Community discussions

MikroTik App
 
User avatar
soonwai
Member Candidate
Member Candidate
Topic Author
Posts: 186
Joined: Mon Feb 06, 2012 10:50 pm
Location: Kuala Lumpur

Very strange environment variables. Did I get hacked?

Fri Mar 03, 2017 6:18 am

This is so odd. At first I thought I was hacked and someone planted some scripts on my router.
It's on a RB2011UAS-2HnD on 6.39rc38. Still there on rc40. I don't recall seeing them in rc33.
No scripts scheduled. Freshly rebooted and I have these environment variables. Any ideas what they are?
They look like scripts? And some are quite long. If I delete them, they'll remain deleted until the next reboot.
Image

Here's a dump of the variables.
addConfLine={[]; {(eval [/{}] (eval [/global{name=$strConf}]) (eval [/global{name=$NL}]) (eval [/set{name=$strConf; value=( .  $strConf $1 $NL)}]))}}
addDescLine={[]; {(eval [/{}] (eval [/global{name=$strDesc}]) (eval [/global{name=$NL}]) (eval [/set{name=$strDesc; value=( .  $strDesc $1 $NL)}]))}}
allowDns={[]; {(eval [/{}] (eval [/global{name=$addConfLine}]) (eval [/global{name=$addDescLine}]) (<%% $addDescLine {(> $addDescLine); "#|     DNS: enabled;"}) (<%% $addConfLine {(> $addConfLine); " /ip dns {"}) (<%
% $addConfLine {(> $addConfLine); "     set allow-remote-requests=yes"}) (<%% $addConfLine {(> $addConfLine); "     static add name=router address=192.168.88.1"}) (<%% $addConfLine {(> $addConfLine); " }"}) (<%% $add
ConfLine {(> $addConfLine); ""}))}}
configMode=""
defconfMode=[:nothing]
dhcpEnabled=1
findNextSection={[]; {(eval [/{}] (eval [/local{name=$ret; value=0}]) (eval [/local{name=$tmp}]) (eval [/local{name=$ret; value=$2}]) (eval [/do{command={[]; (eval [/{}] (eval [/set{name=$tmp; value=(eval (eval [/pic
k{begin=$ret; counter=$1}]))}]) (eval [/set{name=$ret; value=(+ $ret 1)}]))}; while=(! (|| (~ $tmp "[- ]") (> $ret (eval (eval [/len{value=$1}])))))}]) (eval [/return{value=$ret}]))}}
getFeatureString={[]; {(eval [/{}] (eval [/global{name=$findNextSection}]) (eval [/local{name=$prefix; value=""}]) (eval [/local{name=$model; value=""}]) (eval [/local{name=$wireless; value=""}]) (eval [/local{name=$
other; value=""}]) (eval [/local{name=$end; value=0}]) (eval [/local{name=$tmp; value=""}]) (eval [/local{name=$pos; value=0}]) (eval [/local{name=$oldPos; value=0}]) (eval [/local{name=$isAp; value=0}]) (eval [/loca
l{name=$numSfp; value=0}]) (eval [/local{name=$numSfpPlus; value=0}]) (eval [/local{name=$numGig; value=0}]) (eval [/local{name=$numCombo; value=0}]) (eval [/local{name=$isLte; value=0}]) (eval [/set{name=$pos; value
=(eval (<%% $findNextSection {(> $findNextSection); $boardStr; $oldPos}))}]) (eval [/set{name=$prefix; value=(eval (eval [/pick{begin=0; counter=$boardStr; end=(- $pos 1)}]))}]) (eval [/if{condition=(~ $prefix "Route
rBOARD|Cloud"); do={[]; (eval [/{}] (eval [/set{name=$oldPos; value=$pos}]) (eval [/set{name=$pos; value=(eval (<%% $findNextSection {(> $findNextSection); $boardStr; $oldPos}))}]) (eval [/set{name=$model; value=(eva
l (eval [/pick{begin=$oldPos; counter=$boardStr; end=(- $pos 1)}]))}]))}}]) (eval [/if{condition=(~ $prefix "CRS"); do={[]; (eval [/{}] (eval [/set{name=$prefix; value="CloudRouterSwitch"}]) (eval [/set{name=$model; 
value=(eval (eval [/pick{begin=(+ $oldPos 3); counter=$boardStr; end=(- $pos 1)}]))}]))}; else={[]; (eval [/{}] (eval [/if{condition=(~ $prefix "RB"); do={[]; (eval [/{}] (eval [/set{name=$prefix; value="RouterBOARD"
}]) (eval [/set{name=$model; value=(eval (eval [/pick{begin=(+ $oldPos 2); counter=$boardStr; end=(- $pos 1)}]))}]))}; else={[]; (eval [/{}] (eval [/set{name=$prefix; value="RouterBOARD"}]) (eval [/set{name=$model; v
alue=(eval (eval [/pick{begin=$oldPos; counter=$boardStr; end=(- $pos 1)}]))}]))}}]))}}]) (eval [/if{condition=(= (eval (eval [/pick{begin=$pos; counter=$boardStr}])) "G"); do={[]; (eval (eval [/set{name=$pos; value=
(+ $pos 1)}]))}}]) (eval [/if{condition=(= (eval (eval [/pick{begin=$pos; counter=$boardStr}])) "A"); do={[]; (eval (eval [/set{name=$isAp; value=1}]) (eval [/set{name=$pos; value=(+ $pos 1)}]))}}]) (eval [/if{condit
ion=(= (eval (eval [/pick{begin=$pos; counter=$boardStr}])) "L"); do={[]; (eval [/{}] (eval [/if{condition=(= (eval (eval [/pick{begin=$pos; counter=$boardStr; end=(+ $pos 3)}])) "LTE"); do={[]; (eval [/{}] (eval [/s
et{name=$isLte; value=1}]) (eval [/set{name=$pos; value=(+ $pos 3)}]))}; else={[]; (eval [/{}] (eval [/set{name=$other; value="L"}]) (eval [/set{name=$pos; value=(+ $pos 1)}]))}}]))}}]) (eval [/local{name=$matched; v
alue=0}]) (eval [/local{name=$break; value=0}]) (eval [/do{command={[]; (eval [/{}] (eval [/set{name=$oldPos; value=$pos}]) (eval [/set{name=$pos; value=(eval (<%% $findNextSection {(> $findNextSection); $boardStr; $
oldPos}))}]) (eval [/set{name=$tmp; value=(eval (eval [/pick{begin=$oldPos; counter=$boardStr; end=(- $pos 1)}]))}]) (eval [/if{condition=(~ $tmp "LTE"); do={[]; (eval [/{}] (eval [/set{name=$isLte; value=1}]) (eval 
