Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Router cant uncompress files #31

Closed
Jiaocz opened this issue Sep 4, 2020 · 7 comments
Closed

Router cant uncompress files #31

Jiaocz opened this issue Sep 4, 2020 · 7 comments

Comments

@Jiaocz
Copy link

Jiaocz commented Sep 4, 2020

When it uploaded config files (payload.tar.gz), it said "code":"1629:, msg is Error uncompressingm, the fies may damaged.
image
@acecilia
Copy link
Owner

acecilia commented Sep 4, 2020

I think that message is received every time, the exploit works anyway

@acecilia acecilia closed this as completed Sep 4, 2020
@Jiaocz
Copy link
Author

Jiaocz commented Sep 4, 2020

But after executing command, the message is "502 Bad Gateway" (Im using v0.0.1) and the web page wont work for a while, netcat wont receive anything either. Before I open this issue I have flash mir4a to factory setting with official firmware.

@Jiaocz
Copy link
Author

Jiaocz commented Sep 4, 2020

I found the reason, it is because that in the speedtest, some url can be accessed in my area, but if I replace some of these, then the message will become "Error speedtesting" but not Script executed.

@acecilia
Copy link
Owner

acecilia commented Sep 4, 2020

Make sure your network configuration is as simple as possible, that you are configuring the right IPs and that connection between your computer and the router is happening

@acecilia acecilia mentioned this issue Sep 7, 2020
Closed
@hstr0100
Copy link

hstr0100 commented Sep 10, 2020
edited

Not sure where to put this comment, but it should help whoever has the same problem as me:

On my 4A, versions 0.0.2 and 0.0.3 of the exploit did not work. the commands did get executed on the router but the telnet daemon did not run.
I managed to gain shell access on the firmware 2.28.132 by using netcat (version 0.0.1 of this exploit).

From there, I manually executed the exploit command and got the output "curl (51) error"
This means that for some reason my router wasn't able to verify the SSL certificate of the busybox download site, so from there everything failed.
by slapping --insecure to the curl command string I was able to successfully run the exploit v0.0.3.

So if you run into the same problem as me, append --insecure to https://github.com/acecilia/OpenWRTInvasion/blob/master/script.sh#L17 and have fun.
Some may critique the fact that we're ignoring the SSL certificate there, and that could be potentially dangerous, but this is no worse than "curl-ing" an insecure http:// url anyway, and there's not much to do to fix this problem anyway aside from including busybox into the payload I guess.

By doing this you also don't have to reset your router nor anything. it seems that this is the cause of most of the issues previously related here. so I hope this helps so we can get more people onboard custom firmwares for this router.

@acecilia
Copy link
Owner

@hstr0100 nice! Ill include --insecure in the script. Thanks!

acecilia added a commit that referenced this issue Sep 11, 2020
@acecilia
Add --insecure to the curl command, to avoid problems with SSL when t…
7bc75a6 
…he user runs the script in a complex network setup. See: #31 (comment)
@acecilia
Copy link
Owner

Also released new version 0.0.4 😄 https://github.com/acecilia/OpenWRTInvasion/releases/tag/0.0.4

@ramosisw ramosisw mentioned this issue Oct 20, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@acecilia @Jiaocz @hstr0100