20-05-2021, 12:53 PM
I pwned my day-to-day cable modem. (I am the owner of the modem)
It has open ssh port on LAN. I found password from configuration backup. So I can log in. It has shell with prompt
RG_Console>
I can elevate privileges with su-command and then prompt switches to
RG>
With switchCpuConsole-command prompt changes to
CM_Console>
And also here is su-command and it has prompt
CM>
Based on 'show version' this is eCos:
Broadcom Corporation Reference Design
Standard Embedded Target Support for BFC
eCos BFC Application Layer
eRouter Dual Stack
Broadcom eRouter Customer Extension
With command
non-vol/msc/linuxTelnet 1
I can enable telnet for Linux-side (from LAN). Which is Linux 2.6.30 mips GNU/Linux
I have couple of questions:
Where to find more info about using this eCos? First I would like to do packet capture. Linux-side has tcpdump but it is not seeing the uplink interface.
In RG>
Forwarder/log_packets true
This will start showing packets on the screen and then box freezes (too overloaded?). As far as I know the eCos doesn't have a concept of files but is there still some kind of way to create pcap-files (or similar) and get them to the computer?
In Linux-side I found (maybe legacy) script which have been used to fetch pcap from eCos to Linux:
wget http://192.168.1.1/log_packets.pcap
That is causing error on eCos-side (same than any other 404)
[HttpServerThread] BcmUpnpIfManager::HandleGetRequest: (UpnpIfManager on IP Stack5) ERROR - Unable to find corresponding service bridge for URL: /log_packets.pcap
I'm pretty sure that my operator and manufacturer of modem will not answer if I'm asking for them.
It has open ssh port on LAN. I found password from configuration backup. So I can log in. It has shell with prompt
RG_Console>
I can elevate privileges with su-command and then prompt switches to
RG>
With switchCpuConsole-command prompt changes to
CM_Console>
And also here is su-command and it has prompt
CM>
Based on 'show version' this is eCos:
Broadcom Corporation Reference Design
Standard Embedded Target Support for BFC
eCos BFC Application Layer
eRouter Dual Stack
Broadcom eRouter Customer Extension
With command
non-vol/msc/linuxTelnet 1
I can enable telnet for Linux-side (from LAN). Which is Linux 2.6.30 mips GNU/Linux
I have couple of questions:
Where to find more info about using this eCos? First I would like to do packet capture. Linux-side has tcpdump but it is not seeing the uplink interface.
In RG>
Forwarder/log_packets true
This will start showing packets on the screen and then box freezes (too overloaded?). As far as I know the eCos doesn't have a concept of files but is there still some kind of way to create pcap-files (or similar) and get them to the computer?
In Linux-side I found (maybe legacy) script which have been used to fetch pcap from eCos to Linux:
wget http://192.168.1.1/log_packets.pcap
That is causing error on eCos-side (same than any other 404)
[HttpServerThread] BcmUpnpIfManager::HandleGetRequest: (UpnpIfManager on IP Stack5) ERROR - Unable to find corresponding service bridge for URL: /log_packets.pcap
I'm pretty sure that my operator and manufacturer of modem will not answer if I'm asking for them.