[/set{name=$break; value=1}]))}}]) (eval [/if{condition=(~ $tmp ( .  "^[0-9GPCS+]*" "$")); do={[]; (eval [/{}] (eval [/set{name=$matched; value=1}]) (eval [/if{condition=(~ $tmp "P"); do={[]; (eval [/{}] (eval [/set{
name=$numGig; value=(eval (eval [/pick{begin=0; counter=$tmp; end=(eval (eval [/find{in=$tmp; key="P"}]))}]))}]))}; else={[]; (eval [/{}] (eval [/if{condition=(~ $tmp "G"); do={[]; (eval [/{}] (eval [/set{name=$numGi
g; value=(eval (eval [/pick{begin=0; counter=$tmp; end=(eval (eval [/find{in=$tmp; key="G"}]))}]))}]))}; else={[]; (eval [/{}] (eval [/if{condition=(~ $tmp "C"); do={[]; (eval [/{}] (eval [/set{name=$numCombo; value=
(eval (eval [/pick{begin=0; counter=$tmp; end=(eval (eval [/find{in=$tmp; key="C"}]))}]))}]))}; else={[]; (eval [/{}] (eval [/if{condition=(~ $tmp ( .  "S" "\" "+" "$")); do={[]; (eval [/{}] (eval [/set{name=$numSfpP
lus; value=(eval (eval [/pick{begin=0; counter=$tmp; end=(eval (eval [/find{in=$tmp; key="S+"}]))}]))}]))}; else={[]; (eval [/{}] (eval [/set{name=$numSfp; value=(eval (eval [/pick{begin=0; counter=$tmp; end=(eval (e
val [/find{in=$tmp; key="S"}]))}]))}]))}}]))}}]))}}]))}}]))}; else={[]; (eval [/{}] (eval [/if{condition=(~ $tmp ( .  "^[0-9SHPacndDTQ]*" "$")); do={[]; (eval [/{}] (eval [/set{name=$matched; value=1}]) (eval [/set{n
ame=$wireless; value=( .  $wireless " " (eval (eval [/pick{begin=$oldPos; counter=$boardStr; end=$pos}])))}]))}}]))}}]) (eval [/if{condition=(= $matched 0); do={[]; (eval [/{}] (eval [/set{name=$other; value=( .  $ot
her (eval (eval [/pick{begin=$oldPos; counter=$boardStr; end=$pos}])))}]))}}]))}; while=(&& (< $pos (eval (eval [/len{value=$boardStr}]))) (= $break 0))}]) (eval [/return{value={isAp=$isAp; isLte=$isLte; model=$model
; numCombo=$numCombo; numGig=$numGig; numSfp=$numSfp; numSfpPlus=$numSfpPlus; other=$other; prefix=$prefix; wireless=$wireless}}]))}}
isNum={[]; {(eval [/{}] (eval [/return{value=(~ $1 "[0-9]")}]))}}
parseWirelessFeatures={[]; {(eval [/{}] (eval [/global{name=$isNum}]) (eval [/local{name=$frequency; value=""}]) (eval [/local{name=$isN; value=0}]) (eval [/local{name=$isAc; value=0}]) (eval [/local{name=$isAd; valu
e=0}]) (eval [/local{name=$chains; value="0"}]) (eval [/local{name=$band}]) (eval [/local{name=$tmp; value=0}]) (eval [/local{name=$pos; value=0}]) (eval [/local{name=$cardNext; value=0}]) (eval [/local{name=$outArra
y; value={w1={chains="0,1"; frequencyMode=2; isAc=0; isAd=0; isN=1}}}]) (eval [/do{command={[]; (eval [/{}] (eval [/set{name=$tmp; value=(eval (eval [/pick{begin=$pos; counter=$list}]))}]) (eval [/if{condition=(eval 
(<%% $isNum {(> $isNum); $tmp})); do={[]; (eval [/{}] (eval [/if{condition=(eval (<%% $isNum {(> $isNum); (eval (eval [/pick{begin=(+ $pos 1); counter=$list}]))})); do={[]; (eval [/{}] (eval [/set{name=$pos; value=(+
 $pos 1)}]) (eval [/set{name=$tmp; value=( .  $tmp (eval (eval [/pick{begin=$pos; counter=$list}])))}]))}}]) (eval [/if{condition=(> $cardNext 0); do={[]; (eval [/{}] (eval [/set{name=(-> $outArray ( .  "w" $cardNext
)); value={chains=$chains; frequencyMode=$frequency; isAc=$isAc; isAd=$isAd; isN=$isN}}]))}}]) (eval [/set{name=$frequency; value=(eval (eval [/tonum{value=$tmp}]))}]) (eval [/set{name=$cardNext; value=(+ $cardNext 1
)}]) (eval [/set{name=$isN; value=0}]) (eval [/set{name=$isAc; value=0}]) (eval [/set{name=$isAd; value=0}]) (eval [/set{name=$chains; value="0"}]))}}]) (eval [/if{condition=(~ $tmp "[SHP]"); do={[]; (eval [/{}])}}])
 (eval [/if{condition=(= $tmp "n"); do={[]; (eval (eval [/set{name=$isN; value=1}]))}}]) (eval [/if{condition=(= $tmp "a"); do={[]; (eval [/{}] (eval [/set{name=$tmp; value=( .  $tmp (eval (eval [/pick{begin=(+ $pos 
1); counter=$list}])))}]) (eval [/if{condition=(= $tmp "ac"); do={[]; (eval (eval [/set{name=$isAc; value=1}]) (eval [/set{name=$pos; value=(+ $pos 1)}]))}; else={[]; (eval [/{}] (eval [/if{condition=(= $tmp "ad"); d
o={[]; (eval [/{}] (eval [/set{name=$isAd; value=1}]) (eval [/set{name=$pos; value=(+ $pos 1)}]))}; else={[]; (eval [/{}] (eval [/log warning{message="defconf: Invalid 802.11 protocol, expected 'ac'"}]))}}]))}}]))}}]
) (eval [/if{condition=(= $tmp "D"); do={[]; (eval (eval [/set{name=$chains; value="0,1"}]))}}]) (eval [/if{condition=(= $tmp "T"); do={[]; (eval (eval [/set{name=$chains; value="0,1,2"}]))}}]) (eval [/if{condition=(
= $tmp "Q"); do={[]; (eval [/{}] (eval [/if{condition=(= $isAc 1); do={[]; (eval (eval [/set{name=$chains; value="0,1,2,3"}]))}; else={[]; (eval [/{}] (eval [/log warning{message="defconf: quad chains are only for 'a
c' boards"}]))}}]))}}]) (eval [/set{name=$pos; value=(+ $pos 1)}]))}; while=(< $pos (eval (eval [/len{value=$list}])))}]) (eval [/set{name=(-> $outArray ( .  "w" $cardNext)); value={chains=$chains; frequencyMode=$fre
quency; isAc=$isAc; isAd=$isAd; isN=$isN}}]) (eval [/return{value=$outArray}]))}}
