authentication
DGND3700v1/DGND3800B: < 3.0.0.8 works with original telnetenable over TCP; >= 3.0.0.8 works with any telnetenable patched for UDP
EX2700: firmware V1.0.1.8 works, gives access to root shell w/o authentication (telnetenable listens on UDP/23)
EX6100: Works with original telnetenable (TCP/23) with credentials super_username/super_passwd (not admin/password as one might think) or Gearguy/Geardog or both. Sometimes it doesn’t unlock with first attempt (parser_enable?)
R6700: V1.0.0.2_1.0.1 Tested and working with modified python script of telnetenable.
R7000: Assumed to be working with modified python script of telnetenable, and modified telnetenable binary for linux x86-64. V1.0.4.30_1.1.67 & V1.0.7.2_1.1.93 tested working with linux telnetenable from insaneid github using web GUI credentials. Doesn’t work with super_username & super_passwd nvram variables that are still present. Changing them does nothing. The telnet login ignores credentials (telnet -l username router_ip).
R7500: V1.0.0.82 Tested and working with modified python script of telnetenable, and modified telnetenable binary for linux x86-64.
WG602 (unknown version): assumed to work
WGR614 v1-2: unknown; may work
WGR614 v3,v4,v5,v6: known to work
WGR614 v7: known to work (if it does not work for you, try to hard reset your router first)
WGR614 v8 (WGR614L): works, access to a BusyBox console without authentication
WGR614 v9: works, gives access to a BusyBox console without authentication
WGR614 v10: works, gives access to a BusyBox 0.60.0 console without authentication
normally uses the old TCP utility
the latest WNR1000v3 OEM firmware (1.0.2.68_60.0.93NA) modified (board id hex edited) uses the UDP utility
WGT624 (unknown version): assumed to work
WGT624 v2, v3: works
WGT624 V3H1: works (after 6-12 try, reboot, try again cycles)
WN3000RP v1: works; does not require username/password for login, but necessary for telnetenable (Geardog/Gearguy)
WNDR3300 : works. Does not require username/password for login. On connection the ‘#’ prompt is displayed.
WNDR3400v2 v1.0.0.16_1.0.34 works; does not ask for username/password on login. On connection you should be dropped on a ‘#’ prompt.
WNDR3700 V1.0.7.98: known to work – does not ask for username/password. After connection you will be root at BusyBox v1.4.2.
WNDR3800 v1.0.0.16 Tested with the python script of telnetenable.
WNDR4000 v1.0.0.88 works. Does NOT ask for username/password on login. On connection you should be dropped on a ‘#’ prompt.
WNDR4300 V1.0.1.30/34/42 works with the python script. Does NOT ask for username/password on login. On connection you should be dropped on a ‘#’ prompt.
WNDR4500 V1.0.1.40 works with the python script. Does NOT ask for username/password on login. On connection you should be dropped on a ‘#’ prompt.
WNR1000 v1-2: works; does not require username/password for login. On connection the ‘#’ prompt is displayed.
WNR1000 v3: works using the new UDP utility with GUI user/password, using latest OEM firmware 1.0.2.68_60.0.93NA
did not work initially, only having performed a GUI reset after upgrading firmware to latest
BusyBox 0.60.0 worked after a hard reset (power on holding reset button until lights flash)
firmware prior to latest was not tested, but expect the old TCP utility was required, per WGR614v10
WNR2000 v4: works; does not require username/password for login. On connection the ‘#’ prompts is displayed.
WNR2200 v1: works; does not require username/password for login. Uses Gearguy/Geardog and the old TCP method. Displays OpenWrt header on connect (stock firmware)
WNR3500 v1.0.29: works; does not ask for username/password on login. On connection you should be dropped on a ‘#’ prompt.
WNR3500L V1.2.2.44: Works. V1.2.2.48_35.0.55NA: fails. Does NOT ask for username/password on login. Dropped to ‘#’ prompt on connection.
WPN824 v1, V2.0.15_1.0.11: known to work
WPN824 v2: known to work
WPN824 V3: not needed; enable the utelnetd option in Remote Management.

参考 Unlocking the Netgear Telnet Console