-
Notifications
You must be signed in to change notification settings - Fork 281
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MI Router 4A (Gigabytes) Version 2.30.500 is not supported #178
Comments
Same issue here ;( did you fix it?? |
You can check out #141. Follow the guide on how to use nc to get a busybox with telnetd support to the system. Then you can open telnetd to access the shell. Basically, the problem with the stock firmware is that it has dropbear removed. Though the stock busybox has telnetd packaged in, it is difficult to get it to run (at least in my case). So the solution is to get a newer version of busybox with telnetd properly set up already. A few tips and caveats:
|
Works, please go to: #155 (comment) Change the DHCP to use lower port or just restore the settings using this backup: |
Same issue, r4ag v2 chinese edition, updated to 2.3.500 from 2.30.28 but script won't work on ubuntu (booted on separate pc) Tried URL execution https://github.com/acecilia/OpenWRTInvasion/issues/141#issuecomment-1465561959 , but busybox presented in post won't seem to start after executing 'chmod a+x /tmp/split/$$/tmp/split telnetd` cause telnet won't accept connection. |
Issue: SSH connection not working after script execution Hi, I’m experiencing issues when trying to run the OpenWRT Invasion script on my Xiaomi Mi Router 4A Gigabit Edition (Firmware version 2.30.500). After executing the script, I receive the following message: `dmitrybelyakov@dmitry-5 OpenWRTInvasion % python3 remote_command_execution_vulnerability.py
router_ip_address: miwifi.com start uploading config file...
I've tried using Telnet, but I'm getting "Connection refused". Does anyone have any advice on how to resolve this, or is there something specific I should check with my router's firmware version? Thanks for your help! |
@DmitryBLKV the router firmware version can be found at the bottom of the admin once logged in, it's in the form of 2.30.XX indicating it's a RAGv2. Once you've hit that stage of the exploit, you need some more extra steps. So created a much easier shell script for 2.30.28 and documented the commands to send, check out #141 (comment). I also completed the openWRT installation after and updated the post above, though it totally is a simpler rewrite of https://github.com/MrTaiKe/Action_OpenWrt_Xiaomi_R4AGv2 |
OpenWRTInvasion % python3 remote_command_execution_vulnerability.py
/Users/xxx/Library/Python/3.9/lib/python/site-packages/urllib3/init.py:34: NotOpenSSLWarning: urllib3 v2.0 only supports OpenSSL 1.1.1+, currently the 'ssl' module is compiled with 'LibreSSL 2.8.3'. See: urllib3/urllib3#3020
warnings.warn(
Router IP address [press enter for using the default 'miwifi.com']:
Enter router admin password: xxxxxxxxx
There two options to provide the files needed for invasion:
script_tools
.Which option do you prefer? (default: 1)1
router_ip_address: miwifi.com
stok: xxxxxxxxxxxxxxxxxxxxxxxxx
file provider: local file server
start uploading config file...
start exec command...
local file server is runing on 0.0.0.0:57270. root='script_tools'
Warning: the process has finished, but seems like ssh connection to the router is not working as expected.
The text was updated successfully, but these errors were encountered: