Hello. The devicewas hacked by a known vulnerability. The admin was given - read, the new admin full. Protected bootloader is set and reformat-hold-button - 4:59.
After resetting by reset, fell into a cyclic reboot at the loading kernel stage (on LCD)
NetInstall is not detected. A console-COM connection gives the following:
That’s all. There is no timing for entering bios settings; frantic keystrokes do nothing.
When you hold the reset for 5 minutes and turn on the device, it displays the following:
RouterOS… cleanup
writing settings to flash…writing settings to flash…
Have you tried this 20s reset?
"Release the button after LED is no longer lit (~20 seconds) to cause a device to look for Netinstall servers "
Use a switch in between the CRS and the Netinstall PC and disabled firewall on the PC.
Follow the guide: https://wiki.mikrotik.com/wiki/Manual:Netinstall
the firewall is off, there is no antivirus. I think the thing is
“Warning: If you have set up Protected bootloader, then the reset button’s behaviour is changed. Make sure you remember the settings you used to set up the Protected bootloader, otherwise you will not be able to use Eterboot mode and will not be able to reset your device.”
Try to perform netinstall on another Mikrotik without problem so you can be sure you do it right…
Also check inside the wiki how we netinstall a device because since you said you tried every port then am not sure you do it correctly…
On the PC where Netinstall installed, I previously restored another device, so the problem with firewalls disappears. Why does it respond to a reset within 4:55, does the CleanUP and flash process begin, and is everything reset? So somewhere there is info about the Protected Bootloader.
By the way, there is another same patient with exactly the same hack, it works, but there are no admin rights, so I can’t do anything, just read. I’m afraid to reset it so far so as not to get another brick. The only thing that comes to mind while he is alive is to try to enter the BIOS through the console and put it into Etherboot mode. But the description on the wiki, Protected Boootloader disables the ability to run from the console and NetInstall.