hackkit:~# mkdir /tmp/root hackkit:~# mount /dev/sdb2 /tmp/root hackkit:~# cd /tmp/root hackkit:/tmp/root# ls bin boot dev etc home lib mnt proc root sbin share tmp usr var www hackkit:/tmp/root#
hackkit:/tmp/root# chroot . hackkit:/#
hackkit:/# insmod /lib/modules/mv7dxu2_d.ko hackkit:/# lsmod Opening /proc/modules: No such file or directory hackkit:/# mount /proc hackkit:/# lsmod Module Size Used by mv7dxu2_d 2984 0 hackkit:/#組み込めた。
hackkit:/# rmmod mv7dxu2_d hackkit:/# lsmod Module Size Used by hackkit:/# umount /proc hackkit:/# exit exit hackkit:/tmp/root#
hackkit:/tmp/root# tar cf - lib/modules/*.ko |(cd /usr/local/buffalo/; tar xvf -) lib/modules/averusb.ko lib/modules/mv7dxu2_0.ko lib/modules/mv7dxu2_1.ko lib/modules/mv7dxu2_2.ko lib/modules/mv7dxu2_3.ko lib/modules/mv7dxu2_d.ko lib/modules/v4l1-compat.ko lib/modules/v4l2-common.ko lib/modules/videodev.ko hackkit:/tmp/root# tar cf - sbin/insmod |(cd /usr/local/buffalo/; tar xvf -) sbin/insmod hackkit:/tmp/root#
hackkit:/tmp/root# chroot /usr/local/buffalo /sbin/insmod /lib/modules/mv7dxu2_d.ko hackkit:/tmp/root#というわけで、jail の中なら実行可能。
rmmod, lsmod もコピーしておく
hackkit:/tmp/root# tar cf - sbin/rmmod |(cd /usr/local/buffalo/; tar xvf -) sbin/rmmod hackkit:/tmp/root# tar cf - sbin/lsmod |(cd /usr/local/buffalo/; tar xvf -) sbin/lsmod hackkit:/tmp/root# chroot /usr/local/buffalo /sbin/rmmod mv7dxu2_d
hackkit:/tmp/root# tar cf - etc/init.d/module_loader.sh |(cd /usr/local/buffalo/; tar xvf -) etc/init.d/module_loader.sh hackkit:/tmp/root#実行
hackkit:/tmp/root# chroot /usr/local/buffalo /etc/init.d/module_loader.sh start chroot: cannot run command `/etc/init.d/module_loader.sh': No such file or directory hackkit:/tmp/root#/bin/sh がない、、、
hackkit:/tmp/root# chroot /usr/local/buffalo chroot: cannot run command `/bin/bash': No such file or directory hackkit:/tmp/root# ls -l bin/*sh lrwxrwxrwx 1 root root 7 Dec 23 15:51 bin/ash -> busybox -rwxr-xr-x 1 root root 619848 Dec 8 16:05 bin/bash lrwxrwxrwx 1 root root 7 Dec 23 15:51 bin/fdflush -> busybox lrwxrwxrwx 1 root root 4 Dec 23 15:51 bin/sh -> bash hackkit:/tmp/root#試しに chroot
hackkit:/tmp/root# chroot /usr/local/buffalo/ /bin/bash: error while loading shared libraries: libdl.so.2: cannot open shared object file: No such file or directory hackkit:/tmp/root#今度はライブラリが足りない。
hackkit:/tmp/root# ls -l lib/libdl* -rwxr-xr-x 1 root root 10480 Dec 8 16:06 lib/libdl-2.3.6.so lrwxrwxrwx 1 root root 14 Dec 23 15:51 lib/libdl.so.2 -> libdl-2.3.6.so hackkit:/tmp/root# tar cf - lib/libdl* |(cd /usr/local/buffalo/; tar xvf -) lib/libdl-2.3.6.so lib/libdl.so.2 hackkit:/tmp/root# chroot /usr/local/buffalo /bin/bash: error while loading shared libraries: libgcc_s.so.1: cannot open shared object file: No such file or directory hackkit:/tmp/root# ls -l lib/libgcc_s.so* lrwxrwxrwx 1 root root 13 Dec 23 15:51 lib/libgcc_s.so -> libgcc_s.so.1 -rw-r--r-- 1 root root 38036 Jan 31 2006 lib/libgcc_s.so.1 hackkit:/tmp/root# tar cf - lib/libgcc_s.so*|(cd /usr/local/buffalo/; tar xvf -) lib/libgcc_s.so lib/libgcc_s.so.1 hackkit:/tmp/root# chroot /usr/local/buffalo hackkit:/# exit exit hackkit:/tmp/root#揃ったかな。実行
