elseif / mikrotikpatch Goto Github PK

Hi,
I cloned this repo to try it by my self,
I generated some key with this script (got it in the discord)

from toyecc import AffineCurvePoint, getcurvebyname, FieldElement,ECPrivateKey,ECPublicKey,Tools

def generate_eddsa_keypair():
    curve = getcurvebyname("Ed25519")   
    private_key = ECPrivateKey.eddsa_generate(curve)
    return private_key.eddsa_encode(), private_key.pubkey.eddsa_encode()

def generate_kcdsa_keypair():
    curve = getcurvebyname("Curve25519")   
    private_key = ECPrivateKey.generate(curve)
    return Tools.inttobytes_le(private_key.scalar, 32), Tools.inttobytes_le(int(private_key.pubkey.point.x), 32)

if __name__ == '__main__':
    eddsa_private_key, eddsa_public_key = generate_eddsa_keypair()
    kcdsa_private_key, kcdsa_public_key = generate_kcdsa_keypair()
    print(f'CUSTOM_NPK_SIGN_PRIVATE_KEY: {eddsa_private_key.hex().upper()}')
    print(f'CUSTOM_NPK_SIGN_PUBLIC_KEY: {eddsa_public_key.hex().upper()}')
    print(f'CUSTOM_LICENCE_PRIVATE_KEY: {kcdsa_private_key.hex().upper()}')
    print(f'CUSTOM_LICENCE_PUBLIC_KEY: {kcdsa_public_key.hex().upper()}')

it return a pair of keys

python3 generateKey.py
CUSTOM_NPK_SIGN_PRIVATE_KEY: 8054108EB3861B4BD2C7545A048CAF5F661DB8632EE2C4B74A826FC0DC6E42E2
CUSTOM_NPK_SIGN_PUBLIC_KEY: 41C35CE97135195A84D41CBD5AD20BE347D519BF48EA4A78BC44E045611AC72C
CUSTOM_LICENCE_PRIVATE_KEY: 509C747AB645CEFA0CC3DFF49C28615711DD3E750D2FC51763CB8AEDC2788005
CUSTOM_LICENCE_PUBLIC_KEY: 05BB2C697958AA4E409E93005659ED17A2CA20EB1123292DDA70A59EF8393802

but I can't get workflow to work

大佬能发个7.8的吗？感谢！

下载了chr-6.49.15.img安装到阿里云后是否可以直接在线授权？

ISO用Ventoy引导安装不成功
PE里用IMG写盘工具写入img镜像也不成功

请问如果要自己进行降级,需要做什么设置,??

在线更新会提示broken package，只能下载patch后的镜像手动上传更新，这部分能否优化下

求 arm版本

使用netinstall安装方式 提示

请教下如何正确安装
x86平台

尝试了几次，上传了软件包，重启后就没了，packages里也不显示

7.x用不了wifi网卡 ，6.x有kvmv虚拟机比较好用

比如Zerotier？

不明觉厉，请求解惑

发现v7的版本把kvm给移除了，取而代之的是container

As we can generate our proper key, and proper image with our key, in order we also need the keygen, but this one is not opensourced

因为需要部署到PVE或者Esxi上面，但是缺少Qemu-GA或者VM-tools组件，导致虚拟机无法正常关机

本来已经有routerboard了，就不必用这个了吧。
但只有替换了公钥才有可能获取到shell。
试了用netinstall安装到routerboard上，好象还是原来的公钥。

Hello
I have installed patched version of npk by patched netinstall but the router doesn’t boot up and had a restart loop
If i install original file via original netinstall it worked fine
Any idea ?

In your pipeline, there is some env using private/public key

      LATEST_VERSION_URL: 'https://upgrade.mikrotik.com/routeros/NEWESTa7.stable'
      LATEST_VERSION: "7.15"
      CUSTOM_LICENSE_PRIVATE_KEY: ${{ secrets.CUSTOM_LICENSE_PRIVATE_KEY }}
      CUSTOM_LICENSE_PUBLIC_KEY: ${{ secrets.CUSTOM_LICENSE_PUBLIC_KEY }}
      CUSTOM_NPK_SIGN_PRIVATE_KEY: ${{ secrets.CUSTOM_NPK_SIGN_PRIVATE_KEY }}
      CUSTOM_NPK_SIGN_PUBLIC_KEY: ${{ secrets.CUSTOM_NPK_SIGN_PUBLIC_KEY }}
      MIKRO_LICENSE_PUBLIC_KEY: ${{ secrets.MIKRO_LICENSE_PUBLIC_KEY }}
      MIKRO_NPK_SIGN_PUBLIC_LKEY: ${{ secrets.MIKRO_NPK_SIGN_PUBLIC_LKEY }}

what kind of key is it ?
As I saw you used toyecc I guess it could be

• ECDSA
• ECIES
• ECDH
• Elgamal
• Ed25519
• Curve25519

the question is which one ?

ty for your work :)

• Problem 1: Many regions in China have started using vBRAS, but the DUID is not in the format defined by RFC, so it is directly rejected by ROS.
  log report: Bad server DUID

• Problem 2: A custom DUID is provided through DHCP CLIENT OPTIONS, but ROS also considers it unusable.
  log report: Bad client duid

可以指定版本来跑workflows么？
如题哈，另外就是想问一下，是不是群友啊？

#14 (comment)

seriously ? In this case just put don't half of the exploit in opensource, just closes it, let's go, add everything except keygen.zip in .gitignore

我设置了一下admin用户的密码，现在admin只能是在admin组别，无法更改到full组别，我看系统默认有一个用户名是system的是full组别的，请问这个System账号的密码是多少？谢谢

使用github最新chr-x86-7.15.2镜像，无法在线更新，stable更新到test，状态为卡在load。。。

#9 (comment)

Then can we have the source code to generate our own certificat with our own key please ?

arm mips架构的可以替换私钥吗？

感谢作者无私奉献🙏