By 苏剑林 | September 05, 2016
Starting my journey as a graduate student, I hope that one day I can reach the realm of the "Sweeper Monk" (a hidden master).
After entering Sun Yat-sen University (SYSU), several frustrating things happened. First, the most annoying thing is that the school starts extremely early; opening on August 26. It feels like at least a week earlier than most other schools. Is there any point in starting so early? Next, I feel that SYSU's management system is quite chaotic, far worse than my undergraduate institution, South China Normal University. Well, I won't complain further about these trifles. Next, I had to set up the campus network, which was where the "struggle" began.
We are at the South Campus, and the campus network is authenticated via the Ruijie (StarView) client. I use a MacBook, and fortunately, SYSU humanely provides a Mac version of the Ruijie client, which is only about 1MB in size; quite good. However, as everyone knows, MacBooks do not have a built-in Ethernet port. Every time I want to go online, I have to plug in a USB network adapter and connect it to a network cable, which is extremely frustrating. So, I thought of a way to dial in through a router. I’m not exactly inexperienced; I’ve done some research on the OpenWrt system. Back when I was an undergraduate, we also used Ruijie, and I could use MentoHUST as a replacement for dialing, which was very simple. So I repeated that process here, but found that authentication failed every time. Following various methods suggested online did not solve the problem.
Upon research, I discovered that under Windows, the network here only works with the official Ruijie version 4.90 provided by the school. Versions higher or lower downloaded from elsewhere cannot pass authentication. I suspect this mechanism makes it difficult for MentoHUST to pass authentication. Furthermore, the popular version of MentoHUST is based on the V2 protocol, while version 4.90 is based on V4. Later, I downloaded the V4 version and performed cross-compilation, but tests showed it still didn't work. When I was near despair, I discovered mentohust-proxy, an improved version of MentoHUST, which gave me hope. (How did I find it? I searched directly on GitHub because I was truly out of options.)
The principle is very simple: if MentoHUST cannot complete authentication directly, it uses a proxy mode. The authentication is performed by a computer, and MentoHUST is only responsible for sending heartbeat packets to maintain the connection. This is a compromise solution, but it should be a very universal one because its success essentially depends solely on the Ruijie client on your own computer. Seeing this solution, I knew there was a chance. I quickly brushed up on my knowledge of cross-compilation, finally compiled it successfully, and successfully completed authentication on the router.
Cross-Compilation
My environment is CentOS 7. First, install the environment dependencies. In fact, these dependencies were found online, and I'm not sure if they are complete. If it doesn't work, feel free to leave a comment. You can search for "OpenWrt compilation" to find many related links.
Download the SDK package to the ~ directory. My router uses the common MT7620n solution, so I downloaded the mt7620 one:
Download libpcap. Here, I compile the dependency library libpcap directly into it to avoid having to install it separately.
Download mentohust-proxy.
Configure environment variables (here /home/job is my ~ directory):
The rest of the process is similar to standard compilation, just adding the host=mipsel-openwrt-linux-uclibc parameter. First, compile libpcap:
Then compile mentohust-proxy:
The file named mentohust in the src directory is the final compiled executable.
Completing Authentication
Download the mentohust file and upload it to the router. You can first try if MentoHUST can complete authentication directly; if not, use the proxy authentication. Incidentally, this upgraded version of MentoHUST is more user-friendly. Below is its help file.
>>> mentohust -h
Welcome to MentoHUST Version: 0.3.1
Copyright (C) 2009-2010 HustMoon Studio
People come to Huazhong University of Science and Technology, there is sweetness and spice...
802.1x proxy and other new features by Hamster Tian 2015-2016.
Bug report to http://code.google.com/p/mentohust/issues/list
Usage: ./mentohust [-options][parameters] or [-options] [parameters] or [--long-options] [parameters]
Options: --help -h Display this help information
--kill -k -k(Exit program) Others(Restart program)
--write -w Save parameters to configuration file
--username -u Username
--password -p Password
--nic -n Network card name
--ip -i IP [default local IP]
--mask -m Subnet mask [default local mask]
--gateway -g Gateway [default 0.0.0.0]
--dns -s DNS [default 0.0.0.0]
--ping-host -o Ping host [default 0.0.0.0, means function disabled]
--auth-timeout -t Authentication timeout (seconds) [default 8]
--heartbeat -e Heartbeat interval (seconds) [default 30]
--wait-after-fail -r Wait after failure (seconds) [default 15]
--max-fail -l Max allowed failures [0 means unlimited, default 8]
--no-auto-reauth -x Auto reconnect after drop: 0(No) 1(Yes) [default 1]
--eap-bcast-addr -a Multicast address: 0(Standard) 1(Ruijie) 2(Cernet) [default 0]
--dhcp-type -d DHCP mode: 0(None) 1(Double Auth) 2(After Auth) 3(Before Auth) [default 0]
--daemonize -b Run in background: 0(No) 1(Yes, close output) 2(Yes, keep output) 3(Yes, output to file) [default 0]
--fake-supplicant-version -v Client version number [default 0.00 means compatible with xrgsu]
--template-file -f Custom data file [default none]
--dhcp-script -c DHCP script [default dhclient]
--proxy-lan-iface -z Network card name to listen for authentication packets in proxy mode (setting this enables proxy mode)
--proxy-require-success -j Number of Success packets needed before closing the LAN listener thread in proxy mode [default 1]
--decode-config -q Show contents of SuConfig.dat (e.g., -q/path/SuConfig.dat)
--max-retries Max retries before receiving success or failure result; 0 means infinite [default 0]
Example: ./mentohust -u username -p password -n eth0 -i 192.168.0.1 -m 255.255.255.0 -g 0.0.0.0 -s 0.0.0.0 -o 0.0.0.0 -t 8 -e 30 -r 15 -a 0 -d 1 -b 0 -v 4.10 -f default.mpf -c dhclient
About proxy mode: In this mode, MentoHUST will not initiate authentication itself; instead, it modifies the source MAC of authentication packets captured on the LAN and forwards them to the WAN, enabling the machine to pass authentication.
In proxy mode, username, password, and drop reconnection settings (-u, -p, -x) are ineffective and do not need to be specified. Since Start packets are self-constructed, DHCP mode and multicast address (-d, -a) are still required.
Proxy mode example: ./mentohust --proxy-lan-iface br0 --nic eth0 --eap-bcast-addr 1 --dhcp-type 2 -proxy-require-success 2
Note: Please ensure it is run with root privileges!
First, connect the campus network cable to the WAN port of the router, then connect your computer to the LAN port (WiFi connection also works). Start the command on the router:
./mentohust --proxy-lan-iface br-lan --nic eth0.2 --eap-bcast-addr 1 --dhcp-type 2 --proxy-require-success 2
Then, use the Ruijie client on the computer to dial-in. You will notice that the router shows the dialing was successful. To keep MentoHUST running, you can use screen or directly use the -b parameter. Well, now you can enjoy your WiFi.
Next Steps
Now, there are many things you can do, such as intranet penetration, SSH proxies, resource sharing, etc.~
Compiled program, available for MTK series routers: mentohust_mtk.zip
Reference Links
https://github.com/updateing/mentohust-proxy
https://www.yjblog.net/post/123.html
http://soundrain.net/2016/04/25/mentohust-v4版本编译及ipv6的配置/