Iko kugona kudzikisa kure kure midziyo yakavakirwa paRouterOS (Mikrotik) inoisa mazana ezviuru zvetiweki zvishandiso panjodzi. Kusagadzikana kwakabatana nehupfu hweDNS cache yeWinbox protocol uye inobvumidza iwe kurodha zvechinyakare (nedefault password reset) kana yakagadziridzwa firmware pamudziyo.
Mashoko ekusagadzikana
Iyo RouterOS terminal inotsigira chirevo chekugadzirisa cheDNS kutarisa.
Chikumbiro ichi chinobatwa nebhinari inonzi solver. Resolver ndeimwe yemabhinari akawanda anobatana neRouterOS's Winbox protocol. Padanho repamusoro, "meseji" inotumirwa kuWinbox port inogona kuendeswa kune akasiyana mabhinari muRouterOS zvichibva pane array-based maning scheme.
Nekumisikidza, RouterOS ine iyo DNS server chimiro chakadzimwa.
Zvisinei, kunyange kana basa revhavha rakavharwa, router inochengetedza DNS cache yayo.
Patinoita chikumbiro tichishandisa winbox_dns_request semuenzaniso.com, iyo router inochengeta mhedzisiro.
Sezvo isu tichigona kutsanangura iyo DNS server iyo iyo chikumbiro inofanira kuenda nayo, kuisa kero isiriyo idiki. Semuenzaniso, unogona kugadzirisa DNS server kuita kubva kuti ugare uchipindura neA rekodhi rine IP kero 192.168.88.250.
def dns_response(data):
request = DNSRecord.parse(data)
reply = DNSRecord(DNSHeader(
id=request.header.id, qr=1, aa=1, ra=1), q=request.q)
qname = request.q.qname
qn = str(qname)
reply.add_answer(RR(qn,ttl=30,rdata=A("192.168.88.250")))
print("---- Reply:n", reply)
return reply.pack()Zvino kana ukatsvaga semuenzaniso.com uchishandisa Winbox, unogona kuona kuti iyo router's DNS cache ine chepfu.
Ehe, chepfu example.com haina kunyanya kubatsira sezvo router isingazoishandise. Zvisinei, router inoda kuwana upgrade.mikrotik.com, cloud.mikrotik.com, cloud2.mikrotik.com uye download.mikrotik.com. Uye nekuda kwekumwe kukanganisa, zvinokwanisika kuvaisa muchetura vese kamwechete.
def dns_response(data):
request = DNSRecord.parse(data)
reply = DNSRecord(DNSHeader(
id=request.header.id, qr=1, aa=1, ra=1), q=request.q)
qname = request.q.qname
qn = str(qname)
reply.add_answer(RR(qn,ttl=30,rdata=A("192.168.88.250")))
reply.add_answer(RR("upgrade.mikrotik.com",ttl=604800,
rdata=A("192.168.88.250")))
reply.add_answer(RR("cloud.mikrotik.com",ttl=604800,
rdata=A("192.168.88.250")))
reply.add_answer(RR("cloud2.mikrotik.com",ttl=604800,
rdata=A("192.168.88.250")))
reply.add_answer(RR("download.mikrotik.com",ttl=604800,
rdata=A("192.168.88.250")))
print("---- Reply:n", reply)
return reply.pack()Iyo router inokumbira mvumo imwe, uye isu tinopa mashanu kumashure. Router haina cache ese aya mhinduro nemazvo.
Zviripachena, kurwiswa uku kunobatsirawo kana iyo router ichiita seDNS server, sezvo ichibvumira vatengi veiyo router kurwiswa.
Uku kurwiswa zvakare kunobvumidza iwe kuti ushandise yakawedzera kusadzikama: kudzikisa kana backport iyo vhezheni yeRouterOS. Anorwisa anodzoreredza mantiki eiyo server yekuvandudza, kusanganisira iyo changelog, uye inomanikidza RouterOS kuti ione iyo yekare (inokanganisa) vhezheni seyazvino. Ngozi iri pano iri pakuti kana iyo vhezheni "yakagadziridzwa", password yemutungamiriri inodzoserwa kune iyo default kukosha - anorwisa anogona kupinda muhurongwa nepassword isina chinhu!
Kurwisa kuri kushanda, kunyangwe zvakadaro inoshandisa mamwe mavheji akati wandei, kusanganisira ayo ane hukama ne , asi iyi yatove nzira isina basa uye kushandiswa kwayo kune zvisiri pamutemo hakuna pamutemo.
kudzivirira
Kungodzima Winbox kunoita kuti uzvidzivirire kubva mukurwiswa uku. Pasinei nekureruka kwekutonga kuburikidza neWinbox, zviri nani kushandisa iyo SSH protocol.
Source: www.habr.com