Forumi
Home Pravila i pomoć Članovi Kalendar Današnji postovi


Povratak   PC Ekspert Forum > Internet i mrežne tehnologije > Mreže
Ime
Lozinka

Odgovori
 
Uređivanje
Staro 28.05.2011., 19:08   #631
Nikky
Moderator
 
Nikky's Avatar
 
Datum registracije: Sep 2006
Lokacija: St
Postovi: 23,544
Kog vraga će ti 108 kad je router 54 ?
Nikky je offline   Reply With Quote
Staro 28.05.2011., 19:48   #632
Baja 001
Banned
Moj komp
 
Baja 001's Avatar
 
Datum registracije: Aug 2006
Lokacija: Split
Postovi: 7,504
Citiraj:
Autor Nikky Pregled postova
Kog vraga će ti 108 kad je router 54 ?
Govorin za "rutor"

On ima tu opciju.
Baja 001 je offline   Reply With Quote
Staro 28.05.2011., 20:59   #633
Hackerivs
Premium
 
Datum registracije: Aug 2009
Lokacija: Middle of nowhere
Postovi: 451
da ali koliko ja znam samo u kombinaciji sa onim nekim siemens stickovima.
stavi ti fino 54 mbit.
Hackerivs je offline   Reply With Quote
Staro 28.05.2011., 23:23   #634
.Delboy
Premium
 
.Delboy's Avatar
 
Datum registracije: May 2008
Lokacija: hr
Postovi: 755
Router ima opciju Atheros Super G aka. 108mbps, ali onda i kartica mora to podrzavati i signal treba biti dobar, neznam za ostale chipsete al atheros kartice to sigurno podrzavaju

Zadnje izmijenjeno od: .Delboy. 28.05.2011. u 23:41.
.Delboy je offline   Reply With Quote
Staro 29.05.2011., 13:30   #635
Baja 001
Banned
Moj komp
 
Baja 001's Avatar
 
Datum registracije: Aug 2006
Lokacija: Split
Postovi: 7,504
Citiraj:
Autor .Delboy Pregled postova
Router ima opciju Atheros Super G aka. 108mbps, ali onda i kartica mora to podrzavati i signal treba biti dobar, neznam za ostale chipsete al atheros kartice to sigurno podrzavaju
Ma znan to gleda san spec, nego me zanima oće li bit ikakvog poboljšanja u transferu, ono kao dva zasebna 54g?

EDIT:

All-in-one-pack SX763 @ multiupload

Zadnje izmijenjeno od: Baja 001. 02.06.2011. u 00:12.
Baja 001 je offline   Reply With Quote
Staro 29.05.2011., 19:44   #636
Hackerivs
Premium
 
Datum registracije: Aug 2009
Lokacija: Middle of nowhere
Postovi: 451
isprobaš pa sam vidiš.
Hackerivs je offline   Reply With Quote
Staro 31.05.2011., 03:16   #637
Sniper
Community Manager
Moj komp
 
Sniper's Avatar
 
Datum registracije: Nov 2006
Lokacija: Rijeka
Postovi: 313
Imam backup toga rutera, sada me interesira kako da ga "enkriptujem" tako da mogu procitati fino sta pise
Sniper je offline   Reply With Quote
Staro 31.05.2011., 12:07   #638
Hackerivs
Premium
 
Datum registracije: Aug 2009
Lokacija: Middle of nowhere
Postovi: 451
pošalješ meni taj enkriptirani config da ti da ja dekriptiram. to može isključivo ako treba u neku dobru svrhu.
Hackerivs je offline   Reply With Quote
Staro 01.06.2011., 12:59   #639
Sniper
Community Manager
Moj komp
 
Sniper's Avatar
 
Datum registracije: Nov 2006
Lokacija: Rijeka
Postovi: 313
Citiraj:
Autor Hackerivs Pregled postova
pošalješ meni taj enkriptirani config da ti da ja dekriptiram. to može isključivo ako treba u neku dobru svrhu.
pa u biti i trebam, jel sam prije 2 godine podesavao rutere u hotelu, a neznam loginove vise za njih, a imam backupove spremljene u folderu jednom :P
Sniper je offline   Reply With Quote
Staro 01.06.2011., 20:37   #640
Hackerivs
Premium
 
Datum registracije: Aug 2009
Lokacija: Middle of nowhere
Postovi: 451
u configu ne piše password za ulaz u njih tako da ti to neće pomoći.
ako je tako kako govoriš, resetiraš ruter i ubaciš natrag config i radit će kako je i radilo.
Hackerivs je offline   Reply With Quote
Staro 02.06.2011., 01:04   #641
Baja 001
Banned
Moj komp
 
