Professional Documents
Culture Documents
Filed under: Mikrotik Related — Tags: forgotten password recovery, mikrotik admin password recovery,
mikrotik forgotten password, mikrotik password recovery, mikrotik routerboard password recovery — Syed
Jahanzaib / Pinochio~:) @ 12:24 PM
i
35 Votes
According to information on Mikrotik WIKI and forums, it is not possible to recover the passwords without
loosing configuration.
However following are few methods to recover it.
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 1/13
4/2/2014 Howto Recover Mikrotik ADMIN account Forgotten Password | Syed Jahanzaib Personnel Blog to Share Knowledge !
3# Recover password by mounting Mikrotik Hard disk in Linux LIVE CD and do recovery
You can easily recover your forgotten password if you have BACKUP file.
Backup file is done by following command.
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 2/13
4/2/2014 Howto Recover Mikrotik ADMIN account Forgotten Password | Syed Jahanzaib Personnel Blog to Share Knowledge !
Simple enough ??
1 mkdir /temp
2 cd /temp
3 wget http://manio.skyboo.net/mikrotik/mtpass-0.7.tar.bz2
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 3/13
4/2/2014 Howto Recover Mikrotik ADMIN account Forgotten Password | Syed Jahanzaib Personnel Blog to Share Knowledge !
Now copy your Mikrotik Backup File to /temp folder ( Either using WEBMIN File Manager, via USB or
any other method you like)
Now Issue the following command
1 ./mtpass /temp/zaibmikrotik.backup
1 http://old-releases.ubuntu.com/releases/karmic/ubuntu-9.10-desktop-i386.iso
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 4/13
4/2/2014 Howto Recover Mikrotik ADMIN account Forgotten Password | Syed Jahanzaib Personnel Blog to Share Knowledge !
After you see Desktop, Open TERMINAL from APPLICATION > ACCESSORIES > TERMINAL
You partition can be different, use your judgment to see what partition mt is in, either by mounting it one by
one.
mkdir /temp
mount -t auto /dev/sda2 /temp
Now check its content by ls /temp and you will something like below image
*********************************************************
*********************************************************
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 5/13
4/2/2014 Howto Recover Mikrotik ADMIN account Forgotten Password | Syed Jahanzaib Personnel Blog to Share Knowledge !
Now Copy the ‘mikrotik password file’, (in newer ROS , it is located in /rw/store/user.dat) to USB flash
drive, It will be used to decode the password.
(The USB flash drive should be ‘plug and play’ in Ubuntu Live. Just plug it in usb port and it will appear
on desktop in few seconds , OR you can also copy it your network pc via configuring interface lan card
accordingly)
(Note: In older ROS it is /nova/store/user.dat)
then Boot from your Ubuntu box, and use the Method # 2 , described earlier in this article to decode
password using mtpass tool from this file.
Copy the user.dat file where you have decompressed mt password tool . e.g /temp , now use the mt pass
tool to recover password from this file.
./mtpass user.dat
As Now you have seen the password now, you can login into mikrotik pc router with your Old Password
http://manio.skyboo.net/mikrotik/
Also it’s possible for you to send an SMS to your router, tell it to run a script (parameters supported) and the
router can even respond, as it also supports SMS sending! More here:
http://wiki.mikrotik.com/wiki/Sms
You can setup an script just in case you forgot your password , and via sending sms, it can reset it to default.
or send you return the new/original password.
Regard’s
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 6/13
4/2/2014 Howto Recover Mikrotik ADMIN account Forgotten Password | Syed Jahanzaib Personnel Blog to Share Knowledge !
Regard’s
SYED JAHANZAIB
http://aacable.wordpress.com
Comments (32)
32 Comments »
1. Assalam- o – Alaiqum
How are you Jahanzaib bhai….
Please give me your number i want to ask you some question about mikrotik iam very new plz plz plz i
will never distrub u again n again….
1.
iffi123us@hotmail.com 7
Reply
2. Awesome!!
Reply
3. Very very helpful post… THANKS ZAIB BHAI
Reply
4. Very good your site man, maybe you can help us to learn how to install the mikrotik (without GUI) in a
virtual machine in UBUNTU plz, so we can get the mikrotik + cache and other tools in one unique PC
.