setLan={[]; {(eval [/{}] (eval [/global{name=$addConfLine}]) (eval [/global{name=$addDescLine}]) (eval [/global{name=$dhcpEnabled}]) (<%% $addDescLine {(> $addDescLine); "#| LAN Configuration:"}) (eval [/if{condition
=(!= $switchPorts ""); do={[]; (eval [/{}] (eval [/local{name=$tmpSwitchPorts; value=""}]) (<%% $addConfLine {(> $addConfLine); " /interface ethernet {"}) (eval [/if{condition=(> $switchPortGroups 1); do={[]; (eval [
/{}] (eval [/foreach{counter={$i}; do={[]; (eval [/{}] (eval [/set{name=$tmpSwitchPorts; value=( .  (eval (eval [/pick{begin=0; counter=$i}])) " (master)")}]) (eval [/local{name=$tmpMasterName; value=( .  (eval (eval
 [/pick{begin=0; counter=$i}])) "-master")}]) (<%% $addConfLine {(> $addConfLine); ( .  "   set " (eval (eval [/pick{begin=0; counter=$i}])) " name=" $tmpMasterName ";")}) (eval [/for{counter=$j; do={[]; (eval [/{}] 
(eval [/set{name=$tmpSwitchPorts; value=( .  $tmpSwitchPorts ", " (eval (eval [/pick{begin=$j; counter=$i}])))}]))}; from=1; to=(- (eval (eval [/len{value=$i}])) 1)}]) (<%% $addDescLine {(> $addDescLine); ( .  "#|   
  switch group: " $tmpSwitchPorts)}) (eval [/for{counter=$j; do={[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); ( .  "   set " (eval (eval [/pick{begin=$j; counter=$i}])) " master-port=" $tmpMasterName ";")}))}
; from=1; to=(- (eval (eval [/len{value=$i}])) 1)}]))}; in=$switchPorts}]))}; else={[]; (eval [/{}] (eval [/set{name=$tmpSwitchPorts; value=( .  (eval (eval [/pick{begin=0; counter=$switchPorts}])) " (master)")}]) (e
val [/local{name=$tmpMasterName; value=( .  (eval (eval [/pick{begin=0; counter=$switchPorts}])) "-master")}]) (<%% $addConfLine {(> $addConfLine); ( .  "   set " (eval (eval [/pick{begin=0; counter=$switchPorts}])) 
" name=" $tmpMasterName ";")}) (eval [/for{counter=$i; do={[]; (eval [/{}] (eval [/set{name=$tmpSwitchPorts; value=( .  $tmpSwitchPorts ", " (eval (eval [/pick{begin=$i; counter=$switchPorts}])))}]))}; from=1; to=(- 
(eval (eval [/len{value=$switchPorts}])) 1)}]) (<%% $addDescLine {(> $addDescLine); ( .  "#|     switch group: " $tmpSwitchPorts)}) (eval [/for{counter=$i; do={[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); ( .
  "   set " (eval (eval [/pick{begin=$i; counter=$switchPorts}])) " master-port=" $tmpMasterName ";")}))}; from=1; to=(- (eval (eval [/len{value=$switchPorts}])) 1)}]))}}]) (<%% $addConfLine {(> $addConfLine); ( .  "
 }" $NL)}))}}]) (eval [/if{condition=(= $lanPort "bridge"); do={[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); " /interface bridge"}) (<%% $addConfLine {(> $addConfLine); ( .  "   add name=" $lanPort " disabled
=no auto-mac=yes protocol-mode=rstp comment=defconf;")}) (<%% $addConfLine {(> $addConfLine); " :local bMACIsSet 0;"}) (eval [/if{condition=(!= $wanPorts ""); do={[]; (eval [/{}] (eval [/local{name=$tmpWanPorts; valu
e=""}]) (eval [/foreach{counter={$i}; do={[]; (eval [/{}] (eval [/set{name=$tmpWanPorts; value=( .  $tmpWanPorts " || name~" """ $i """)}]))}; in=$wanPorts}]) (<%% $addConfLine {(> $addConfLine); ( .  " :foreach k in
=[/interface find where !(slave=yes " $tmpWanPorts " || name~" """ $lanPort """ ")] do={")}))}; else={[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); " :foreach k in=[/interface find where !(slave=yes)] do={"}))
}}]) (<%% $addConfLine {(> $addConfLine); ( .  "   :log info " """ "k: " "$" "k" """)}) (<%% $addConfLine {(> $addConfLine); ( .  "   :local tmpPortName [/interface get " "$" "k name];")}) (<%% $addConfLine {(> $addC
onfLine); ( .  "   :log info " """ "port: " "$" "tmpPortName" """)}) (<%% $addConfLine {(> $addConfLine); ( .  "   :if (" "$" "bMACIsSet = 0) do={")}) (<%% $addConfLine {(> $addConfLine); ( .  "     :if ([/interface 
get " "$" "k type] = " """ "ether" """ ") do={")}) (<%% $addConfLine {(> $addConfLine); ( .  "       /interface bridge set " """ $lanPort """ " auto-mac=no admin-mac=[/interface ethernet get " "$" "tmpPortName mac-ad
dress];")}) (<%% $addConfLine {(> $addConfLine); "       :set bMACIsSet 1;"}) (<%% $addConfLine {(> $addConfLine); "     }"}) (<%% $addConfLine {(> $addConfLine); "   }"}) (<%% $addConfLine {(> $addConfLine); "   /in
terface bridge port"}) (<%% $addConfLine {(> $addConfLine); ( .  "     add bridge=" $lanPort " interface=" "$" "tmpPortName comment=defconf;")}) (<%% $addConfLine {(> $addConfLine); " }"}))}}]) (eval [/if{condition=(
= $dhcpEnabled 1); do={[]; (eval [/{}] (eval [/if{condition=(= $dhcpMode 2); do={[]; (eval [/{}] (<%% $addDescLine {(> $addDescLine); "#|     DHCP Client: enabled on LAN port;"}) (<%% $addConfLine {(> $addConfLine); 
( .  "  /ip dhcp-client add interface=" $lanPort " disabled=no comment=" """ "defconf" """ ";")}))}; else={[]; (eval [/{}] (eval [/if{condition=(= $dhcpMode 1); do={[]; (eval [/{}] (<%% $addDescLine {(> $addDescLine)
; "#|     IP address 192.168.88.1/24 is set on LAN port"}) (<%% $addDescLine {(> $addDescLine); "#|     DHCP Server: enabled;"}) (<%% $addConfLine {(> $addConfLine); ( .  "   /ip pool add name=" """ "default-dhcp" ""
