Replacing to larger disk and hacking Edmini v.2 (1.1.2.1)

Ethernet disk mini v2
Post Reply
mmarcin2
Posts: 4
Joined: Fri Sep 12, 2008 6:50 am

Replacing to larger disk and hacking Edmini v.2 (1.1.2.1)

Post by mmarcin2 » Thu Jun 04, 2009 9:46 am

I've replaced 320GB to 1TB disk in my Edmini v2.
The only problem was expanding xfs /dev/sda2 partition. So i've changed it to ext2 and everything works fine.
I've also tried to hack my Edmini with webshell exploit but i've realized that it is not working on my edmini's software version (1.1.2.1).
The way described here:
http://lacie.nas-central.org/wiki/SuccessStories
tells that script should be placed on a root partition /dev/sda7 but on my disk there is no www directory on that partition. It is on /dev/sda8 and I've placed the script here with full permisions (777) but after booting the machine shows error 404 while trying to execute it.
I've found something about overlaying sda7 and sda8 but i didn't find the place on sda7 where the script should be placed.

Enyone tried to hack 1.1.2.1 with success?

Regards
mmarcin2

SuperPoney
Posts: 7
Joined: Mon Jun 01, 2009 11:53 am

Re: Replacing to larger disk and hacking Edmini v.2 (1.1.2.1)

Post by SuperPoney » Thu Jun 04, 2009 11:46 am

Where did you put your cgi file on /dev/sda8 ?
You should have other .cgi file in the directory where you put your own cgi file. Your NAS web server is not setuped to execute files in any directory of the HDD. This give you a 404 page not found error.

The path is like "/dev/sda8/www/cgi-bin/admin/".

mmarcin2
Posts: 4
Joined: Fri Sep 12, 2008 6:50 am

Re: Replacing to larger disk and hacking Edmini v.2 (1.1.2.1)

Post by mmarcin2 » Thu Jun 04, 2009 4:44 pm

I've put it on /dev/sda8/www/cgi-bin/admin and it didn't work, but after that i've tried
/dev/sda8/www/cgi-bin/ and my exploit works just fine!
Thanks for help!

Regards
MM

Post Reply