hotab
commented
2 years ago Hey! Good suggestion.
I will probably prepare a better readme later down the line. On that note - what would be other things that might be missing outside of that?
Thanks.
Open briantopping opened 2 years ago
hotab
commented
2 years ago Hey! Good suggestion.
I will probably prepare a better readme later down the line. On that note - what would be other things that might be missing outside of that?
Thanks.
briantopping
commented
2 years ago Hi again, when I tried to run it last night, came across an auth file that presumably needed a password. I gave up, I think I bought my Mikrotik after they had patched the problem anyway.
At the very least, take a fresh machine and do a screen capture video of how to set it up and run it. If the screen is readable, it doesn't matter if your voice is intelligible or not, though it helps.
justinpitts
commented
2 years ago Thank you for this tool.
I would make this as explicit and as easy as possible. The easier it is, the more people will use it.
Spell out the command line for installing the python dependencies.
Spell out the steps for cloning the routeros repo, swapping in the correct .cpp file, building, and renaming the execuatble to the right name and place.
matt17r
commented
2 years ago To help you understand how Dummies™* think, here's what I just tried to get this working:
.cpp files and figured I needed to compile something. Started to get a bit nervous./meris_checker.py:The file './meris_checker.py' is not executable by this userchmod +x meris_checker.py and ried to run it again with ./meris_checker.py:
Received a bunch of weird ImageMagick errors (because it was treating it like a shell script and import is an ImageMagick command)python meris_checker.py
File "meris_checker.py", line 22
def make_binary_executable(name: str):
^
SyntaxError: invalid syntaxpython --version → 2.7.18python3 meris_checker.py
Traceback (most recent call last):
File "<snip>/meris_checker.py", line 9, in <module>
import routeros_api
ModuleNotFoundError: No module named 'routeros_api'pip install routeros_api → Unknown command: pippip3 install routeros_api → Success (with a bunch of scary homebrew warnings)python3 meris_checker.py → `ModuleNotFoundError: No module named 'paramiko'pip3 install paramiko → Success (with a bunch of scary homebrew warnings)python3 meris_checker.py →
usage: meris_checker.py [-h] (--ip IP [IP ...] | --ipfile IPFILE) [--threads THREADS]
meris_checker.py: error: one of the arguments --ip --ipfile is requiredpython3 meris_checker.py --ip 10.10.99.254 →
Traceback (most recent call last):
File "<snip>/meris_checker.py", line 212, in <module>
make_binary_executable('btw')
File "<snip>/meris_checker.py", line 23, in make_binary_executable
st = os.stat(name)
FileNotFoundError: [Errno 2] No such file or directory: 'btw'* I'm using Dummies self-deprecatingly and I suspect the OP was too. I hope I haven't offended anyone by using the term. I find it best not to assume people are dumb, but to remember that they probably lack my context and experience and so they think differently to how I do. Due to the Curse of Knowledge, it's probably blindingly obvious to the author how to use this tool but as a harried ICT Manager with only a passing familiarity with Python (and no experience with C++) I have no idea where to even begin.
mlepard
commented
2 years ago Reviewing this blog post from Mikrotik about the Meris botnet may help address some issues. https://blog.mikrotik.com/security/meris-botnet.html
briantopping
commented
2 years ago I read that blog and got some idea of what was going on. That's when I gave up.
Can only offer what I know: Create instructions that can be pasted to the command line or at least create a video that covers the steps. If it's easier to live with Meris on my router because I can't get this code working, that's likely to be the result.
Apologies for the cold water on your work. You've done the most of it, it's worth doing just a bit more to get it across the line.
Cheers
hotab
commented
2 years ago Don't worry. This is actually good feedback. I will come back to this next week.
thomax-thomasj
commented
2 years ago The following worked for me on Ubuntu 20.04.3
I may have ended up including a couple of extra libraries than strictly needed, but no real harm in this case
Arapacana
commented
2 years ago Hmm, well I have Ubuntu 20.04.3 and tried Thomax-thomasj's instructions, got to the gcc compiling line and it freaked on me with a zillion "stray ‘\302’ in program" errors like below:
In file included from stage1_main.cpp:36:
winbox_session.hpp:107:48: error: stray ‘\302’ in program
107 | <title>routeros/winbox_session.hpp at master · tenable/routeros · GitHub</title>
| ^I've never used gcc before... what am I doing wrong?
Thanks
overclocked555
commented
2 years ago Some more details (Ubuntu 20.04.4 LTS):
sudo apt update
sudo apt install git python3 python3-pip gcc build-essential libboost-all-dev -y
pip3 install RouterOS-api paramiko
git clone https://github.com/eclypsium/mikrotik_meris_checker.git
cd mikrotik_meris_checker
curl https://codeload.github.com/tenable/routeros/tar.gz/master | tar -xz --strip=2 routeros-master/common
gcc stage1_main.cpp winbox_session.cpp winbox_message.cpp md5.cpp session.cpp -lboost_thread -lboost_system -lboost_program_options -lpthread -lstdc++ -o btw
gcc stage2_main.cpp winbox_session.cpp winbox_message.cpp md5.cpp session.cpp -lboost_thread -lboost_system -lboost_program_options -lpthread -lstdc++ -o btw_stage2
python3 meris_checker.py --ip my.ip.to.test
cat exploited.csv
Hi thanks for creating this! 👍
Could you include some instructions for people that might understand that
req.txthas some importance, but not exactly know what to do without googling it?Thanks!