Home » Blogs » David Luhman's blog

Phase 2 of D-Link DNS-323 hacking - Root user and sshd setup

Posted on August 2nd, 2009 by David Luhman and tagged .

Here's a follow-on to my first post on hacking the D-Link DNS-323 hacking.

This is what you should do after you've downloaded and installed Fonz' fun_plug (ffp) and made the initial telnet into the system.

Here's a useful guide for this :
http://wiki.dns323.info/howto:ffp?s=password


# pwconv
# passwd
# usermod -s /ffp/bin/sh root

# login (test root/newpw)

# store-passwd.sh
Copying files to mtd1...
Copying files to mtd2...
Done.

# cd /ffp/start
# sh sshd.sh start (test ssh login)


# cd /ffp/start
# chmod a-x telnetd.sh
# chmod a+x sshd.sh

I found you can re-activate telnet by temporarily putting
chmod a+x /mnt/HD_a2/ffp/start/telnetd.sh
into the fun_plug file via Windows client (Samba) at the root of the mounted network drive.

If you reboot the system with the above configuration, you'll still be able to ssh into the box with root/newpw, and you'll find telnet is inoperable.

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options