Discussion stats
  • 39 replies
  • 22307 views
  • 5 kudos
  • 9 in conversation
Announcements

Top Contributors
Reply
Highlighted
Luminary

Enabling telnet on R7000

Hi there, I am tryning to enable telnet after installing the latest firmware (v1.0.9.12) by using both telnetenable and nte but nothing...

 

Any suggestions?

 

Thanks.

Message 1 of 40
Highlighted
Luminary

Re: Enabling telnet on R7000

On my R7800 if you go to:

 

http://routerlogin.net/debug.htm

 

There is an option box to check to enable Telnet.

 

I would assume it's simular on the R7000...

Message 2 of 40
Highlighted
Luminary

Re: Enabling telnet on R7000

Nope

 

Capture.JPG

Message 3 of 40
Highlighted
Sensei

Re: Enabling telnet on R7000

> [...] I am tryning to enable telnet after installing the latest
> firmware (v1.0.9.12) by using both telnetenable and nte but nothing...

   "nothing" is not an especially helpful description of anything.

   I don't have an experimental R7000 these days, but another user
claimed that setting the "admin" password helped:

      https://community.netgear.com/t5/x/x/m-p/1388903

   With a feature which Netgear doesn't acknowledge, it's hard to say if
this is a firmware bug (another firmware bug, that is), or an
intentional change.


> http://routerlogin.net/debug.htm

   Around here (D7000, V1.0.1.50_1.0.1), debug_mbm.htm has an
"EnableTelnetServer" button, but it leads to a pinkish "403 Forbidden"
page.  (More impressive Netgear router firmware.)  If you do get in,
then more exploration may find more things, such as:

# ls -l /www/*deb*
-rw-rw-r--    1 513      514           4279 Jun 22 07:59 /www/debug.htm
-rw-rw-r--    1 513      514           4627 Jun 22 07:59 /www/debug_mbm.htm
-rw-rw-r--    1 513      514            573 Jun 22 07:59 /www/debuginfo.htm

> I would assume [...]

   Always dangerous.

Message 4 of 40
Highlighted
Luminary

Re: Enabling telnet on R7000

FYI - I did a factory reset of the router and NTE then worked :-)

Message 5 of 40
Highlighted
Apprentice

Re: Enabling telnet on R7000

R7000P Nighthawk AC2300 Firmware Version V1.2.0.22_1.0.78

I was able to use the "UDP" modifications to telnetenable to enable telnet access, but it is wide open, with no authentication, on the Internet side.

That doesn't seem like a good idea.

The payload is "AMBIT_TELNET_ENABLE+" to enable it, but I don't see anybody commenting on how to disable it.

I tried "AMBIT_TELNET_ENABLE-", but that didn't do it.

 

Also, the router is always listening for UDP port 23 on the internet, so hacking this is dependent on your password.

I dislike that there is only one user, with an immutable name.  On Asus, I changed the name to a random string of characters.

 

Model: R7000P|Nighthawk AC2300 Smart WiFi Router with MU-MIMO
Message 6 of 40
Highlighted
Sensei

Re: Enabling telnet on R7000

> Also, the router is always listening for UDP port 23 on the internet,
> [...]

   If that's true, and it bothers you, then you might want to port-forward
external 23 to some nonexistent IP address/port.

Message 7 of 40
Highlighted
Apprentice

Re: Enabling telnet on R7000


@antinode wrote:

   If that's true, and it bothers you, then you might want to port-forward external 23 to some nonexistent IP address/port.


I forwarded 23 and 80 to a non-existent server.

I tried nmap from an external site, and nmap shows all 10000 ports fitered, but I think there is something odd going on.

Looking at R7000P logs, it might be that the R7000P is picking up nmap as a DoS attack, and masking any port scan.

I thought I had logged in to telnet from a cellular connection to my external address, but maybe ...  I don't know what I did, and I don't care to enable telnet again to see.