" " ranges=192.168.88.10-192.168.88.254;")}) (<%% $addConfLine {(> $addConfLine); "   /ip dhcp-server"}) (<%% $addConfLine {(> $addConfLine); ( .  "     add name=defconf address-pool=" """ "default-dhcp" """ " interf
ace=" $lanPort " lease-time=10m disabled=no;")}) (<%% $addConfLine {(> $addConfLine); "   /ip dhcp-server network"}) (<%% $addConfLine {(> $addConfLine); ( .  "     add address=192.168.88.0/24 gateway=192.168.88.1 co
mment=" """ "defconf" """ ";")}) (<%% $addConfLine {(> $addConfLine); ( .  "  /ip address add address=192.168.88.1/24 interface=" $lanPort " comment=" """ "defconf" """ ";")}))}; else={[]; (eval [/{}] (<%% $addConfLi
ne {(> $addConfLine); ( .  "  /ip address add address=192.168.88.1/24 interface=" $lanPort " comment=" """ "defconf" """ ";")}))}}]))}}]))}; else={[]; (eval [/{}] (<%% $addDescLine {(> $addDescLine); "#|     IP addre
ss 192.168.88.1/24 is set on LAN port"}) (<%% $addConfLine {(> $addConfLine); ( .  "  /ip address add address=192.168.88.1/24 interface=" $lanPort " comment=" """ "defconf" """ ";")}))}}]))}}
setWanPort={[]; {(eval [/{}] (eval [/global{name=$addConfLine}]) (eval [/global{name=$addDescLine}]) (eval [/global{name=$dhcpEnabled}]) (eval [/if{condition=(!= $wanPorts ""); do={[]; (eval [/{}] (eval [/local{name=
$tmpWanPorts; value=""}]) (<%% $addDescLine {(> $addDescLine); "#| WAN (gateway) Configuration:"}) (eval [/foreach{counter={$i}; do={[]; (eval [/{}] (eval [/set{name=$tmpWanPorts; value=( .  $tmpWanPorts $i " ")}]))}
; in=$wanPorts}]) (eval [/if{condition=(= $isLte 1); do={[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); "     /interface lte set [find] add-default-route=yes;"}))}; else={[]; (eval [/{}] (eval [/if{condition=(=
 $dhcpEnabled 1); do={[]; (eval [/{}] (eval [/foreach{counter={$i}; do={[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); ( .  "   /ip dhcp-client add interface=" $i " disabled=no comment=" """ "defconf" """ ";")}
))}; in=$wanPorts}]))}}]))}}]) (<%% $addDescLine {(> $addDescLine); ( .  "#|     gateway:  " $tmpWanPorts ";")}) (<%% $addDescLine {(> $addDescLine); "#|     firewall:  enabled;"}) (<%% $addDescLine {(> $addDescLine)
; "#|     NAT:   enabled;"}) (eval [/if{condition=(&& (= $isLte 0) (= $dhcpEnabled 1)); do={[]; (eval [/{}] (<%% $addDescLine {(> $addDescLine); "#|     DHCP Client: enabled;"}))}}]) (eval [/foreach{counter={$i}; do=
{[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); ( .  " /ip firewall nat add chain=srcnat out-interface=" $i " action=masquerade comment=" """ "defconf: masquerade" """)}))}; in=$wanPorts}]) (<%% $addConfLine {(
> $addConfLine); " /ip firewall {"}) (<%% $addConfLine {(> $addConfLine); ( .  "   filter add chain=input action=accept protocol=icmp comment=" """ "defconf: accept ICMP" """)}) (<%% $addConfLine {(> $addConfLine); (
 .  "   filter add chain=input action=accept connection-state=established,related comment=" """ "defconf: accept established,related" """)}) (eval [/foreach{counter={$i}; do={[]; (eval [/{}] (<%% $addConfLine {(> $ad
dConfLine); ( .  "   filter add chain=input action=drop in-interface=" $i " comment=" """ "defconf: drop all from WAN" """)}))}; in=$wanPorts}]) (<%% $addConfLine {(> $addConfLine); ( .  "   filter add chain=forward 
action=fasttrack-connection connection-state=established,related comment=" """ "defconf: fasttrack" """)}) (<%% $addConfLine {(> $addConfLine); ( .  "   filter add chain=forward action=accept connection-state=establi
shed,related comment=" """ "defconf: accept established,related" """)}) (<%% $addConfLine {(> $addConfLine); ( .  "   filter add chain=forward action=drop connection-state=invalid comment=" """ "defconf: drop invalid
" """)}) (eval [/foreach{counter={$i}; do={[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); ( .  "   filter add chain=forward action=drop connection-state=new connection-nat-state=!dstnat in-interface=" $i " comm
ent=" """ "defconf:  drop all from WAN not DSTNATed" """)}))}; in=$wanPorts}]) (<%% $addConfLine {(> $addConfLine); " }"}) (eval [/foreach{counter={$i}; do={[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); ( .  "
 /ip neighbor discovery set [find name=" """ $i """ "] discover=no")}))}; in=$wanPorts}]) (<%% $addConfLine {(> $addConfLine); " /tool mac-server disable [find];"}) (<%% $addConfLine {(> $addConfLine); " /tool mac-se
rver mac-winbox disable [find];"}) (eval [/if{condition=(!= $wanPorts ""); do={[]; (eval [/{}] (eval [/local{name=$tmpWanPorts; value=""}]) (eval [/foreach{counter={$i}; do={[]; (eval [/{}] (eval [/set{name=$tmpWanPo
rts; value=( .  $tmpWanPorts " || name~" """ $i """)}]))}; in=$wanPorts}]) (<%% $addConfLine {(> $addConfLine); ( .  " :foreach k in=[/interface find where !(slave=yes " $tmpWanPorts ")] do={")}))}; else={[]; (eval [