hackkit:/tmp/root# chroot /usr/local/buffalo /etc/init.d/module_loader.sh start /etc/init.d/module_loader.sh: line 1: tr: command not found /etc/init.d/module_loader.sh: line 1: grep: command not found /etc/init.d/module_loader.sh: line 1: grep: command not found Opening /proc/modules: No such file or directory Opening /proc/modules: No such file or directory :今度は、tr や grep がないし、/proc もマウントされてないし、、、
hackkit:/tmp/root# vi /usr/local/buffalo/etc/init.d/module_loader.sh
:
:
hackkit:/tmp/root# diff -c etc/init.d/module_loader.sh /usr/local/buffalo/etc/init.d/module_loader.sh
hackkit:/tmp/root# diff -u etc/init.d/module_loader.sh /usr/local/buffalo/etc/init.d/module_loader.sh
--- etc/init.d/module_loader.sh 2006-10-12 16:16:54.000000000 +0900
+++ /usr/local/buffalo/etc/init.d/module_loader.sh 2007-02-19 16:00:46.000000000 +0900
@@ -3,47 +3,35 @@
#load PC-MV7xDX/U2 devices
load_mv7() {
for m7mod in mv7dxu2_d mv7dxu2_0 mv7dxu2_1 mv7dxu2_2 mv7dxu2_3; do
- isExist=`lsmod | grep $m7mod | grep -v grep`
- if [ "$isExist" = "" ]; then
insmod "/lib/modules/$m7mod.ko"
- fi
done
}
#unload PC-MV7xDX/U2 devices
unload_mv7() {
for m7mod in mv7dxu2_3 mv7dxu2_2 mv7dxu2_1 mv7dxu2_0 mv7dxu2_d; do
- isExist=`lsmod | grep $m7mod | grep -v grep`
- if [ "$isExist" != "" ]; then
rmmod $m7mod
- fi
done
}
#load PC-MV5xDX/U2 devices
load_mv5() {
for m5mod in videodev v4l2-common v4l1-compat averusb; do
- isExist=`lsmod | grep $m5mod | grep -v grep`
- if [ "$isExist" = "" ]; then
insmod "/lib/modules/$m5mod.ko"
- fi
done
}
#unload PC-MV5xDX/U2 devices
unload_mv5() {
for m5mod in averusb v4l1_compat v4l2_common videodev; do
- isExist=`lsmod | grep $m5mod | grep -v grep`
- if [ "$isExist" != "" ]; then
rmmod $m5mod
- fi
done
}
if [ $# -eq 0 ]; then
opt="start"
else
- opt=`echo $1 | tr '[A-Z]' '[a-z'`
+ opt=`echo $1`
fi
case "$opt" in
"start")
@@ -60,13 +48,13 @@
sleep 5
load_mv7
load_mv5
- ;;
+ ;;
*)
unload_mv5
unload_mv7
sleep 5
load_mv7
load_mv5
- ;;
+ ;;
esac
hackkit:/tmp/root#
hackkit:/tmp/root# chroot /usr/local/buffalo /etc/init.d/module_loader.sh start insmod: error inserting '/lib/modules/mv7dxu2_d.ko': -1 File exists insmod: error inserting '/lib/modules/mv7dxu2_0.ko': -1 File exists insmod: error inserting '/lib/modules/mv7dxu2_1.ko': -1 File exists insmod: error inserting '/lib/modules/mv7dxu2_2.ko': -1 File exists insmod: error inserting '/lib/modules/mv7dxu2_3.ko': -1 File exists insmod: error inserting '/lib/modules/videodev.ko': -1 File exists insmod: error inserting '/lib/modules/v4l2-common.ko': -1 File exists insmod: error inserting '/lib/modules/v4l1-compat.ko': -1 File exists insmod: error inserting '/lib/modules/averusb.ko': -1 File exists hackkit:/tmp/root#おっと、さっき実行したときにロードされたのか?