 

I also see that I am getting over ten hits per hour on port 23 from all over the world.  India, China, Brazil, Russia...
Only a few hits on port 22, and I wonder if, somehow, my forwarding of 23 to a non-existent server makes it more attractive than the port 22, which is ignored.  There is no listener on 23, but if it is being taken by the router, before it could be handled by the Port Forwarding...

Model: R7000P|Nighthawk AC2300 Smart WiFi Router with MU-MIMO
Message 8 of 40
Highlighted
Sensei

Re: Enabling telnet on R7000

> [...] I also see that I am getting over ten hits per hour on port 23
> from all over the world.  India, China, Brazil, Russia...
> Only a few hits on port 22, [...]

   I long ago quit using either 22 or 23 on my external address.  I
wouldn't worry about a shortage of attacks on 22; they'll come, I
predict.  I have only FTP and HTTP[S] on the standard ports, and the
automated FTP password guessers are sufficiently annoying.  (Free
advice: Never have a user name on your FTP server which looks like any
combination of your host and/or domain name.  Or "admin", ...)

> [...] There is no listener on 23, but if it is being taken by the
> router, before it could be handled by the Port Forwarding...

   Around here (D7000, V1.0.1.50_1.0.1), I have nothing configured for
22 or 23, and both time out when I try then at my external address from
my LAN.  That's not a true test from elsewhere, but it should work the
same.  That's with the LAN Telnet server enabled.

Message 9 of 40
Highlighted
Apprentice

Re: Enabling telnet on R7000

antinode said:
> I long ago quit using either 22 or 23 on my external address.

I don't have anything under my control listening on those ports.

> I wouldn't worry about a shortage of attacks on 22; they'll come, I predict.

 

Years ago, I saw hits on 22, followed by a flood from the same addresses within a few hours.

 

> I have only FTP and HTTP[S] on the standard ports, and the automated FTP password guessers are sufficiently annoying.

 

No ftp, only sftp, it's not on a standard port, and it is source-filtered in the Linux firewall.
I've actually stopped using it since I got VPN working on the previous router.
The only ports I want open are the VPN ports, and those are currently non-standard.
I was worried that the telnet-enable listener was listening externally, and telnet, too, if it were enabled.

Model: R7000P|Nighthawk AC2300 Smart WiFi Router with MU-MIMO
Message 10 of 40
Highlighted
Aspirant

Re: Enabling telnet on R7000

Hello,

I'm french, and you use a hard english words....

can you explain as easy possible way to enable "telnet"?

I want start my pc from out of home, and I need telnet to "add arp binding by telnet"...

Thank in advance to explain me how do telnet works for R7000 (last firmware on place)

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 11 of 40
Highlighted
Sensei

Re: Enabling telnet on R7000

> can you explain as easy possible way to enable "telnet"?

   Get one of the Telnet Enable programs, and run it?  I use this:
      http://antinode.info/nte
but there are others.


   If you use the NTE Windows executables which I built, then you may
also need to install the appropriate Microsoft Visual C++ 2010 SP1
Redistributable Package.  For details, see:

      https://community.netgear.com/t5/x/x/m-p/1388903

> I'm french, and you use a hard english words....

   We all have our problems.  (My French stops near "oui" and "non".)
If Google Translate doesn't help, then you may need to say what you are
reading, and which part is hard to understand.

Message 12 of 40
Highlighted
Aspirant

Re: Enabling telnet on R7000

Hello,
Thk for answer...

My pb is solved with telnet : my password ("netgearpower") was too long for telnet, and can't works.
For test, I changed it by "test", and immediatly works.

Now, my real pb begin... I want WoL by internet with this router, but he doesn't havearp binding, and i need to pass by telnet.
The only subject for that is lock.
I open new...

Message 13 of 40
Highlighted
Sensei

Re: Enabling telnet on R7000

> My pb is solved with telnet : my password ("netgearpower") was too long
> for telnet, and can't works.
> For test, I changed it by "test", and immediatly works.

   Hmmm.  The password field in the TelnetEnable programs seems to allow
32 characters.  The actual Telnet server might have a different limit.
I haven't tried more than 8, and many things are possible, especially
with Netgear firmware.

   One user did report success after resetting his router.  It's also
possible that any change to the password would help.


> I open new...

      https://community.netgear.com/t5/x/x/m-p/1456566

Message 14 of 40
Highlighted
Aspirant

Re: Enabling telnet on R7000

Resetting dont have help me...
I try with the default password ("password"), I try to change to my "long" password, and always not works...
i rebooting... not works... And finally, I try "short" password, and succes.

Message 15 of 40
Highlighted

Re: Enabling telnet on R7000

Hi,
I had the same problem with my R7000 (Firmware Version V1.0.9.14_1.2.25) but researching on Google I found the solution!
At this link you can find a guide to download the best program for your router and then, running it by the terminal, you will have access to the telnet terminal.
I hope this could be helpful for you and others people with the same problem Smiley Very Happy

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 16 of 40
Highlighted
Sensei

Re: Enabling telnet on R7000

> [...] a guide to download the best program for your router [...]

   Define "best".  I don't claim that my "nte" solves all problems for
all people, but at least it's clever enough to accept a MAC address with
colons and lower-case characters, and to listen for and report the ACK
reply from the router after sending the command, instead of saying
(hopefully) that "Telnet should be enabled."  It may or may not work,
but it has some clue about whether it did or didn't.

Message 17 of 40
Highlighted

Re: Enabling telnet on R7000

I'm sorry if you've personally felt hurt for the word “best”...don't worry dude, no one want to diminish you program: simply i said that he can choose the program that fit more for his router’s model from that website.
Furthermore, the program I mentioned is compatible with both Mac OS and Linux as well as Windows.
True, it does’t give you a precise result but I tested it with both Windows and Max Os and it had works every time.
For this facts I recommend to use that program, if someone prefer to try your work, no problem, it’s the same.
Peace
Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 18 of 40
Highlighted
Aspirant

Re: Enabling telnet on R7000

My model is not listed. I am using D7000v2. Debug.htm is not working.

Message 19 of 40
Highlighted
Sensei

Re: Enabling telnet on R7000

> My model is not listed.

   Where?  In this thread?

> I am using D7000v2. Debug.htm is not working.

   I'm not amazed, but "not working" is not a useful problem
description.  It does not say what you did.  It does not say what
happened when you did it.  As usual, showing actual actions with their
actual results (error messages, ...) can be more helpful than vague
descriptions or interpretations.

   On my D7000[v1] (V1.0.1.64_1.0.1), there's a "Module Debug" page,
"/debug_mbm.htm", with an "Enable Telnet Server" control which does
nothing obvious, other than leading to a "403 Forbidden" error page.  As
explained above, I use that "nte" program.

Message 20 of 40
Highlighted
Retired_Member
Not applicable

Re: Enabling telnet on R7000

There used to be a "/debughiddenpage.htm" however netgear recently removed this, you can still enable it via "/debug.htm". It's just commented out, and you can use your browser to re-enable the button. Full functionality.

 

Message 21 of 40
Highlighted
Aspirant

Re: Enabling telnet on R7000

Where plz?

 

Model: R7000|Nighthawk AC1900 Dual Band WiFi Router
Message 22 of 40
Highlighted
Retired_Member
Not applicable

Re: Enabling telnet on R7000

Look at the page source with your browsers console. But if you don't know how to edit pages on the fly I wouldn't recommend enabling telnet.

 

Message 23 of 40
Highlighted
Sensei

Re: Enabling telnet on R7000

> [...] But if you don't know how to edit pages on the fly I wouldn't
> recommend enabling telnet.

   I would not rank knowledge of HTML and HTML tools very high on a list
of useful skills for dealing with either Telnet itself or a GNU/Linux
shell environment.

Message 24 of 40
Highlighted
Retired_Member
Not applicable

Re: Enabling telnet on R7000

The point of me saying that was, they shouldn't be messing around with a shell if they can't figure out how to view and edit a page source.

 

Plus telnet is trash, just attach via serial.

serial.png

 

Message 25 of 40