/{}] (<%% $addConfLine {(> $addConfLine); " :foreach k in=[/interface find where !(slave=yes)] do={"}))}}]) (<%% $addConfLine {(> $addConfLine); ( .  "   :local tmpName [/interface get " "$" "k name];")}) (<%% $addCo
nfLine {(> $addConfLine); ( .  "   /tool mac-server add interface=" "$" "tmpName disabled=no;")}) (<%% $addConfLine {(> $addConfLine); ( .  "   /tool mac-server mac-winbox add interface=" "$" "tmpName disabled=no;")}
) (<%% $addConfLine {(> $addConfLine); " }"}))}}]))}}
setWlan={[]; {(eval [/{}] (eval [/global{name=$addConfLine}]) (eval [/global{name=$addDescLine}]) (eval [/global{name=$wirelessAcEnabled}]) (eval [/local{name=$band}]) (eval [/local{name=$band2}]) (eval [/local{name=
$band5}]) (eval [/local{name=$freq; value=(-> $list "frequencyMode")}]) (eval [/local{name=$isAc; value=(-> $list "isAc")}]) (eval [/local{name=$isN; value=(-> $list "isN")}]) (eval [/local{name=$isAd; value=(-> $lis
t "isAd")}]) (eval [/local{name=$htChains; value=(-> $list "chains")}]) (eval [/if{condition=(&& (= $isAd 1) (= $wirelessAcEnabled 1)); do={[]; (eval [/{}] (<%% $addDescLine {(> $addDescLine); ( .  "#| wil" $ifc " Co
nfiguration:")}) (<%% $addDescLine {(> $addDescLine); ( .  "#|     mode:          " $mode ";")}) (<%% $addConfLine {(> $addConfLine); "  /interface wil {"}) (eval [/if{condition=(= $mode "slave"); do={[]; (eval [/{}]
 (<%% $addConfLine {(> $addConfLine); ( .  "    set wil" $ifc " mode=" $mode " disabled=no")}))}; else={[]; (eval [/{}])}}]) (<%% $addConfLine {(> $addConfLine); "  }"}))}; else={[]; (eval [/{}] (<%% $addConfLine {(>
 $addConfLine); "  /interface wireless {"}) (eval [/if{condition=(&& (= $isAc 1) (= $wirelessAcEnabled 1)); do={[]; (eval [/{}] (eval [/set{name=$band5; value="5ghz-a/n/ac"}]))}; else={[]; (eval [/{}] (eval [/if{cond
ition=(= $isN 1); do={[]; (eval (eval [/set{name=$band5; value="5ghz-a/n"}]))}; else={[]; (eval (eval [/set{name=$band5; value="5ghz-a"}]))}}]))}}]) (eval [/if{condition=(= $isN 1); do={[]; (eval (eval [/set{name=$ba
nd2; value="2ghz-b/g/n"}]))}; else={[]; (eval (eval [/set{name=$band2; value="2ghz-b/g"}]))}}]) (eval [/if{condition=(|| (= $freq 5) (= $freq 6) (= $freq 52)); do={[]; (eval (eval [/set{name=$band; value=$band5}]) [/
{}])}; else={[]; (eval (eval [/set{name=$band; value=$band2}]) [/{}])}}]) (eval [/local{name=$chains; value=""}]) (eval [/if{condition=(= $wirelessAcEnabled 1); do={[]; (eval [/{}] (eval [/set{name=$chains; value=( .
  "tx-chains=" $htChains " rx-chains=" $htChains)}]))}; else={[]; (eval [/{}] (eval [/set{name=$chains; value=( .  "ht-txchains=" $htChains " ht-rxchains=" $htChains)}]))}}]) (eval [/if{condition=(= $mode "disabled")
; do={[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); ( .  "  disable wlan" $ifc)}))}; else={[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); ( .  "    set wlan" $ifc " mode=" $mode " band=" $band " " $chain
s " " "\")}) (<%% $addConfLine {(> $addConfLine); ( .  "      disabled=no wireless-protocol=" $wProto " distance=" $distance)}))}}]) (eval [/if{condition=(|| (= $mode "ap-bridge") (= $mode "bridge")); do={[]; (eval [
/{}] (<%% $addConfLine {(> $addConfLine); ( .  "    :local wlanMac  [/interface wireless get wlan" $ifc " mac-address];")}) (<%% $addConfLine {(> $addConfLine); ( .  "    :set ssid " """ "MikroTik-" "$" "[:pick " "$"
 "wlanMac 9 11]" "$" "[:pick " "$" "wlanMac 12 14]" "$" "[:pick " "$" "wlanMac 15 17]" """)}) (<%% $addConfLine {(> $addConfLine); ( .  "    set wlan" $ifc " ssid=" "$" "ssid")}))}}]) (eval [/if{condition=(!= $freque
ncy ""); do={[]; (eval [/{}] (<%% $addConfLine {(> $addConfLine); ( .  "    set wlan" $ifc " frequency=" $frequency)}))}}]) (<%% $addDescLine {(> $addDescLine); ( .  "#| wlan" $ifc " Configuration:")}) (<%% $addDescL
ine {(> $addDescLine); ( .  "#|     mode:          " $mode ";")}) (<%% $addDescLine {(> $addDescLine); ( .  "#|     band:          " $band ";")}) (<%% $addDescLine {(> $addDescLine); ( .  "#|     ht-chains:     " $ht
Chains ";")}) (eval [/if{condition=(= $wirelessAcEnabled 1); do={[]; (eval [/{}] (eval [/if{condition=(= $mode "disabled"); do={[]; (eval [/{}])}; else={[]; (eval [/{}] (eval [/if{condition=(= $isAc 1); do={[]; (eval
 [/{}] (<%% $addDescLine {(> $addDescLine); "#|     ht-extension:  20/40/80mhz-Ceee;"}) (<%% $addConfLine {(> $addConfLine); ( .  "    set wlan" $ifc " channel-width=20/40/80mhz-Ceee ;")}))}; else={[]; (eval [/{}] (<
%% $addDescLine {(> $addDescLine); "#|     ht-extension:  20/40mhz-Ce;"}) (<%% $addConfLine {(> $addConfLine); ( .  "    set wlan" $ifc " channel-width=20/40mhz-Ce ;")}))}}]))}}]))}; else={[]; (eval [/{}] (<%% $addDe
scLine {(> $addDescLine); "#|     ht-extension:  20/40mhz-ht-above;"}) (<%% $addConfLine {(> $addConfLine); ( .  "    set wlan" $ifc " channel-width=20/40mhz-ht-above ;")}))}}]) (<%% $addConfLine {(> $addConfLine); "
  }"}))}}]))}}
strConf=""
strDesc=""
wirelessAcEnabled=1
wirelessEnabled=0
Last edited by soonwai on Fri Mar 03, 2017 7:49 am, edited 1 time in total.
 
