|
ようやく穴は塞がれた?
root@LS-QL233:~# cd /boot root@LS-QL233:/boot# ls conf_save.tgz u-boot.buffalo hddrootfs.buffalo.updated.done u-boot.buffalo.org initrd.buffalo uImage.buffalo root@LS-QL233:/boot# ftp ude.yamasita.jp Connected to ude.yamasita.jp. 220 ude FTP server (GNU inetutils 1.5) ready. 500 'AUTH GSSAPI': command not understood. 500 'AUTH KERBEROS_V4': command not understood. KERBEROS_V4 rejected as an authentication type Name (ude.yamasita.jp:root): yasunari 331 Password required for yasunari. Password: 230- Linux ude 2.6.16.16-arm1 #37 Tue May 20 10:01:57 JST 2008 armv5tejl 230- 230- The programs included with the Debian GNU/Linux system are free software; 230- the exact distribution terms for each program are described in the 230- individual files in /usr/share/doc/*/copyright. 230- 230- Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent 230- permitted by applicable law. 230 User yasunari logged in. Remote system type is UNIX. Using binary mode to transfer files. ftp> cd /srv 250 CWD command successful. ftp> cd tftp 250 CWD command successful. ftp> ls 200 PORT command sucessful. 150 Opening ASCII mode data connection for '/bin/ls'. total 8924 drwxr-s--- 2 root 48 Mar 22 10:12 HS-DHGL_1.20 drwxr-s--- 2 root 48 May 27 21:32 LS-CHL_1.10 drwxrwxr-x 2 root 48 Jan 24 09:31 LS-CL+HackKit drwxr-sr-x 2 root 48 Mar 23 17:44 LS-CL_1.07 drwxrwsr-x 2 root 48 Mar 20 14:32 LS-GL_1.15 drwxr-sr-x 2 root 48 Mar 23 14:22 LS-HGL_1.07b drwxr-sr-x 2 root 48 Mar 23 13:31 LS-LGL_2.01 drwxrwxr-x 2 root 48 Feb 20 12:00 LS-QL_1.05+telnet drwxr-s--- 2 root 48 Mar 27 15:25 LS-QL_1.07b drwxr-sr-x 2 root 48 Mar 25 21:04 LS-WSGL_1.06 drwxrwxr-x 2 root 48 Jan 24 18:00 LS-XHL_1.02 drwxrwxr-x 2 root 64 Jan 24 22:17 LS-XHL_1.02+telnet drwxr-s--- 2 root 48 Mar 27 16:11 LS-XHL_1.04b drwxr-s--- 2 root 48 May 22 22:22 LS-XHL_1.10 -rw-r--r-- 2 root 7048817 Feb 23 17:14 initrd.buffalo -rw-r--r-- 2 root 2088760 May 27 21:32 uImage.buffalo 226 Transfer complete. ftp> mkdir LS-QL_1.10b 257 (unknown absolute name) new directory created. ftp> cd LS-QL_1.10b 250 CWD command successful. ftp> bin 200 Type set to I. ftp> hash Hash mark printing on (1024 bytes/hash mark). ftp> mput init* mput initrd.buffalo? y 200 PORT command sucessful. 150 Opening BINARY mode data connection for 'initrd.buffalo'. #############################################################略 226 Transfer complete. 7062268 bytes sent in 0.47 seconds (1.5e+04 Kbytes/s) ftp> mput uI* mput uImage.buffalo? y 200 PORT command sucessful. 150 Opening BINARY mode data connection for 'uImage.buffalo'. #############################################################略 226 Transfer complete. 2115388 bytes sent in 0.14 seconds (1.5e+04 Kbytes/s) ftp> bye 221 Goodbye. root@LS-QL233:/boot#
Debian GNU/Linux 5.0 ude login: yasunari Password: Last login: Sat May 30 13:47:20 JST 2009 from uxl.yamasita.jp on pts/0 Linux ude 2.6.16.16-arm1 #37 Tue May 20 10:01:57 JST 2008 armv5tejl The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. yasunari@ude:~$ cd /srv/tftp/ yasunari@ude:/srv/tftp$ ls HS-DHGL_1.20 LS-HGL_1.07b LS-WSGL_1.06 initrd.buffalo LS-CHL_1.10 LS-LGL_2.01 LS-XHL_1.02 uImage.buffalo LS-CL+HackKit LS-QL_1.05+telnet LS-XHL_1.02+telnet LS-CL_1.07 LS-QL_1.07b LS-XHL_1.04b LS-GL_1.15 LS-QL_1.10b LS-XHL_1.10 yasunari@ude:/srv/tftp$ rm initrd.buffalo uImage.buffalo rm: remove write-protected regular file `initrd.buffalo'? y yasunari@ude:/srv/tftp$ ls -l LS-QL_1.10b/ total 8968 -rw-r----- 1 yasunari root 7062268 Jun 6 09:57 initrd.buffalo -rw-r----- 1 yasunari root 2115388 Jun 6 09:58 uImage.buffalo yasunari@ude:/srv/tftp$ chmod 664 !