hackkit:/tmp/root# chroot /usr/local/buffalo /etc/init.d/module_loader.sh stop hackkit:/tmp/root# chroot /usr/local/buffalo /etc/init.d/module_loader.sh start hackkit:/tmp/root#OK。
hackkit:/tmp/root# chroot /usr/local/buffalo lsmod Opening /proc/modules: No such file or directory hackkit:/tmp/root# chroot /usr/local/buffalo mount /proc chroot: cannot run command `mount': No such file or directory hackkit:/tmp/root#あかんわ。
hackkit:/tmp/root# ls /proc/mv7dxu2 /proc/mv7dxu2 hackkit:/tmp/root#あるあるぅ!
hackkit:/tmp/root# cat !$ cat /proc/mv7dxu2 device00=nodevice device01=nodevice device02=nodevice device03=nodevice hackkit:/tmp/root#
hackkit:/tmp/root# cat /var/log/messages : : Feb 19 15:22:30 hackkit kernel: mv7dxu2_d: module license 'Proprietary' taints kernel. Feb 19 15:22:30 hackkit kernel: LSUVCd 2.0.2 [Dec 7 2006] Feb 19 15:22:30 hackkit kernel: LSUVC_init_proc - Returns Feb 19 15:22:30 hackkit kernel: usbcore: registered new driver mv7dxu2_d Feb 19 15:23:40 hackkit kernel: usbcore: deregistering driver mv7dxu2_d Feb 19 15:28:04 hackkit kernel: LSUVCd 2.0.2 [Dec 7 2006] Feb 19 15:28:04 hackkit kernel: LSUVC_init_proc - Returns Feb 19 15:28:04 hackkit kernel: usbcore: registered new driver mv7dxu2_d Feb 19 15:32:11 hackkit kernel: usbcore: deregistering driver mv7dxu2_d Feb 19 15:36:00 hackkit kernel: LSUVCd 2.0.2 [Dec 7 2006] Feb 19 15:36:00 hackkit kernel: LSUVC_init_proc - Returns Feb 19 15:36:00 hackkit kernel: usbcore: registered new driver mv7dxu2_d Feb 19 15:45:20 hackkit kernel: usbcore: registered new driver mv7dxu2_0 Feb 19 15:45:20 hackkit kernel: usbcore: registered new driver mv7dxu2_1 Feb 19 15:45:20 hackkit kernel: usbcore: registered new driver mv7dxu2_2 Feb 19 15:45:20 hackkit kernel: usbcore: registered new driver mv7dxu2_3 Feb 19 15:45:20 hackkit kernel: Linux video capture interface: v1.00 Feb 19 15:45:20 hackkit kernel: usbcore: registered new driver AVerMedia USB MPEG-2 Capture Feb 19 15:45:20 hackkit kernel: AVerMedia USB MPEG-2 Capture version 0.19 loaded Feb 19 16:02:52 hackkit kernel: usbcore: deregistering driver AVerMedia USB MPEG-2 Capture Feb 19 16:02:52 hackkit kernel: usbcore: deregistering driver mv7dxu2_3 Feb 19 16:02:52 hackkit kernel: usbcore: deregistering driver mv7dxu2_2 Feb 19 16:02:52 hackkit kernel: usbcore: deregistering driver mv7dxu2_1 Feb 19 16:02:52 hackkit kernel: usbcore: deregistering driver mv7dxu2_0 Feb 19 16:02:52 hackkit kernel: usbcore: deregistering driver mv7dxu2_d Feb 19 16:02:54 hackkit kernel: LSUVCd 2.0.2 [Dec 7 2006] Feb 19 16:02:54 hackkit kernel: LSUVC_init_proc - Returns Feb 19 16:02:54 hackkit kernel: usbcore: registered new driver mv7dxu2_d Feb 19 16:02:54 hackkit kernel: usbcore: registered new driver mv7dxu2_0 Feb 19 16:02:54 hackkit kernel: usbcore: registered new driver mv7dxu2_1 Feb 19 16:02:54 hackkit kernel: usbcore: registered new driver mv7dxu2_2 Feb 19 16:02:54 hackkit kernel: usbcore: registered new driver mv7dxu2_3 Feb 19 16:02:54 hackkit kernel: Linux video capture interface: v1.00 Feb 19 16:02:54 hackkit kernel: usbcore: registered new driver AVerMedia USB MPEG-2 Capture Feb 19 16:02:54 hackkit kernel: AVerMedia USB MPEG-2 Capture