The following is the correct syntax needed to send a message to Microsoft Teams from a Mikrotik router. You will need a valid Teams webhook to send to.
Change “Test Message” out for your message. You should receive a “status: finished” response.
/tool fetch http-method=post http-header-field="Content-Type: application/json" http-data="{\"text\": \"Test Message\"}" url=https://domain.webhook.office.com/webhook/long/string
The following can be added to the .htaccess file to redirect all http request to https.
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
RewriteEngine On – Allows the rewrite capabilities. If it was off, the last rule “RewriteRule” would not work.
RewriteCond – This is a conditional that says if the current request is using HTTPS, don’t rewrite. If this option was not here, we would get an infinite redirect loop.
RewriteRule – This is the actual rule that rewrites or redirects any HTTP request to HTTPS. the R=301 means that it redirects using a 301 status code.
The following links provide more detail and info on htaccess redirects.
https://linuxize.com/post/htaccess-force-https/
https://www.redhat.com/sysadmin/beginners-guide-redirects-htaccess
Ubiquiti Airmax gear has tcpdump included. We can easily use it to capture packets to a file and then use SCP from the device to copy the file for analysis.
SSH to the device
ssh ubnt@192.168.1.20 cd /tmp/
Start tcpdump with the following command. Change ath0 and file.cap to the appropriate interface and file name.
tcpdump -i ath0 -w file.cap
After we are done collecting, we can quit with ctrl + c
Now we can use scp or sftp to copy the files off. There is an issue using scp or sftp from a normal Linux machine to the radio, fails with a “sh: /usr/libexec/sftp-server: not found”. It works fine if you initiate scp from the radio.
scp /tmp/file.cap username@remoteip:~/
A Simple Python script to blink a Raspberry Pi LED.
import RPi.GPIO as GPIO
from time import sleep
GPIO.setwarnings(False)
GPIO.setmode(GPIO.BOARD) # Uses the physical pin numbering
GPIO.setup(7, initial=GPIO.LOW) # Set GPIO pin to off
while True:
GPIO.output(7, GPIO.HIGH)
sleep(0.2)
GPIO.output(7, GPIO.LOW)
sleep(0.2)
Change pin numbers as needed.
We can also do this with BASH.
Open up FileZilla, for to the Site Manager, right click on the entry you want, and export it. This will export all the settings for the site(s).
Once exported, open the XML file. Look for the Pass encoding field. Copy the base64 encoded password. Its the text highlighted in yellow. Yours should be longer.
Decode base64 encoded password. We can do this using the built in linux base64 utility. You can use also use python.
echo -n dWJudA== | base64 -d && echo ""
Result returns the password which is “ubnt”
Scripting in Mikrotiks can be a little interesting. This is a quick syntax note for using the foreach command to delete all simple queues.
:foreach queue in=[/queue/simple/find ] do={/queue/simple/remove $queue}
Installing Madmax plotter on Fedora/CentOS8/AlmaLinux etc is fairly easy, but doesn’t have instructions on the GitHub page for CentOS 8 or later.
First we need to install the following dependencies
sudo dnf install gmp-devel libsodium libsodium-static
Now we can proceed to install Madmax like normal.
git clone https://github.com/madMAx43v3r/chia-plotter cd chia-plotter git submodule update --init bash make_release.sh sudo mv build/chia_plot /usr/bin
Run Madmax with
chia_plot --help
Under the Details it was complaining about VirtualBox.xml
Looking in Windows Explorer in the .VirtualBox folder
C:\Users\Username\.VirtualBox
it shows that the VirtualBox.xml file being empty. Delete the file. Reinstall VirtualBox. Now go to your VM’s in
C:\Users\Username\VirtualBox VMs
Open up the VM folder and double click on the “Virtual Machine Definition” file to “reimport” them into VirtualBox.
Here are the commands you’ll need to harden SSH on your Mikrotik Routers. It looks like it still can use SSH-RSA, but it does get rid of most of the weaker crytpo algorithms.
/ip/ssh/set strong-crypto=yes allow-none-crypto=no always-allow-password-login=no host-key-size=4096
We’ll want to regenerate the Host Key now that the settings have been changed.
/ip/ssh/regenerate-host-key
It will prompt to enter [y/N] to confirm that you actually want to regenerate the host key. Hit y
After your done, you can use something like ssh-audit to check your equipment.
https://www.ssh-audit.com/
Further hardening information is available at the following link.
https://wiki.mikrotik.com/wiki/Manual:Securing_Your_Router
For clarity of instructions, we will use the following terminology.
Server = Remote system, typically like a web server
Client = Local system, the computer/vm you are using
Run the following command on the server.
cat file.txt | nc -l -p 1234
Now on the client we can download the file with the following. Change the IP to the Server IP address
nc 192.168.1.20 1234 > file.txt
If we want to reverse this, aka. send a file from the client to the server, we can do the following
This will write the file to file.txt
nc -l -p1234 -q 1 > file.txt < /dev/null
Send file.txt to 192.168.1.20. Change the file and IP address as needed.
cat file.txt | nc 192.168.1.20 1234
https://superuser.com/questions/98089/sending-file-via-netcat