La Foneras want an autoupdate
FON wants all La Foneras to update. Here is the shellcode to be executed:
cd /tmpIt will upgrade the La Fonera to 0.7.1 rev 1.
wget http://download.fon.com/firmware/update/0.7.0/4/upgrade.fon
/bin/fonverify /etc/public_fon_rsa_key.der /tmp/upgrade.fon
rm -f /tmp/.thinclient.sh
exit
Btw, if you want to have a look into the .fon files you can use this short unfonify.sh script:
#!/bin/shUsage: unfonify.sh upgrade.fon
SIZE=$(du -b $1 | cut -f1)
tail -c $((SIZE-519)) $1 > $1.tar.gz
It will cut off the first bytes containing the signature and generate a gzipped tarball, which you can easily extract.
WARNING: If you still waiting for your La Fonera and want to gain ssh access, you should NOT connect it to the internet. Just plug in the powercable, connect to the private network (the WPA key is the serial no.) and exploit it via the webinterface.
4 comments:
After exploiting La Fonera can I update firmware without losing SSH access?
mariomix: It depends. Some updates are full firmwares and some only replace some files. In the latter case you should not loose the SSH access. But the best way is to gain SSH access and do all updates manually (look into the fon files and do the needed changes).
hi,
when i connect la foneras to internet, can i retain SSH access?
The unfonify script is a bit inefficient. Here's one using the built-in dd:
dd if=upgrade.fon bs=1 skip=519 | tar -tvzf -
This lists the contents. Just use
dd if=upgrade.fon bs=1 skip=519 |tar -xvzf -
to unpack.
Post a Comment