PDA

Bekijk de volledige versie : local.rc bad in the hidden location



aporumb
14-04-2007, 16:28
Hello all!

I will start by saying I am a very unexperienced Linux user so please don't bash me too hard.

Here is the story which I need to tell you. I want to install kfurge's firmware simply cause I liked the idea of having a console to the white box on my desk. So, being the nub that I am, I followed every single step of the install instructions. You cannot imagine the joy I had when today around 8AM (after getting up @ 6AM) I got putty to give me a console to my beautiful WL700ge

This is the point where I must say that rc.local was under "web" folder.

So, by reading the guide I had, it seemed I should close some security hole and move this rc.local to some other location. IN THE SAME TIME, I want to be able to spin down my hard drive. As you know kfurge has such rc.local files.

*I THINK* that what I did was to edit (unknowingly!!!) the file rc.local in notepad upload it to the router and move it to that location where it is not accesible from normal "sharing" interfaces.

I *think* linux is not very happy with that file which is currently there and doesn't start the telnet daemon.

Kfurge's firmware says that first will look under the "hidden" location and after will look in the "web" for rc.local

Well - it finds some file with "rc.local" in the hidden location (ofc, I put the bullshit in there!!!) and doesn't execute the normal (from "web") rc.local.

So, don't get me wrong, my box is workig and I closed the "security hole" so hard I don't know how to open it again!

What I tried was to flash the ASUS firmware and afterwards kfurge's and to repeat all the steps that got me this morning to the telnet console, but it still doesn't work.

So I come to you, like a hunble vermin the dust bowing before the mighty gods of WL700, and I ask : what can I do to get telnet again to my box? (my dreams are big, as big as having Mysql and PHP and Apache working on it).

thanks.

love,
porumb

kfurge
14-04-2007, 23:35
It's not too hard to enable telnet via the .cgi hack. Please read:

http://wl500g.info/archive/index.php/t-7313.html

- K.C.

aporumb
15-04-2007, 06:34
thank you thank you thank you
./bow

Even a nub like me was able to get back in.

"cover me, i'm going in!"

love,
porumb

gnasher81
02-07-2007, 16:12
OK, I've done pretty much the same as aporumb, but with a slight improvement...

Before I screwed up my rc.local, I took the (to my tiny mind) sensible step of moving the location of the local web files out of the /MYVOLUME1/MYSHARE1 path, to prevent the use of the telnet cgi exploit (you can tell what's coming next, cant you?).

So, now I no longer have a functional rc.local, is there any other way, short of reflashing the original firmware, of getting a telnet session?

Cheers,


Gav.

kfurge
04-07-2007, 03:26
So, now I no longer have a functional rc.local, is there any other way, short of reflashing the original firmware, of getting a telnet session?


Nope.

- K.C.

gnasher81
04-07-2007, 12:15
Yeah, thought not. Thanks for confirming.

gnasher81
05-07-2007, 01:23
OK, played around a bit, and managed to fix this.

First of all, I think I'm right in saying that holding the reset button for 10+ secs doesn't overwrite firmware? But it does reset the factory defaults, including the personal web page location - right back into the public directory. Excellent. Then followed steps as above, and all is well with the world.

Cheers,


Gav

gratitude182
05-07-2007, 10:34
the firmware will be only new installed with the firmware restoration tool or in the webpage with the firmware upload function.
the reset-button only set the settings back.

grat182

iczfirz
05-07-2007, 17:54
Assume you affort to discard all data inside the brick:
- flash it with openwrt trx
- telnet into openwrt, run fdisk to erase the unknown partition
- flash it with kc trx

you will get back a functional brick. of coz all data gone.
That's what I learn from the buddies here.

~May

kfurge
06-07-2007, 03:53
First of all, I think I'm right in saying that holding the reset button for 10+ secs doesn't overwrite firmware? But it does reset the factory defaults, including the personal web page location - right back into the public directory. Excellent. Then followed steps as above, and all is well with the world.

Good solution.

- K.C.