User avatar
baragoon
Member Candidate
Member Candidate
Posts: 294
Joined: Thu Jan 05, 2017 10:38 am
Location: Kyiv, UA
Contact:

Re: Very strange environment variables. Did I get hacked?

Fri Mar 03, 2017 7:42 am

Same envs on latest rc
Image
 
User avatar
normis
MikroTik Support
MikroTik Support
Posts: 26287
Joined: Fri May 28, 2004 11:04 am
Location: Riga, Latvia

Re: Very strange environment variables. Did I get hacked?

Fri Mar 03, 2017 9:59 am

Make new user, delete old one, introduce some additional firewall rules in the "input" chain to block everyone except your own IP address where you are connecting from
 
User avatar
baragoon
Member Candidate
Member Candidate
Posts: 294
Joined: Thu Jan 05, 2017 10:38 am
Location: Kyiv, UA
Contact:

Re: Very strange environment variables. Did I get hacked?

Fri Mar 03, 2017 10:01 am

There is no logins to ssh, webfig or winbox except of my so this is a bug and not hacked device


Отправлено с моего iPhone используя Tapatalk
 
User avatar
mrz
MikroTik Support
MikroTik Support
Posts: 7038
Joined: Wed Feb 07, 2007 12:45 pm
Location: Latvia
Contact:

Re: Very strange environment variables. Did I get hacked?  [SOLVED]

Fri Mar 03, 2017 10:03 am

Do not worry these variables are from default script generator. Will be fixed in next RC.
 
