This seems to work on my NS2 1.2.5, thanks!olivm wrote:Add "noatime" to your mounted points, so that disks won't store the access times.Also, you can change the /etc/cron.d/logrotate file to make it run when you wantCode: Select all
mount | grep -E '(/dev/sda|unionfs)' | awk '{print $3;}' > /var/run/mounts tac /var/run/mounts | while read d ;do mount $d -o remount,noatime ; done
BTW, see the media server topic to see how to change its configuration, to avoid making it scan files.Code: Select all
0 0 */2 * * root /usr/sbin/logrotate /etc/logrotate.tab
Network Space 2 firmware 1.2.5, what's new, SSH access?
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
-
- Posts: 4
- Joined: Sat Jul 10, 2010 1:18 pm
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
how do you get the ssh.php work? it gives by me an 404 errorassetman wrote:This seems to work on my NS2 1.2.5, thanks!olivm wrote:Add "noatime" to your mounted points, so that disks won't store the access times.Also, you can change the /etc/cron.d/logrotate file to make it run when you wantCode: Select all
mount | grep -E '(/dev/sda|unionfs)' | awk '{print $3;}' > /var/run/mounts tac /var/run/mounts | while read d ;do mount $d -o remount,noatime ; done
BTW, see the media server topic to see how to change its configuration, to avoid making it scan files.Code: Select all
0 0 */2 * * root /usr/sbin/logrotate /etc/logrotate.tab
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
Double check the address you are using in www-browser. Then make sure your text editor didn't force .txt-prefix to the filename (i.e "ssh.php.txt").ricardo777 wrote:how do you get the ssh.php work? it gives by me an 404 errorassetman wrote:This seems to work on my NS2 1.2.5, thanks!olivm wrote:Add "noatime" to your mounted points, so that disks won't store the access times.Also, you can change the /etc/cron.d/logrotate file to make it run when you wantCode: Select all
mount | grep -E '(/dev/sda|unionfs)' | awk '{print $3;}' > /var/run/mounts tac /var/run/mounts | while read d ;do mount $d -o remount,noatime ; done
BTW, see the media server topic to see how to change its configuration, to avoid making it scan files.Code: Select all
0 0 */2 * * root /usr/sbin/logrotate /etc/logrotate.tab
-
- Posts: 4
- Joined: Sat Jul 10, 2010 1:18 pm
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
I have checked it but the adress and filename is ssh.phpassetman wrote:Double check the address you are using in www-browser. Then make sure your text editor didn't force .txt-prefix to the filename (i.e "ssh.php.txt").ricardo777 wrote:how do you get the ssh.php work? it gives by me an 404 errorassetman wrote:This seems to work on my NS2 1.2.5, thanks!olivm wrote:Add "noatime" to your mounted points, so that disks won't store the access times.Also, you can change the /etc/cron.d/logrotate file to make it run when you wantCode: Select all
mount | grep -E '(/dev/sda|unionfs)' | awk '{print $3;}' > /var/run/mounts tac /var/run/mounts | while read d ;do mount $d -o remount,noatime ; done
BTW, see the media server topic to see how to change its configuration, to avoid making it scan files.Code: Select all
0 0 */2 * * root /usr/sbin/logrotate /etc/logrotate.tab
the adress is http://networkspace2/webdav/OpenShare/ssh.php is that correct?
and you used it on 1.0.2 or the 1.2.5 version?
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
Try using the actual IP-address for example http://100.0.0.10/webdav/OpenShare/anyexistingfilename.
-
- Posts: 4
- Joined: Sat Jul 10, 2010 1:18 pm
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
That doesn't work also, even if i try only the webdav/OpenShare folder is don´t work.
Do I need to activate a service for it or...
Do I need to activate a service for it or...
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
You don't need a service for that. Does the www-dashboard work? Try resetting the device to factory defaults (it won't remove any data).