Baja 001's Avatar
 
Datum registracije: Aug 2006
Lokacija: Split
Postovi: 7,504
Citiraj:
6.
>Access rule type: Apply to all clients
>Comment: svejedno
>Access level: custom
>Filtering mode: block (allow)
Ovo san jedva naša, mogli ste stavit Internet - Firewall - Access Control


Citiraj:
$(cp /mnt/usbmsd/share/usb_0/passwd /etc) ILI $(cp /mnt/usbmsd/share/usb_1/passwd /etc) [ovo ovisi o particiji koju ruter prepoznaje na usb sticku. odluku koji ćete string upotrijebiti donosite na temelju prethodnog pregleda u USB meniju rutera gdje se particija može pročitati]
>U alatnoj traci browsera odete na ALATI te skroz ispod uključite tamper data. Čim vam se otvori prozor tamper data kliknite START TAMPER.
Pripazite na to da ništa ne radite na internetu osim ovog namještanja rutera
>Pritisnite tipku ADD
>Iskočit će vam prozor. odznačite kvačicu na continue tamper i pritisnite tampering
>Kopirajte cijeli sadržaj iz kućice reda (CTRL+A) IGD.V_Firewall.FWSOFTCoded.%7Bl%7D.name
>Kopirani sadržaj zalijepite tamo di vam piše TCP (naravno da prethodno izbrišete TCP)
>Kliknite na 'u redu'

7. Izbrišite access rule koji ste napravili tako da kliknete na access control i ispod stisnete delete. (nakon ovoga pa do reboota admin pass će biti user)
OK zalipin string, dignen temper data. Nakon toga ADD i onda počmu pusti pop-upovi, nakon toga zamjena ona TCP. Sada me zanima šta sa temper data nakon toga, ako i kako doć do delete profila bez da potvrdin 800k puta temper data.

Na kraju toga prije SSH triba li router resetirat?

Proba san već par puta i stalno iman access denied, a neman dole spomenut fw nego stariji.


EDIT:
Sve rješeno. Ako neko ima problema sličnih neka javi, rado ću pomoć jer san ja skoro razbio svoga
EDIT2:
Ma skužio san sve to

Zadnje izmijenjeno od: Baja 001. 02.06.2011. u 03:16.
Baja 001 je offline   Reply With Quote
Staro 02.06.2011., 03:15   #642
Hackerivs
Premium
 
Datum registracije: Aug 2009
Lokacija: Middle of nowhere
Postovi: 451
ups, ovaj šesti korak sam ja prilikom edita progutao..
uglavnom negdje griješiš, a što se tiče tamper data da ne iskače 800k puta nakon koraka 6 možeš ugasiti tamper data.
ali sad moj iskreni savjet; uskoro dolazi novi tutorijal, sa novim firmwareom. U novom tutorijalu neće trebati usb a i lutanja u webguiju bit će upola smanjena.

dakle svima savjet da sačekate i da se strpite. uskoro ćemo izbaciti novi fw uz značajno brži i lakši tutorijal
Hackerivs je offline   Reply With Quote
Staro 03.06.2011., 01:09   #643
Andrija M
Premium
 
Datum registracije: Aug 2006
Lokacija: Zagreb
Postovi: 469
Citiraj:
Autor Hackerivs Pregled postova
U novom tutorijalu neće trebati usb
Nije valjda da ste uspjeli rasturiti root password ?
Andrija M je offline   Reply With Quote
Staro 03.06.2011., 04:13   #644
Baja 001
Banned
Moj komp
 
Baja 001's Avatar
 
Datum registracije: Aug 2006
Lokacija: Split
Postovi: 7,504
Citiraj:
U novom tutorijalu neće trebati usb
To san i ja jučer pokuša, ali bez obzira na dodjeljene ovlasti nisan moga kreirat folder priko ftpa
Baja 001 je offline   Reply With Quote
Staro 03.06.2011., 10:05   #645
.Delboy
Premium
 
.Delboy's Avatar
 
Datum registracije: May 2008
Lokacija: hr
Postovi: 755
Citiraj:
Autor Baja 001 Pregled postova
To san i ja jučer pokuša, ali bez obzira na dodjeljene ovlasti nisan moga kreirat folder priko ftpa
Probaj preko onog file servera, dodas isto onako user i pass (probaj isti kao i za ftp) i kad pita za onaj kao ime za share stavis nesto i to ce se pojaviti kao folder kad se spojis.
.Delboy je offline   Reply With Quote
Staro 03.06.2011., 13:53   #646
bcsaba
Registered User
 
Datum registracije: Jun 2011
Lokacija: Balmazújváros
Postovi: 11
Hi Guys!

