Network Space 2 firmware 1.2.5, what's new, SSH access?

assetman
Posts: 26
Joined: Sun May 02, 2010 5:16 am

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by assetman » Thu Jul 15, 2010 8:46 am

olivm wrote:Add "noatime" to your mounted points, so that disks won't store the access times.

Code: Select all

mount | grep -E '(/dev/sda|unionfs)' | awk '{print $3;}' > /var/run/mounts
tac /var/run/mounts | while read d ;do mount $d -o remount,noatime ; done
Also, you can change the /etc/cron.d/logrotate file to make it run when you want

Code: Select all

0 0 */2 * * root /usr/sbin/logrotate /etc/logrotate.tab
BTW, see the media server topic to see how to change its configuration, to avoid making it scan files.
This seems to work on my NS2 1.2.5, thanks!

ricardo777
Posts: 4
Joined: Sat Jul 10, 2010 1:18 pm

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by ricardo777 » Thu Jul 15, 2010 9:00 am

assetman wrote:
olivm wrote:Add "noatime" to your mounted points, so that disks won't store the access times.

Code: Select all

mount | grep -E '(/dev/sda|unionfs)' | awk '{print $3;}' > /var/run/mounts
tac /var/run/mounts | while read d ;do mount $d -o remount,noatime ; done
Also, you can change the /etc/cron.d/logrotate file to make it run when you want

Code: Select all

0 0 */2 * * root /usr/sbin/logrotate /etc/logrotate.tab
BTW, see the media server topic to see how to change its configuration, to avoid making it scan files.
This seems to work on my NS2 1.2.5, thanks!
how do you get the ssh.php work? it gives by me an 404 error

assetman
Posts: 26
Joined: Sun May 02, 2010 5:16 am

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by assetman » Thu Jul 15, 2010 1:46 pm

ricardo777 wrote:
assetman wrote:
olivm wrote:Add "noatime" to your mounted points, so that disks won't store the access times.

Code: Select all

mount | grep -E '(/dev/sda|unionfs)' | awk '{print $3;}' > /var/run/mounts
tac /var/run/mounts | while read d ;do mount $d -o remount,noatime ; done
Also, you can change the /etc/cron.d/logrotate file to make it run when you want

Code: Select all

0 0 */2 * * root /usr/sbin/logrotate /etc/logrotate.tab
BTW, see the media server topic to see how to change its configuration, to avoid making it scan files.
This seems to work on my NS2 1.2.5, thanks!
how do you get the ssh.php work? it gives by me an 404 error
Double check the address you are using in www-browser. Then make sure your text editor didn't force .txt-prefix to the filename (i.e "ssh.php.txt").

ricardo777
Posts: 4
Joined: Sat Jul 10, 2010 1:18 pm

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by ricardo777 » Thu Jul 15, 2010 2:09 pm

assetman wrote:
ricardo777 wrote:
assetman wrote:
olivm wrote:Add "noatime" to your mounted points, so that disks won't store the access times.

Code: Select all

mount | grep -E '(/dev/sda|unionfs)' | awk '{print $3;}' > /var/run/mounts
tac /var/run/mounts | while read d ;do mount $d -o remount,noatime ; done
Also, you can change the /etc/cron.d/logrotate file to make it run when you want

Code: Select all

0 0 */2 * * root /usr/sbin/logrotate /etc/logrotate.tab
BTW, see the media server topic to see how to change its configuration, to avoid making it scan files.
This seems to work on my NS2 1.2.5, thanks!
how do you get the ssh.php work? it gives by me an 404 error
Double check the address you are using in www-browser. Then make sure your text editor didn't force .txt-prefix to the filename (i.e "ssh.php.txt").
I have checked it but the adress and filename is ssh.php

the adress is http://networkspace2/webdav/OpenShare/ssh.php is that correct?

and you used it on 1.0.2 or the 1.2.5 version?

assetman
Posts: 26
Joined: Sun May 02, 2010 5:16 am

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by assetman » Thu Jul 15, 2010 2:58 pm

Try using the actual IP-address for example http://100.0.0.10/webdav/OpenShare/anyexistingfilename.

ricardo777
Posts: 4
Joined: Sat Jul 10, 2010 1:18 pm

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by ricardo777 » Thu Jul 15, 2010 3:17 pm

That doesn't work also, even if i try only the webdav/OpenShare folder is don´t work.

