Getting into embedd linux

Post Reply
kosmaty
Posts: 32
Joined: Sat May 17, 2008 2:57 pm

Getting into embedd linux

Post by kosmaty » Sat May 17, 2008 3:20 pm

Hello,

Could you tell me is there any way to get into this embedd linux without opening box?

mindbender
Posts: 58
Joined: Thu Mar 06, 2008 12:23 pm
Location: Vienna
Contact:

Re: Getting into embedd linux

Post by mindbender » Sat May 17, 2008 8:52 pm

usually there are 2 ways:

1) there is a telnet/ssh daemon running on the box or it can be started somehow....
not very common to have it running by default.....but sometimes it can be started somehow.

2) create a firmware update which is telnet enabled and upgrade the firmware
not easily possible...download a firmware update and take a look at the file...i do not see any way to decrypt the file so far....but i guess this could be found out by
looking at the root filesystem of the hdd...maybe the script itself that handles the upload via the webinterface has the decryption in clear text


well...if all does not help serial is the best option when trying to hack a box.....

why don`t you want to open the box? is there a warranty sticker on the box? if not pictures of both sides of the mainboard would help us to find serial.

kosmaty
Posts: 32
Joined: Sat May 17, 2008 2:57 pm

Re: Getting into embedd linux

Post by kosmaty » Sat May 17, 2008 10:12 pm

Hello,
Thank you for your answer!

1) Only ports: 21, 80, 139, 445 are opened by default (according to nmap scan result). Mayby there is some way to run ssh/telnet deamon, but I have no idea how to do it :|

2) I am able to update firmware via www panel. Firmware is here: http://www.lacie.com/support/drivers/dr ... m?id=10105 ,but there are no clear text lines inside and also I don't know how to recognise the file format.

I think that file decryption process takes place outside the webinterface, so I am not able to recognise specification of it.

I have no access to root filesystem, but I have log file: http://pastebin.com/m19950e9f

These are photos from inside the box that I've found:
http://www.smallnetbuilder.com/images/s ... al_big.jpg
http://www.smallnetbuilder.com/images/s ... rd_big.jpg

but what I already know (according to log) is that I have diffrent HDD vendor, but it doesn't matter, right? :)

Yes, there is damn warranty sticker so I would like to do everything that is possible to avoid removing it:)

mindbender
Posts: 58
Joined: Thu Mar 06, 2008 12:23 pm
Location: Vienna
Contact:

Re: Getting into embedd linux

Post by mindbender » Wed May 21, 2008 11:48 am

the first one always has to bite the bullet :)

but hey, i sent a diskless Lacie EBD to timtimred (foonas.org) .... he might not have the stock rootfs but he might be able to get foonas supported...it has ssh enabled by default then.

kosmaty
Posts: 32
Joined: Sat May 17, 2008 2:57 pm

Re: Getting into embedd linux

Post by kosmaty » Fri May 23, 2008 9:37 pm

I know... :cry:

What does timtimred mean? :)

UPDATE:

I have just found the newest picture of EBD inside: http://hax0r.schleppingsquid.net/Files/ ... ieGuts.gif

mindbender
Posts: 58
Joined: Thu Mar 06, 2008 12:23 pm
Location: Vienna
Contact:

Re: Getting into embedd linux

Post by mindbender » Sat May 24, 2008 7:38 am

timtimred will surely directly connect serial.....foonas will feature ssh......but it depends on his time when he does deals with the lacie EBD

kosmaty
Posts: 32
Joined: Sat May 17, 2008 2:57 pm

Re: Getting into embedd linux

Post by kosmaty » Wed May 28, 2008 2:07 pm

Thank you for your answer!

For others:

Until today I' ve been looking for solution to hack EBD without opening the box, but with no results. You can try with exploit for PureFTP, but I couldn't manage...

If you decide to open the box, here is simple instruction http://www.goodjobsucking.com/?p=17 (sic!). I know, url looks little strange :P, but it is okey.

If you find any other way to hack EBD, please post it here.

mindbender
Posts: 58
Joined: Thu Mar 06, 2008 12:23 pm
Location: Vienna
Contact:

Re: Getting into embedd linux

Post by mindbender » Wed May 28, 2008 11:26 pm

looks like as if timtimred did not receive a Lacie EDMini v2 in the end....we need to get one from elsewhere...

Post Reply