Sorry, for english (not even sure if it is not against forum rules) but cant speak Crotian at all, found a way that makes SSH enabled way much easier (without USB needed at all) and read that for some it did not work due to firmware upgrade maybe new way will. (Siemens firmware has more holes than a Cheese). Going to test it a bit more then publish it once it works as i want it to.
bcsaba je offline   Reply With Quote
Staro 03.06.2011., 15:27   #647
Nikky
Moderator
 
Nikky's Avatar
 
Datum registracije: Sep 2006
Lokacija: St
Postovi: 23,544
Welcome to PC Ekspert Forum, english will be just fine
Inform as when you have something useful or progress.
Nikky je offline   Reply With Quote
Staro 03.06.2011., 16:54   #648
Hackerivs
Premium
 
Datum registracije: Aug 2009
Lokacija: Middle of nowhere
Postovi: 451
Citiraj:
Autor bcsaba Pregled postova
Hi Guys!

Sorry, for english (not even sure if it is not against forum rules) but cant speak Crotian at all, found a way that makes SSH enabled way much easier (without USB needed at all) and read that for some it did not work due to firmware upgrade maybe new way will. (Siemens firmware has more holes than a Cheese). Going to test it a bit more then publish it once it works as i want it to.
Hello!

We have a configfile that enables SSH. (no need for USB)
And we've also found a way to copy the passwd file into the device without USB.
A new tutorial will be published in a few days.
Hackerivs je offline   Reply With Quote
Staro 03.06.2011., 17:22   #649
bcsaba
Registered User
 
Datum registracije: Jun 2011
Lokacija: Balmazújváros
Postovi: 11
Replacing configfile resets whole config though.

Eighter way iam semi-ready and hopefully someone will find this useful too
If i did everything right this post should have an enablessh.txt attached to it, it is a php script as iam a lazy programmer (and as such need php to run).

Usage: php enablessh.txt (ipaddr) (web username) (web password) [new admin password]

Example: php enablessh.txt 192.168.1.1 operator operator (enables SSH)
php enablessh.txt 192.168.1.1 operator operator pwned (enables SSH and set administrator password to pwned)

What it does it connects to the router via webinterface, logs in and tell the router to enable ssh without any dirty hack, plus if 4th parameter given it changes administrator password too (even when logged in via subscriber account, Siemens did a really crappy work when it came to priviledge checking). As administrator login is needed to get a shell from SCM management console via sx762os or sx763os commands).

It might be done cleaner still though, any feedback appreciated as i only could try it on my SX763 as danube one already have wrt on.

PS:
For the ones do not trust the php script, it can be done via tamperdata method by tampering at Advanced Settings->Remote Management and adding the following elements (first enables ssh second change admin password):

X_set_IGD.V_SSH.Enable=1
Y_set_IGD.V_PasswordService.Administrator.Password=password

Where X is the next element of the last page post (mine is 4_set_IGD.V_WebServer.RemoteManagement.Interface so X would be 5 for me) and Y is X+1 and password is the urlencoded password you would like to administrator have.




Attached Files
File Type: txt enablessh.txt‎ (2.8 kB, 327 views)

Zadnje izmijenjeno od: bcsaba. 03.06.2011. u 18:20.
bcsaba je offline   Reply With Quote
Staro 03.06.2011., 18:35   #650
Hackerivs
Premium
 
Datum registracije: Aug 2009
Lokacija: Middle of nowhere
Postovi: 451
Well, you made a good job.
But, in our case, it's preety useless, because T-Com has locked LAN 3 and 4 to iptv with it's configfile.
The easiest way to unlock these locked LAN ports is to load a new config. Also, in our config we have disabled and removed T-Com remote maintenance.
I must also say that we, on Danube devices can't login into SSH /w administrator, only /w operator and subscriber. The sx763os trick does not work. That's why we must overwrite the passwd file.


Citiraj:
Autor Andrija M Pregled postova
Nije valjda da ste uspjeli rasturiti root password ?
Nismo. Ali čak i da imamo root password iz sigurnosnih razloga ga ne bismo smjeli pustiti van. Također bi i T-Com u tom slučaju radit probleme jer bi bili pogođeni SVI njihovi ruteri na optici.