Do I need to activate a service for it or...

assetman
Posts: 26
Joined: Sun May 02, 2010 5:16 am

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by assetman » Thu Jul 15, 2010 5:18 pm

You don't need a service for that. Does the www-dashboard work? Try resetting the device to factory defaults (it won't remove any data).

obrador
Posts: 2
Joined: Sat Sep 04, 2010 9:59 am

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by obrador » Sat Sep 04, 2010 10:19 am

Hi, same problem here: "404 - Not Found" after http://192.168.1.203/webdav/OpenShare/ssh.php

Firmware is 1.2.5, but once I upgraded to the recent 1.2.6, before I reset back to Factory, so the actual firmware is original 1.2.5

Do you still think is there a way to get ssh shell without dissasembling? How can affect a firmaware update on hacked systems?

Other thing I noticed was that when system was running on 1.2.6, I couldn't get any nmap output, with 1.2.5. back again nmap gives all open ports.

Any help would be very much appreciated,
Jaume.

obrador
Posts: 2
Joined: Sat Sep 04, 2010 9:59 am

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by obrador » Mon Sep 06, 2010 3:23 pm

:roll: no way without disassembling?

Mijzelf
Posts: 6224
Joined: Mon Jun 16, 2008 10:45 am

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by Mijzelf » Mon Sep 06, 2010 5:15 pm

Possibly not. There was one known way, but it's patched in later firmware, as Lacie announced.

betz
Posts: 2
Joined: Mon Oct 11, 2010 1:09 pm

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by betz » Sat Oct 16, 2010 9:48 am

I have disassembled the nas, and attached it to my pc.
Now can someone tell me how to root with disassembling?

I have firmware version 1.2.6

thanks
tom


betz
Posts: 2
Joined: Mon Oct 11, 2010 1:09 pm

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by betz » Sat Oct 16, 2010 10:17 am

I followed http://lacie.nas-central.org/wiki/Categ ... assembling

but when doing an nmap on the nas, no port 22 is available.
I have the feeling that the guide needs to be updated for firmware 1.2.6

mijzelf: did you manage to root a 1.2.6?

Mijzelf
Posts: 6224
Joined: Mon Jun 16, 2008 10:45 am

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by Mijzelf » Sat Oct 16, 2010 10:41 am

did you manage to root a 1.2.6?
No, I don't have a NS2.

Can you upload a partition dump of sda8 somewhere?

Code: Select all

dd if=/mountpoint/of/sda8 | gzip -9 >sda8.gz
This will be about 100MB.

MarkV
Posts: 23
Joined: Tue Oct 05, 2010 8:01 pm

Re: Network Space 2 firmware 1.2.5, what's new, SSH access?

Post by MarkV » Sat Oct 16, 2010 12:40 pm

When you buy a NS2 and it has firmware version 1.0.2 then you can use this backdoor.
(there where some 1.2.5 which also had this backdoor but newer ones don't)

The firmwares 1.2.5 and 1.2.6 on the Lacie site don't have this backdoor anymore, read this topic viewtopic.php?p=5880#p5880
When you have updated your NS2 with one of these firmwares you have to open up your NS2 and connect your HDD to
another Linux system to edit some files to get root access.

When connected to another system mount sda9 from your Lacie HDD and go to /etc/initng/runlevel and edit the file default.runlevel
simply remove the # before sshd
Go to /etc and add the following line to your passwd file
new_root:$1$FfIsQ/hk$2ZB88Rs/Ebiz9OwXxLi7j1:0:0:root:/home:/bin/sh

Build your HDD back on your NAS and make a connection, user new_root with password new_root should have
root access now.
But keep in mind that every change you make on a user in the Lacie dashboard (add user/change password) will
remove your added line from passwd and you loose root access

Removing your HDD isn't very difficult and if you do it with care nobody will notice :mrgreen:

Image

Grtzz Mark

Post Reply