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 7/13
4/2/2014 Howto Recover Mikrotik ADMIN account Forgotten Password | Syed Jahanzaib Personnel Blog to Share Knowledge !
Reply
It’s very simple.
Just isntall VM , create new machine, adjust its hardware as per your requirements ,
Download Mikrotik in ISO format,
Boot from this ISO in the newly created vm ,
install it,
and have fun
Reply
Hi Syed,
We use our own Radius and Mikrotik as NAS for PPPoE & Hotspot users. The thing we require is
dynamic queues for users getting connected. Eg. day 512 kbps and night 1 mbps. From Mikrotik
forum we’ve got that it cant be done for PPPoE coz Mikrotik doesn’t supports CoA, but can be
achieved for Hotspot users.
Well I have used Radius Manager along with Mikrotik and it works fine.
5. You mean its applicable for both PPPoE & HotSpot clients ? But cant see any option of configuring that
while creating new services in Radius manager. Just have the option of Data rates along with Burst limit,
threshold and time. How do give someone 512 kbps from 6 am to 8 pm and 1 mbps from 8 pm to 6 am.
????
Reply
use Radius manager v 3.9 it is support CoA
Reply
6. Thnx, got it !!!!
Reply
7. Hi Sayed, once again……..
If we have Radius manager and Mikrotik NAS, and if we want to use it for Hotspot. So is it possible that
the DHCP pool on NAS is private say 10.5.50.0/24 and after guests gets logged in, the guest should be
provided with a public ip from a public pool say 1.1.1.0/25 for that session (till the time the user is logged
in) after the user logs out the ip should be free. The assignment of Public IPs to private IPs (after users
gets logged in) should be random. So, can Radius Manager keep session logs of users along with logged
in time, logged out, its private ip and also public IP.
I earlier tried doing netmap of src-nat and dstn-nat, but there was no logs maintained of which private ip
is assigned to which public ip. Even Mikrotik support says that there isnt any option currently to log the
netmaps.
We have to maintain fool-proof security as per the law of DoT, thus need to allocate users with unique
Public Ip for each login (and not masquerade). And the problem is that we have very limited Public Ips
(but enough to allocate the live concurrent users).
Reply
Can’t say about Hotspot User,
in my opinion, You can define in RADIUS to provide Live ip to user via live public pool (live ip pool
for users created in Mikrotik), so when mikrotik will assign any ip to user, it will log this entry.
in Logs, you can see what ip was assigned to which users.
Reply
8. That’s true when we have PPPoE clients, since IP is allocated only after users logs in (By Radius) but how
can that be possible while using HotSpot.
Because any user getting connected to the HotSpot interface; Public IP will automatically be provided
even when the user doesn’t logs in. That would result in wastage of Public IPs.
I want public ips to be assigned only after users logs in. And that, either Radius should have the users
Public IP detail of the session, or else Mikrotik should manage logs of which private IP is mapped to
which public IP along with time-stamp (Logs send to Syslog server).
Reply
Sorry I haven’t used hotspot anywhere so can’t guide you in the right path.
Have you tried posting your query to mikrotik forum ? Maybe some one will come up with any work
around. I am sure you will get good and authentic replies over there.
Reply
9. Hi,
We now have a network with Radius Manager and Mikrotik as NAS for PPPoE users. We have
obeserved that while creating profile/plans like 1mbps day and 2 mbps night (7 am to 9 pm 1 mbps & 9
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 9/13
4/2/2014 Howto Recover Mikrotik ADMIN account Forgotten Password | Syed Jahanzaib Personnel Blog to Share Knowledge !
pm tp 7 am 2 mbps) on Radius Manager, the queue (rate-limit) of the pppoe users does not changes on
the fly but if the user logs out and logs in again at the night time the user gets the queue of 2 mbps.
Mikrotik support says that CoA is only for HotSpot and not for PPPoE thus cannot change rate-limit of
connected pppoe users. CoA for PPPoE only supports DM (Disconnect-Message) or so called PoD(Packet
of Disconnection) to disconnect the connected pppoe users.
Is there any solution which can change the queue/rate-limit of the pppoe users on the fly without
disconnecting the users.