User avatar
soonwai
Member Candidate
Member Candidate
Topic Author
Posts: 186
Joined: Mon Feb 06, 2012 10:50 pm
Location: Kuala Lumpur

Re: Very strange environment variables. Did I get hacked?

Fri Mar 03, 2017 11:25 am

Thanks baragoon, at least I'm not alone. Felt better when I read your post. :D
Thanks Normis for the advice, you had me worried there for awhile. :D
Thanks mrz for the info. No need to worry now. :D

Update: Fixed in 6.39RC41
 
SergeyMorozov
just joined
Posts: 17
Joined: Sun Apr 22, 2018 9:27 pm

Re: Very strange environment variables. Did I get hacked?

Sat May 19, 2018 12:43 pm

Same behavior on 6.43rc14
 # NAME               VALUE                                                                                             
 0 NL                 \r\n                                                                                              
 1 addConfLine        ;(eval / (eval /globalname=$strConf) (eval /globalname=$NL) (eval /setname=$strConf;value=( .  ...
 2 addDescLine        ;(eval / (eval /globalname=$strDesc) (eval /globalname=$NL) (eval /setname=$strDesc;value=( .  ...
 3 allowDns           ;(eval / (eval /globalname=$addConfLine) (eval /globalname=$addDescLine) (<%% $addDescLine (> $...
 4 bFail              1                                                                                                 
 5 configMode                                                                                                           
 6 dhcpEnabled        1                                                                                                 
 7 findNextSection    ;(eval / (eval /localname=$ret;value=0) (eval /localname=$tmp) (eval /localname=$ret;value=$2) ...
 8 getFeatureString   ;(eval / (eval /globalname=$findNextSection) (eval /localname=$prefix;value=) (eval /localname=...
 9 ipv6Enabled        0                                                                                                 
10 isNum              ;(eval / (eval /returnvalue=(~ $1 [0-9])))                                                        
11 lteDhcp            0                                                                                                 
12 nTemp              0                                                                                                 
13 parseWirelessFe... ;(eval / (eval /globalname=$isNum) (eval /localname=$frequency;value=) (eval /localname=$isN;va...
14 setAdminPass       ;(eval / (eval /globalname=$addConfLine) (eval /globalname=$addDescLine) (<%% $addDescLine (> $...
15 setInterfaceLists  ;(eval / (eval /globalname=$addConfLine) (eval /globalname=$addDescLine) (<%% $addConfLine (> $...
16 setLan             ;(eval / (eval /globalname=$defconfMode) (eval /globalname=$addConfLine) (eval /globalname=$add...
17 setModeButton      ;(eval / (eval /globalname=$addConfLine) (eval /globalname=$addDescLine) (<%% $addConfLine (> $...
18 setW60G            ;(eval / (eval /globalname=$addConfLine) (eval /globalname=$addDescLine) (eval /globalname=$wir...
19 setWanPort         ;(eval / (eval /globalname=$addConfLine) (eval /globalname=$addDescLine) (eval /globalname=$dhc...
20 setWlan            ;(eval / (eval /globalname=$addConfLine) (eval /globalname=$addDescLine) (eval /globalname=$wir...
21 strConf                                                                                                              
22 strDesc                                                                                                              
23 wirelessAcEnabled  1                                                                                                 
24 wirelessEnabled    0
 
colin
Frequent Visitor
Frequent Visitor
Posts: 74
Joined: Mon May 11, 2015 11:11 am

Re: Very strange environment variables. Did I get hacked?

Fri Sep 28, 2018 6:13 pm

Same behavior on 6.43.2.
See viewtopic.php?f=1&t=139682
 
User avatar
DimaFIX
just joined
Posts: 12
Joined: Wed Apr 18, 2018 7:46 pm
Location: Ukraine

Re: Very strange environment variables. Did I get hacked?

Mon Oct 29, 2018 1:42 am

Same problem in 6.43.4, hAP ac^2
 
enzain
just joined
Posts: 24
Joined: Wed Jan 17, 2018 9:15 pm

Re: Very strange environment variables. Did I get hacked?

Fri Mar 29, 2019 11:25 pm

Any news?
I have some variables on CHR 6.44.1
 
lexell
just joined
Posts: 10
Joined: Thu Jan 05, 2017 9:02 pm

Re: Very strange environment variables. Did I get hacked?

Wed Apr 08, 2020 8:25 pm

Experiencing the same on a hAP ac for the past few stable releases incl. v6.46.5. Not happening on a hAP lite though (both always upgraded to the same version in parallel). Might be triggered by something in the configuration - hAP ac has a more complex config, some startup scripts and also a few more packages.
 
User avatar
macsrwe
Forum Guru
Forum Guru
Posts: 1007
Joined: Mon Apr 02, 2007 5:43 am
Location: Arizona, USA
Contact:

Re: Very strange environment variables. Did I get hacked?

Thu Apr 09, 2020 3:34 pm

Freshly rebooted and I have these environment variables. Any ideas what they are?
They look like scripts? And some are quite long. If I delete them, they'll remain deleted until the next reboot.

They are global functions.

From the behavior you describe, your router executes a script on startup that defines global functions with those names. The "eval..." garbage is how functions are expressed as environment variables in ROS.
 
lexell
just joined
Posts: 10
Joined: Thu Jan 05, 2017 9:02 pm

Re: Very strange environment variables. Did I get hacked?

