Hacking y our por table Linux Ser ver Federico Lucifredi - - PowerPoint PPT Presentation

hacking y our por table linux ser ver
SMART_READER_LITE
LIVE PREVIEW

Hacking y our por table Linux Ser ver Federico Lucifredi - - PowerPoint PPT Presentation

Jul 20, 2023 409 likes •893 views

Hacking y our por table Linux Ser ver Federico Lucifredi disclaimer while the following w as conscientiousl y resear ched and verified , neither Linux Journal nor the a uthor will accept any liability if y ou render y our device

slide-1
SLIDE 1

Hacking y

  • ur

por table Linux Ser ver

Federico Lucifredi

slide-2
SLIDE 2

disclaimer

Federico Lucifredi MMIX

while the following w as conscientiousl y resear ched and verified, neither Linux Journal nor the a uthor will accept any liability if y

  • u render y
  • ur device

inoperable as a resul t of these instr uctions. Proceed a t y

  • ur own risk.
slide-3
SLIDE 3
  • riginS

Federico Lucifredi MMIX

slide-4
SLIDE 4

community

Federico Lucifredi MMIX

slide-5
SLIDE 5

Federico Lucifredi MMIX

slide-6
SLIDE 6

Procurement

Federico Lucifredi MMIX

slide-7
SLIDE 7

The Hardw are

Federico Lucifredi MMIX

slide-8
SLIDE 8

Federico Lucifredi MMIX

slide-9
SLIDE 9

Federico Lucifredi MMIX

slide-10
SLIDE 10

Federico Lucifredi MMIX

slide-11
SLIDE 11

Federico Lucifredi MMIX

slide-12
SLIDE 12

Federico Lucifredi MMIX

W a tts

slide-13
SLIDE 13

Federico Lucifredi MMIX

...morse code

slide-14
SLIDE 14

Federico Lucifredi MMIX

Inside

slide-15
SLIDE 15

Federico Lucifredi MMIX

(Ext-III ? USB?)

slide-16
SLIDE 16

Federico Lucifredi MMIX

O xford NAS

slide-17
SLIDE 17

Federico Lucifredi MMIX

O xford NAS

Oxford semiconductor OXE800 ARM 926EJ-S core VIA Cyclada Simpliphy vt6122 Gigabit Ethernet Hynix 32Mbit DDR SDRAM USB, SATA

slide-18
SLIDE 18

Federico Lucifredi MMIX

Micro

slide-19
SLIDE 19

Federico Lucifredi MMIX

Micro

Oxford semiconductor OXE800 ARM 926EJ-S core E: DSP enhancements J: Java extension (Jazelle) 200 MHZ, 98 bogoMIPS serials, USB, ethernet and more

slide-20
SLIDE 20

Federico Lucifredi MMIX

Ethernet

slide-21
SLIDE 21

Federico Lucifredi MMIX

ethernet

VIA Cyclada Simpliphy vt6122 Gigabit Ethernet “Our internal testing shows that the MyBook World’s will transfer at 24-40Mbps (3-5 MBps) on a local network. The drive does not move data quicker because that is the maximum thruput that the enclosure’s CPU can handle”--WD Support

slide-22
SLIDE 22

Federico Lucifredi MMIX

and these?

slide-23
SLIDE 23

First P ackets

Federico Lucifredi MMIX

slide-24
SLIDE 24

Setup

Federico Lucifredi MMIX

Boot WoW P ar tition ...or ca tch DHCP on the fl y ...or read DHCP tables ...or mDNS for _http._tcp P assword setup Log in to web UI WD Shared Storage Manager

slide-25
SLIDE 25

Web UI

Federico Lucifredi MMIX

WD Shared Storage manager

slide-26
SLIDE 26

Choose

Federico Lucifredi MMIX

RAID Mode? Defa ul t o (Striping) Option I (mirroring) Change triggers rebuild System p ar titions mirrored

slide-27
SLIDE 27

Federico Lucifredi MMIX

slide-28
SLIDE 28

Voiding W arranties

Federico Lucifredi MMIX

slide-29
SLIDE 29

Breaking in

Federico Lucifredi MMIX

Head to Mar tin Hinner’s site compose upda te URL http://martin.hinner.info/mybook/sshaccess.php trigger firmw are upda te (http://martin.hinner.info/mybook/files/latestfw.sh)

slide-30
SLIDE 30

Pitfalls

Federico Lucifredi MMIX

Many roads to false #fail Upda te will fail upda te will sa y nothing A ttempt SSH login y

  • ur username is UPPER

CASE! When sshd responding, success!

slide-31
SLIDE 31

Console

Federico Lucifredi MMIX

Make it permanent su - /etc/inittab ::sysynit:/ur/sbin/sshd cleanup and housekeeping /etc/p asswd, shadow, etc check /etc/sshd_config disable Mionet cleanl y

slide-32
SLIDE 32

Federico Lucifredi MMIX

Softw are

slide-33
SLIDE 33

Federico Lucifredi MMIX

dmesg

slide-34
SLIDE 34

Federico Lucifredi MMIX

ps axjf

slide-35
SLIDE 35

Federico Lucifredi MMIX

grand tour

kernel 2.6.17.14 Samba, NFS udhcpc, crond, syslogd, klogd, mDNSResponderPosix SSHd, lighttpd, ntpd, (telnetd), (tftpd)

slide-36
SLIDE 36

Federico Lucifredi MMIX

grand tour

No man pages Busybox ps, top, free, ifconfig, ... wget, rsync, tload, chroot, smartctl, nhfsstone, telnet, ssh, scp

slide-37
SLIDE 37

Federico Lucifredi MMIX

grand tour

gcc, g++, gmake awk Java ME Perl

slide-38
SLIDE 38

Federico Lucifredi MMIX

slide-39
SLIDE 39

discover y

Federico Lucifredi MMIX

slide-40
SLIDE 40

discover y

Federico Lucifredi MMIX

  • I. broadcast

use mdns limited to local link requires no external suppor t

HOWTO: http://primates.ximiam.com/~flucifredi/mybook_mDNS.html

slide-41
SLIDE 41

discover y

Federico Lucifredi MMIX

  • II. Announce

IM Direct Message Most versa tile option requires route to ser ver

HOWTO: full writeup in Linux Journal, issue of July

slide-42
SLIDE 42

discover y

Federico Lucifredi MMIX

  • III. Do it right

use DNS UPDA TE RFC MMCXXXVI Full Fledged internet node requires control of y

  • ur domain

HOWTO: http://primates.ximian.com/~flucifredi/dns-update.html

slide-43
SLIDE 43

Federico Lucifredi MMIX

Pla tform

You now have a very portable Linux system A very flexible, low-cost platform Discovery problem solved in all modes Cross compiling an option (where Perl not enough by itself :)

slide-44
SLIDE 44

Federico Lucifredi MMIX

Conclusions

A wondrous Hacking Platform WD very wise in designing, later opening the system for custom use (sells more!) Many services already HOWTO’d Join us in finding new great uses for it!

slide-45
SLIDE 45

Federico Lucifredi MMIX

resour ces

Linux Journal, July 2009 Resources section of said article! Wikidot (http://mybookworld.wikidot.com)

slide-46
SLIDE 46

Questions

Federico Lucifredi MMIX

contact e-mail:flucifredi@acm.or g twitter: federico_II

slide-47
SLIDE 47

Federico Lucifredi MMIX

(c) 2009 Federico Lucifredi (CC)A ttribution-Noncommer cial- No Deriv a tive Works 3.0