version 0.19 loaded Feb 19 16:08:57 hackkit kernel: usb 1-1: new high speed USB device using ehci_platform and address 2 Feb 19 16:08:57 hackkit kernel: LSUVC_Probe_dev0 - Vendor ID: 0x411; Product ID: 0x73; Interface Number: 0x0 Feb 19 16:08:57 hackkit kernel: LSUVC_Probe_dev0 - Loader device. Feb 19 16:08:57 hackkit kernel: LSUVC_LoadEzUsbFx2Firmware Feb 19 16:08:57 hackkit kernel: LSUVC_LoadEzUsbFx2Firmware - Returns Feb 19 16:08:57 hackkit kernel: LSUVC_Probe_dev0 - This IsDriverNo=0 Feb 19 16:08:57 hackkit kernel: ----------------------------------------------------- Feb 19 16:08:57 hackkit kernel: LSUVC_Probe_dev0 - Mount_process : 0 device num. Feb 19 16:08:57 hackkit kernel: ----------------------------------------------------- Feb 19 16:08:57 hackkit kernel: LSUVC_Probe_dev0 - Device: 0xc7be64e0 Feb 19 16:08:57 hackkit kernel: usb 1-1: USB disconnect, address 2 Feb 19 16:08:57 hackkit kernel: LSUVC_Disconnect_dev0 - Device: 0xc7be64e0 Feb 19 16:08:57 hackkit kernel: LSUVC_Disconnect_dev0 - Device Index: 0x0 Feb 19 16:08:57 hackkit kernel: stDevInfo[0].nStatus=0 Feb 19 16:08:57 hackkit kernel: LSUVC_Disconnect_dev0 - Returns Feb 19 16:08:59 hackkit kernel: usb 1-1: new high speed USB device using ehci_platform and address 3 Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev0 - Vendor ID: 0x411; Product ID: 0x6f; Interface Number: 0x0 Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev0 - This IsDriverNo=0 Feb 19 16:08:59 hackkit kernel: ----------------------------------------------------- Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev0 - Mount_process : 0 device num. Feb 19 16:08:59 hackkit kernel: ----------------------------------------------------- Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev0 - Bulk in endponit: 0x2; Bulk out endpoint: 0x6. Feb 19 16:08:59 hackkit kernel: LSUVC_AllocateResources Feb 19 16:08:59 hackkit kernel: LSUVC_AllocateResources - Result: 0 Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev0 - Device: 0xc7be64e0 Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev0 - Vendor ID: 0x411; Product ID: 0x6f; Interface Number: 0x1 Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev0 - Interface number is 0x1; Supported number is zero only. Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev1 - Vendor ID: 0x411; Product ID: 0x6f; Interface Number: 0x1 Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev1 - Interface number is 0x1; Supported number is zero only. Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev2 - Vendor ID: 0x411; Product ID: 0x6f; Interface Number: 0x1 Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev2 - Interface number is 0x1; Supported number is zero only. Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev3 - Vendor ID: 0x411; Product ID: 0x6f; Interface Number: 0x1 Feb 19 16:08:59 hackkit kernel: LSUVC_Probe_dev3 - Interface number is 0x1; Supported number is zero only.認識してそう。
hackkit:/tmp/root# cat /proc/mv7dxu2 device00=isdevice device01=nodevice device02=nodevice device03=nodevice hackkit:/tmp/root#いずでばいす!
|
← HS-DHGL: ハック de 録!!(4) |
ハックの記録 LinkStation/玄箱 をハックしよう |
→ HS-DHGL: ハック de 録!!(6)録画 |