Fri Apr 10, 2020 4:59 pm

Freshly rebooted and I have these environment variables. Any ideas what they are?
They look like scripts? And some are quite long. If I delete them, they'll remain deleted until the next reboot.

They are global functions.

From the behavior you describe, your router executes a script on startup that defines global functions with those names. The "eval..." garbage is how functions are expressed as environment variables in ROS.

Don't think so, the few global vars my startup scripts set have very different (all expected and normal-looking) names and values.

I disabled all startup scripts and rebooted and these bogus variables were still generated (while the ones from the disabled startup scripts were indeed not).

Judging from the variables' content - especially the scripting snippets - they do indeed seem like unintended leakage from the inactive default config generator so the bug mrz mentioned fixing has probably returned somewhere around v6.43rc as experienced by others above, happening at least under some trigger conditions or on certain models.
 
User avatar
macsrwe
Forum Guru
Forum Guru
Posts: 1007
Joined: Mon Apr 02, 2007 5:43 am
Location: Arizona, USA
Contact:

Re: Very strange environment variables. Did I get hacked?

Sat Apr 11, 2020 3:03 am

My next suggestion was going to be for you to run

/system default-configuration script print

and peruse the output for matching strings, in case someone had established a non-standard default configuration on your router. But if mrz says this is a known bug, then it is.

(I bet if you ran the command anyway, you'd get a great bird's-eye view of what that bug is.)
 
lexell
just joined
Posts: 10
Joined: Thu Jan 05, 2017 9:02 pm

Re: Very strange environment variables. Did I get hacked?

Thu Apr 23, 2020 1:57 am

My next suggestion was going to be for you to run

/system default-configuration script print

and peruse the output for matching strings, in case someone had established a non-standard default configuration on your router. But if mrz says this is a known bug, then it is.

(I bet if you ran the command anyway, you'd get a great bird's-eye view of what that bug is.)

The output of that print is completely empty (as expected - noone else has access to the router and I don't use the default config setup at all, I always do a reset to a blank no-config state and only configure the desired fuctionality from scratch).

> /system default-configuration script print 
  script:

My variable names and values are pretty much identical to the others here with just minor cosmetic differences (e. g. addConfLine seems to have now been shortened to addCL and such) so I'm fairly convinced it's a bug that still happens under some conditions (not always - my other box is not affected). If I find some time I might play around to see if it could be a certain config section triggering it.
 
User avatar
macsrwe
Forum Guru
Forum Guru
Posts: 1007
Joined: Mon Apr 02, 2007 5:43 am
Location: Arizona, USA
Contact:

Re: Very strange environment variables. Did I get hacked?

Thu Apr 23, 2020 3:02 am

The output of that print is completely empty (as expected - noone else has access to the router and I don't use the default config setup at all, I always do a reset to a blank no-config state and only configure the desired fuctionality from scratch).
As do I, without fail, but not running the default configuration script at reset doesn't remove it from the router (it's still on all of mine). It's my understanding that the only way to affect the contents of the default configuration script is to supply a replacement one at netinstall time (which I did a few times, decided I didn't like the results, and no longer do). So it's curious to me that yours is blank... unless you did this at netinstall time.
 
lexell
just joined
Posts: 10
Joined: Thu Jan 05, 2017 9:02 pm

Re: Very strange environment variables. Did I get hacked?

Thu Apr 23, 2020 12:24 pm

The output of that print is completely empty (as expected - noone else has access to the router and I don't use the default config setup at all, I always do a reset to a blank no-config state and only configure the desired fuctionality from scratch).
As do I, without fail, but not running the default configuration script at reset doesn't remove it from the router (it's still on all of mine). It's my understanding that the only way to affect the contents of the default configuration script is to supply a replacement one at netinstall time (which I did a few times, decided I didn't like the results, and no longer do). So it's curious to me that yours is blank... unless you did this at netinstall time.

That's possible, I might have used netinstall on it way back (and tell it to not load anything default wherever possible - can't recall, it would have been years ago). However the script print is also blank on the other router which doesn't leak the variables on reboot so this doesn't seem to be the root cause - at least not by itself.
 
lexell
just joined
Posts: 10
Joined: Thu Jan 05, 2017 9:02 pm

Re: Very strange environment variables. Did I get hacked?

Mon Jun 08, 2020 10:17 am

shahani seems to have named the likely root cause of this in this ROS v6.47 release thread post:
Solution to Error while running customized default configuration script: no such item
Whenever you see this error when using wireless devices while booting
It's possible you have changed the pre-written Wireless Interface name
To solve this issue First you have to change your Wireless Interface(s) name to the pre-set.
wlan1,wlan2,wlan3....
And finally you must Reboot your device, after this your problem will be solved forever And after that you can personalize and change their name.

I can confirm this does work for me, at least while not upgrading the ROS version at the same time. The bug was indeed manifesting on only one of my default-config-script-blanked routers where the default wireless interface naming was also customized.
 
User avatar
anav
Forum Guru
Forum Guru
Posts: 18959
Joined: Sun Feb 18, 2018 11:28 pm
Location: Nova Scotia, Canada
Contact:

Re: Very strange environment variables. Did I get hacked?

Mon Jun 08, 2020 12:46 pm

Hi lexell, just to be sure you are saying that one has to rename the WIFI back to their original stock names, before upgrading and then change back after upgrading?
After reading about so many issues I am waiting for the patch LOL
 
User avatar
eworm
Forum Guru
Forum Guru
Posts: 1070
Joined: Wed Oct 22, 2014 9:23 am
Location: Oberhausen, Germany
Contact:

Re: Very strange environment variables. Did I get hacked?

Mon Jun 08, 2020 12:47 pm

Yes, except that you do not need to update. Just a reboot is sufficient.

Who is online

Users browsing this forum: GoogleOther [Bot] and 82 guests