Citiraj:
Autor Baja 001 Pregled postova
To san i ja jučer pokuša, ali bez obzira na dodjeljene ovlasti nisan moga kreirat folder priko ftpa
Novi način otključavanja nema veze ni s USB-om ni FTP-om.

Zadnje izmijenjeno od: Hackerivs. 03.06.2011. u 18:42.
Hackerivs je offline   Reply With Quote
Staro 03.06.2011., 18:40   #651
bcsaba
Registered User
 
Datum registracije: Jun 2011
Lokacija: Balmazújváros
Postovi: 11
Administrator login is disabled or just not have password for it? (If i remember good SCM does not have an option to disable administrator account, but might be wrong). I only made the script because router was reset (when was trying to change connection type from DSL to Ethernet, seems like this one not likes it, would been nice to have voip as do not think the one with WRT will ever have one (do not think 32mb will be enought for asterisk and the voip drivers alone, times even dsl driver running out of it)

sx763os trick does not work because that command need 0 uid/gid on retail boxes only administrator and root have that level of access (and root password is unknown (hopefully)), T-Com firmware might disable administrator account (though iam quiet sure they do not have password for root eighter) but that would break firmware compatibility with retail devices (think scm_app have administrator hardcoded into it quiet a few times), i do not tell script makes it easier, but if it have administrator account due to bug its password can be changed by any other subscriber/operator user, and once log on with that sx763os should give shell (that is due to firmware compatibility too).

Zadnje izmijenjeno od: bcsaba. 03.06.2011. u 19:23.
bcsaba je offline   Reply With Quote
Staro 03.06.2011., 19:19   #652
Hackerivs
Premium
 
Datum registracije: Aug 2009
Lokacija: Middle of nowhere
Postovi: 451
I think the Administrator login is disabled. On your website you wrote that the admin password is equal to the WebGui password. I've tried to do so many times but it still doesn't work.
Hackerivs je offline   Reply With Quote
Staro 03.06.2011., 19:29   #653
bcsaba
Registered User
 
Datum registracije: Jun 2011
Lokacija: Balmazújváros
Postovi: 11
Citiraj:
Autor Hackerivs Pregled postova
I think the Administrator login is disabled. On your website you wrote that the admin password is equal to the WebGui password. I've tried to do so many times but it still doesn't work.
That more means like unknown (its password not admin ) than "not exists", on retail device my script changes that password (what goes for administrator user/default web login) using fake admin_user subscriber or operator to do so (and that will never be done through config_file as it is stored elsewhere), what is funny/or sad as with operator/subscriber SCM in V_PasswordService Administrator not even visible (still it is there just only shown to administrator creditants, like sx763os), so siemens did a good job there, just messed up at the webpage.. Easy to check though if you cat /etc/passwd and administrator user in it then it is there.

Or cat /config/system_configfile_r

Here it shows:

IGD.V_PasswordService.Administrator.Password=1055268;adminlame
....

So administrator password set to adminlame (was testing script, this is what defaults to admin on retail devices), as the routers "firmware" compatible that would make me think, T-Com was setting up Administrator password for the device, so those routers defaults to admin too but as soon as scm_app loads it changes (like my case to adminlame right now).

Why hungarian T-Com cant give devices like this (they gave me a D-Link 360R "access device" not even sure where it is). By the way here they like to give really complex admin username/passwords like (Dlink/Bridge, Telindus/Bridge, .../Bridge) would make me laught if the password would be Bridge there too.

Zadnje izmijenjeno od: bcsaba. 03.06.2011. u 20:14.
bcsaba je offline   Reply With Quote
Staro 03.06.2011., 22:11   #654
.Delboy
Premium
 
.Delboy's Avatar
 
Datum registracije: May 2008
Lokacija: hr
Postovi: 755
Hi bcsaba.

You are right about sx763os working on administrator acc, just checked that and it works.
The reason why administrator password is not accepted is because there is a ssh public key located in /config/certs/pubkeys/administrator/ named 1copy1.
If any file is located at /config/certs/pubkeys/username/ than ssh server uses that for auth, and it ignores one from /config/system_configfile_r.

I assume that public key is only located in t-com and other branded fw-s, so by loading some older fw, which doesn't have that public key, it will accept web password and than we can get shell access.

About the voip on openwrt, it works ,even without asterix, ( check http://code.google.com/p/danube-voip/ ).

