hazarjast
commented
2 years ago Worked with @bkerler on updating this telnet enabler for the NBR750 and he found that the final command to create the hashed password in the magic packet had to be updated to '...hexdigest().lower()'; basically lowercase instead of uppercase used in the LBR20. However, even after this was done and the magic packet could be successfully sent, the telnet daemon still would not launch so it seems Netgear has changed something even deeper and/or otherwise broken the telnet enabler daemon.
I spun my wheels on it for a few weeks but ultimately decided upon a workaround instead. At least on the NBR750 initial stable release OEM firmware, Netgear has brought back the NVRAM parameter 'telnetd_enable' which by default is set to '0' to disable it. However, if connected via serial console one can set it to enabled with the command 'fnvram set telnet_enable=1' followed by 'fnvram commit'. After reboot telnet daemon will be running so you can telnet into the device. From there you can either continue to use telnet or enable SSH instead (which I recommend).
To enable telnet easily to start with for those without access to the serial console I've taken a config backup which captures the 'telnetd_enable=1' parameter value so that anyone on the OEM initial release firmware can restore it and gain telnet access. As part of the config backup it also overwrites things like 'admin' and wifi passwords along with wifi SSID but those can be changed post-restore. All the details including the required config backup file are located in the thread below with instructions. Hope this is helpful.
jericsmith504
Hello sir! Hope all is well with you these days. I see Netgear has changed the 'magic packet' for telnetenabled on my new router NBR750 and so sadly this 'telnet-enable2.py' is no longer working for it. Was hoping you might have a chance to take a peek at the updated binary/libraries for it so that maybe we could fork an updated version of the python script for NBR750 and newer routers. As always happy to send some pizza your way for your valuable time. I have zipped up binary along with library dependencies in the download link that follows along with a .txt inside that gives strings, strace, and ldd output which hopefully helps. Cheers! http://paste.c-net.org/RaquelBuffalo (SHA-256 .zip checksum: 517f4422d3b6ac36d20bfaedb5e80d094b834927e4901d9e15f4bf96c3482430)