Reply
Change on the fly is Not supported for pppoe clients. No proper solution for this. I made an ugly
workaround for this that I configured a script on Mikrotik PPPoE Server which disconnects all
sessions on Mikrotik at 12:00am, and 12pm to enforce rate changes.
Reply
10. Can you please share the script configuration which you’ve mentioned above ?? Also anything done on
Radius Manager or just on Mikrotik ??
Reply
Just Mikrotik.
Also read this. a bit advance, but works according to this guy on the forum.
http://forum.mikrotik.com/viewtopic.php?f=9&t=52794
Reply
11. root@ijaz-laptop:/temp/mtpass-0.7# make
root@ijaz-laptop:/temp/mtpass-0.7#
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 10/13
4/2/2014 Howto Recover Mikrotik ADMIN account Forgotten Password | Syed Jahanzaib Personnel Blog to Share Knowledge !
Reply
12. Hello, we require load balancing along with failover. Eg LAN – 192.168.1.0/24. WAN 1 (interface ip) –
10.10.1.2 g/w 10.10.1.1 WAN 2 (interface ip) – 10.10.2.2 g/w 10.10.2.1. User with IP 192.168.1.2 could
use WAN 1, user with IP 192.168.1.3 could use WAN 2 (using 2 different gateways @ the same time kind
of load balancing) Similarly even other connected nodes on LAN should be distributed between 2
different gateways. And as soon as any one of the g/w is down the other should take over the whole LAN
n/w. Again when the gateway is up load balancing should happen again.
Any idea ???
Reply
I would like to do username=ip address of subscriber for external AAA/Radius server. with Hotspot i
am able to do mac authentication & other authentication. but I want to use ip address rather then
mac for authentication.
Reply
13. sir i cant login how can get backup bcos i forget password and username?????
Reply
14. dear i have 8 real ip and i want to give 5 real ip to my clients with dedicated 512k bandwdth…can you
help me???? im from bangladesh
Reply
15. when I do make I get:
/tmp/cceYZ7S0.o: In function `cUserRecord::DecryptAndShowRecord()’:
mtpass.cpp:
(.text._ZN11cUserRecord20DecryptAndShowRecordEv[cUserRecord::DecryptAndShowRecord()]+0xd6):
undefined reference to `MD5′
collect2: ld devolvió el estado de salida 1
make: *** [mtpass] Error 1
Reply
16. Compile to:
g++ mtpass.cpp -o mtpass -lssl -lcrypto
Reply
17. hello dear,
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 11/13
4/2/2014 Howto Recover Mikrotik ADMIN account Forgotten Password | Syed Jahanzaib Personnel Blog to Share Knowledge !
i have gone thru ur discription over recovering password bt my problem is that i hv not found back up
file in my system n i m nt used to use linex or wtevere is third option so is there any other easy option to
recover the password for dumb user like me……???? i will be gr8full to u.
Reply
Do you have x86 version of mikrotik or RB ?
Reply
18. Will this password recovery (Live CD) supports the latest x86 version (5.25)?
When I try to copy the user.dat an error came out saying something like the file or directory does not
exist.
Any ideas?
Reply
I guess it will work.
Reply
19. I am not familiar with ubuntu commands. Please tell me if I did the right thing.
cp -i /rw/store/user.dat /dev/sdb1
Reply
20. Dear, Jahanzeb
I am running mikrotik rb750gl billing on a wifi network. I don’t have enough knowledge about
setting/configuration of mikrotik (someone had done this for me).
i just want to ask, that i see many ip addresses in my ip/firewall/connections page even there is no any
active user on my active user list. I have doubt that someone is using my wifi network without proper
user name / password. Please reply me..
Reply
Dont worry, Connection tab shows any ip that mikrotik is sensing on network.
But surely you should have proper firewall / security in place to avoid misuse of your
internet/resources. Something like PPPOE server or hotspot.
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 12/13
4/2/2014 Howto Recover Mikrotik ADMIN account Forgotten Password | Syed Jahanzaib Personnel Blog to Share Knowledge !
Reply
RSS (Really Simple Syndication) feed for comments on this post. TrackBack URI (Uniform Resource
Identifier)
Follow
Powered by WordPress.com
http://aacable.wordpress.com/2012/01/14/howto-recover-mikrotik-admin-account-forgotten-password/ 13/13