Safely Test if you are ready to launch a Firmware Upgrade Hack
Objective of this tutorial is to provide a safe test that uses the same mechanisms as the firmware upgrade hack for getting ssh access, but will do nothing on your Mybook except creating a file containing important information regarding your current configuration.
There is no risk to launch this test and i would recommend to launch it before any attempt to upgrade firmware with ssh hack.
- You must be able to connect to your PUBLIC share from your computer and browse your files : \\<Mybook>\PUBLIC
where <Mybook> is the ip address of your Mybook.
Test procedure :
launch internet Explorer
copy paste the following url by changing <MYBOOK> with your Mybook IP Address :
You will be redirected to the Western Digital "Shared Storage Manager" interface :
Click the button "Click to Download and install"
wait a few seconds ( typically 10 seconds1 ) :
the following message is displayed :
(It may report back that "Firmware failed to download - try later". However, still check for the .log file as described in the next step - it may be there.)
Connect to your PUBLIC share and check the log file \\<Mybook>\PUBLIC\MBWE-Get-In-test.log
This file should contain " Congratulation : Firmware upgrade test is successfull ! ! ! "
How To analyze other informations provided in the log file
This file may contain a line like :
#ssh stream tcp nowait root /usr/sbin/sshd sshd -i
the # means that ssh will NOT start automatically if you reboot your Mybook.
Typically, after a successfull ssh firmware upgrade, you should have a line like :
ssh stream tcp nowait root /usr/sbin/sshd sshd -i
Linux Users :
This list is the list of users that could be used to connect via PUTTY to your Mybook, using SSH.
Note that "root" could also be used in some cases, even if it is not listed.
Running processes :
The test log has a list of the processes running on the MyBook.
If some one is connected to your MyBook using SSH then a sshd process would appear in the list. However, if you run the MBWE-Get-In-test again after apply the hack - do not expect to see an sshd process running. You will only see a sshd process running if someone is connected using SSH. Absence of a sshd process in the MBWE-Get-In-test results does NOT mean the hack has failed.
This file is the full configuration of ssh.
interesting values to check are :
PermitRootLogin ==> indicates if "root " is allowed to connect via ssh
PermitEmptyPasswords ==> indicates if empty password is allowed
AllowUsers ==> an exhaustive list of users having the right to connect using ssh
Now that you have checked that your Mybook is able to perform Firmware upgrade hacks, you are ready to launch the Real Get in ssh hack.
Hope this tutorial will be Helpfull,