$/* chmod 664 LS-QL_1.10b//* yasunari@ude:/srv/tftp$ ln !$ . ln LS-QL_1.10b//* . yasunari@ude:/srv/tftp$ ls -l total 8968 drwxr-s--- 2 yasunari root 48 Mar 22 10:12 HS-DHGL_1.20 drwxr-s--- 2 yasunari root 48 May 27 21:32 LS-CHL_1.10 drwxrwxr-x 2 root root 48 Jan 24 09:31 LS-CL+HackKit drwxr-sr-x 2 root root 48 Mar 23 17:44 LS-CL_1.07 drwxrwsr-x 2 yasunari root 48 Mar 20 14:32 LS-GL_1.15 drwxr-sr-x 2 root root 48 Mar 23 14:22 LS-HGL_1.07b drwxr-sr-x 2 root root 48 Mar 23 13:31 LS-LGL_2.01 drwxrwxr-x 2 root root 48 Feb 20 12:00 LS-QL_1.05+telnet drwxr-s--- 2 yasunari root 48 Mar 27 15:25 LS-QL_1.07b drwxr-s--- 2 yasunari root 48 Jun 6 09:58 LS-QL_1.10b drwxr-sr-x 2 yasunari root 48 Mar 25 21:04 LS-WSGL_1.06 drwxrwxr-x 2 root root 48 Jan 24 18:00 LS-XHL_1.02 drwxrwxr-x 2 root root 64 Jan 24 22:17 LS-XHL_1.02+telnet drwxr-s--- 2 yasunari root 48 Mar 27 16:11 LS-XHL_1.04b drwxr-s--- 2 yasunari root 48 May 22 22:22 LS-XHL_1.10 -rw-rw-r-- 2 yasunari root 7062268 Jun 6 09:57 initrd.buffalo -rw-rw-r-- 2 yasunari root 2115388 Jun 6 09:58 uImage.buffalo yasunari@ude:/srv/tftp$
root@LS-QL233:~# fdisk /dev/sda The number of cylinders for this disk is set to 19457. There is nothing wrong with that, but this is larger than 1024, and could in certain setups cause problems with: 1) software that runs at boot time (e.g., old versions of LILO) 2) booting and partitioning software from other OSs (e.g., DOS FDISK, OS/2 FDISK) Command (m for help): p Disk /dev/sda: 160.0 GB, 160041885696 bytes 255 heads, 63 sectors/track, 19457 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 1 125 1004031 83 Linux /dev/sda2 126 748 5004247+ 83 Linux /dev/sda4 749 19457 150280042+ 5 Extended /dev/sda5 749 873 1004031 82 Linux swap /dev/sda6 874 19354 148448601 83 Linux Command (m for help): d Partition number (1-6): 4 Command (m for help): d Partition number (1-4): 2 Command (m for help): d Selected partition 1 Command (m for help): p Disk /dev/sda: 160.0 GB, 160041885696 bytes 255 heads, 63 sectors/track, 19457 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table fdisk: WARNING: rereading partition table failed, kernel still uses old table: Device or resource busy root@LS-QL233:~#
: : Please Press HDD power button to continue ...電源ボタンを押す。
buffalo_change_power_status > Read 0x5c
buffalo_change_power_status > Writing 0x3a
HDD1 Power ON
HDD2 Power ON
HDD3 Power ON
HDD4 Power ON
Marvell Serial ATA Adapter
Integrated Sata device found
Port Multiplier found @ 0 0. Vendor: 11ab ports: 4
Device 0 @ 0 0 0:
Model: ST3160815AS Firm: 3.AAC Ser#: 6RA042ZG
Type: Hard Disk
Supports 48-bit addressing
Capacity: 152627.8 MB = 149.0 GB (312581808 x 512)
MAC Address on eth0 : 00:1D:73:A5:32:33
MAC Address read from block device 0 : 00:1D:73:A5:32:33
Using device ide0, partition 1
** Bad partition 1 **
serch_boot_drv (275)>No init_file 0
** Bad partition - 1:0 **
Using device ide1, partition 1
** Bad partition 1 **
serch_boot_drv (275)>No init_file 1
** Bad partition - 2:0 **
Using device ide2, partition 1
** Bad partition 1 **
serch_boot_drv (275)>No init_file 2
** Bad partition - 3:0 **
Using device ide3, partition 1
** Bad partition 1 **
serch_boot_drv (275)>No init_file 3
Lost all init_rd
FUNCTION SW を押す。
BUFFALO INC. LinkStation series LS-QL-EM233 login:無事 EM で起動してきた。
さっきは何で攻撃できひんかったんやろ。
|
|
← ファームウェア 1.10 βのインストール |
ハックの記録 LinkStation/玄箱 をハックしよう |
→ ファームウェア 1.10 βの散歩 |