Zadnje izmijenjeno od: .Delboy. 03.06.2011. u 22:20.
.Delboy je offline   Reply With Quote
Staro 03.06.2011., 22:46   #655
bcsaba
Registered User
 
Datum registracije: Jun 2011
Lokacija: Balmazújváros
Postovi: 11
Citiraj:
Autor .Delboy Pregled postova
Hi bcsaba.

You are right about sx763os working on administrator acc, just checked that and it works.
The reason why administrator password is not accepted is because there is a ssh public key located in /config/certs/pubkeys/administrator/ named 1copy1.
If any file is located at /config/certs/pubkeys/username/ than ssh server uses that for auth, and it ignores one from /config/system_configfile_r.

I assume that public key is only located in t-com and other branded fw-s, so by loading some older fw, which doesn't have that public key, it will accept web password and than we can get shell access.
That explains why, sadly than script not really useful for any branded device. Seems like it doing same with here, just made the dirrectory and an empty 1copy1 and it did not accept password anymore. The problem with older firmwares that as far as i remember firmware updates never touch config jffs2 area.

Citiraj:
About the voip on openwrt, it works ,even without asterix, ( check http://code.google.com/p/danube-voip/ ).
When i will have patience to compile new trunk will give it a try, not sure how well it works now, my filesystem on an USB hdd, remember that was a major pain to reach (USB worked fine as a module, once compiled into the kernel, broke ADSL, had to mess with MEI load order to have both work, plus patch rootdelay into to wait until kernel detects harddrive), and that is just one thing not sure what works and not in trunk now.

Zadnje izmijenjeno od: bcsaba. 03.06.2011. u 22:54.
bcsaba je offline   Reply With Quote
Staro 04.06.2011., 15:45   #656
AviX
Registered User
 
Datum registracije: Feb 2011
Lokacija: Split
Postovi: 23
Pozdrav,

Nije mi jasan prijelaz iz koraka 5 u korak 6. Gdje se nalaze opcije opisane u koraku 6 ?
AviX je offline   Reply With Quote
Staro 04.06.2011., 15:50   #657
Baja 001
Banned
Moj komp
 
Baja 001's Avatar
 
Datum registracije: Aug 2006
Lokacija: Split
Postovi: 7,504
Advanced > Internet > Firewall >

I mene je to jebalo upočetku. I obavezno stavi nešto pod komentar.

Zadnje izmijenjeno od: Nikky. 04.06.2011. u 20:02.
Baja 001 je offline   Reply With Quote
Staro 04.06.2011., 19:12   #658
AviX
Registered User
 
Datum registracije: Feb 2011
Lokacija: Split
Postovi: 23
Uspio sam u medjuvremenu skuziti gdje je.
Sad sam se uspjesno logirao putem SSH sa username: operator i password: operator. Namjera mi je dodati staticke rute zato jer iza routera imam vise subnetova. Jel tko to uspio napraviti. Otisao sam u Layer3Forwarding. Postavio sam atribut V_AdvancedRoutingEnable na 1 (enabled). No ne mogu nikako pronaci gdje dodati staticke rute. Ako tko ima saznanja bio bih zahvalan.

Zadnje izmijenjeno od: Nikky. 04.06.2011. u 20:01.
AviX je offline   Reply With Quote
Staro 04.06.2011., 19:51   #659
Baja 001
Banned
Moj komp
 
Baja 001's Avatar
 
Datum registracije: Aug 2006
Lokacija: Split
Postovi: 7,504
root i operator, a ne operator i operator

Zadnje izmijenjeno od: Nikky. 04.06.2011. u 20:01.
Baja 001 je offline   Reply With Quote
Staro 04.06.2011., 20:52   #660
AviX
Registered User
 
Datum registracije: Feb 2011
Lokacija: Split
Postovi: 23
Pozdrav jos jednom,
Kod preimenovanja filea iz PASSWD u passwd ftp klijent javlja error RNFR command not allowed i datoteka ostane u PASSWD. Probao vise FTP klijenata. Neznam zasto se dogadja ovo ako je stavljen full access u GUI-u ?
AviX je offline   Reply With Quote
Odgovori



Pravila postanja
Vi ne možete otvarati nove teme
Vi ne možete pisati odgovore
Vi ne možete uploadati priloge
Vi ne možete uređivati svoje poruke

BB code je Uključeno
Smajlići su Uključeno
[IMG] kod je Uključeno
HTML je Uključeno

Idi na