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
Hi, same problem here: "404 - Not Found" after http://192.168.1.203/webdav/OpenShare/ssh.php
Firmware is 1.2.5, but once I upgraded to the recent 1.2.6, before I reset back to Factory, so the actual firmware is original 1.2.5
Do you still think is there a way to get ssh shell without dissasembling? How can affect a firmaware update on hacked systems?
Other thing I noticed was that when system was running on 1.2.6, I couldn't get any nmap output, with 1.2.5. back again nmap gives all open ports.
Any help would be very much appreciated,
Jaume.
Firmware is 1.2.5, but once I upgraded to the recent 1.2.6, before I reset back to Factory, so the actual firmware is original 1.2.5
Do you still think is there a way to get ssh shell without dissasembling? How can affect a firmaware update on hacked systems?
Other thing I noticed was that when system was running on 1.2.6, I couldn't get any nmap output, with 1.2.5. back again nmap gives all open ports.
Any help would be very much appreciated,
Jaume.
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
Possibly not. There was one known way, but it's patched in later firmware, as Lacie announced.
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
I have disassembled the nas, and attached it to my pc.
Now can someone tell me how to root with disassembling?
I have firmware version 1.2.6
thanks
tom
Now can someone tell me how to root with disassembling?
I have firmware version 1.2.6
thanks
tom
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
I followed http://lacie.nas-central.org/wiki/Categ ... assembling
but when doing an nmap on the nas, no port 22 is available.
I have the feeling that the guide needs to be updated for firmware 1.2.6
mijzelf: did you manage to root a 1.2.6?
but when doing an nmap on the nas, no port 22 is available.
I have the feeling that the guide needs to be updated for firmware 1.2.6
mijzelf: did you manage to root a 1.2.6?
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
No, I don't have a NS2.did you manage to root a 1.2.6?
Can you upload a partition dump of sda8 somewhere?
Code: Select all
dd if=/mountpoint/of/sda8 | gzip -9 >sda8.gz
Re: Network Space 2 firmware 1.2.5, what's new, SSH access?
When you buy a NS2 and it has firmware version 1.0.2 then you can use this backdoor.
(there where some 1.2.5 which also had this backdoor but newer ones don't)
The firmwares 1.2.5 and 1.2.6 on the Lacie site don't have this backdoor anymore, read this topic viewtopic.php?p=5880#p5880
When you have updated your NS2 with one of these firmwares you have to open up your NS2 and connect your HDD to
another Linux system to edit some files to get root access.
When connected to another system mount sda9 from your Lacie HDD and go to /etc/initng/runlevel and edit the file default.runlevel
simply remove the # before sshd
Go to /etc and add the following line to your passwd file
new_root:$1$FfIsQ/hk$2ZB88Rs/Ebiz9OwXxLi7j1:0:0:root:/home:/bin/sh
Build your HDD back on your NAS and make a connection, user new_root with password new_root should have
root access now.
But keep in mind that every change you make on a user in the Lacie dashboard (add user/change password) will
remove your added line from passwd and you loose root access
Removing your HDD isn't very difficult and if you do it with care nobody will notice

Grtzz Mark
(there where some 1.2.5 which also had this backdoor but newer ones don't)
The firmwares 1.2.5 and 1.2.6 on the Lacie site don't have this backdoor anymore, read this topic viewtopic.php?p=5880#p5880
When you have updated your NS2 with one of these firmwares you have to open up your NS2 and connect your HDD to
another Linux system to edit some files to get root access.
When connected to another system mount sda9 from your Lacie HDD and go to /etc/initng/runlevel and edit the file default.runlevel
simply remove the # before sshd
Go to /etc and add the following line to your passwd file
new_root:$1$FfIsQ/hk$2ZB88Rs/Ebiz9OwXxLi7j1:0:0:root:/home:/bin/sh
Build your HDD back on your NAS and make a connection, user new_root with password new_root should have
root access now.
But keep in mind that every change you make on a user in the Lacie dashboard (add user/change password) will
remove your added line from passwd and you loose root access
Removing your HDD isn't very difficult and if you do it with care nobody will notice


Grtzz Mark