Tag Archive for 'Fon'

Hacer backup de una Fonera

Published
by
alex
on Tuesday December 18th, 2007
in Fon & La Fonera
. Comments

Teniendo acceso por SSH a una Fonera, se puede hacer un tar de los ficheros de la fonera directamente a otra maquina (por si no cupiera en la propia fonera):

ssh root@fon01 "cd /; tar cvf - bin etc lib sbin tmp var jffs rom usr www" | gzip -9 > /tmp/fon01.tar.gz

Tambien se puede usar algo parecido para replicar el SO de una Fonera en un Linux:

$ mkdir /tmp/fon01
$ cd /tmp/fon01
$ ssh root@fon01 "cd /; tar cvf - bin etc lib sbin tmp var jffs rom usr www" | tar xvf -

Esto ultimo puede ser util para verificar desde el Linux que una actualizacion de Fon no va a machacar ficheros de la Fonera que hayamos tocado nosotros antes.

ShareThis / Compartelo

Syslog remoto para la Fonera

Published
by
alex
on Monday December 10th, 2007
in Fon & La Fonera and Unix & Linux
. Comments

Para habilitar el syslog remoto de nuestra Fonera a un servidor de Syslog que tengamos:

fon01# vi /etc/init.d/rcS

Modificamos la linea del syslog por

syslogd -C 16 -L -R 192.168.X.Y

Donde 192.168.X.Y seria la IP de nuestro servidor de syslog.

Reiniciamos el syslog de la fonera:

ps -ef| grep syslog
kill

y lo lanzamos manualmente:

syslogd -C 16 -L -R 192.168.X.Y

En el syslog de nuestro servidor de syslog veremos:

server$ tail -f /var/log/syslog
...
Dec 10 20:22:50 fon01 syslog.info syslogd started: BusyBox v1.1.3
...

Por cierto, para leer el syslog desde la fonera:

fon01# logread
Dec 10 20:22:50 fon01 syslog.info syslogd started: BusyBox v1.1.3
...

De esta forma los logs no se pierden!

ShareThis / Compartelo

How does the Fonera updates itself?

Published
by
alex
on Saturday April 28th, 2007
in Fon & La Fonera and Unix & Linux
. Comments

Let’s see how the Fonera automatically updates itself.

Enter you La Fonera (by SSH). Edit your cron jobs and you’ll see that every day your Fonera runs the following command:

<pre>root@fon01:~# crontab -l
0 * * * * /bin/thinclient cron</pre>

During startup, your Fonera also runs “/bin/thinclient start” from /etc/init.d/N40thinclient.

Let’s see what is that thinclient about:

Firts, check that the last line of /bin/thinclient is commented, like this:

<pre># . /tmp/.thinclient.sh</pre>

Then, run the following command (It won’t upgrade your Fonera!)

<pre>root@fon01:~# sh -x /bin/thinclient start

+ echo mode=’start’ wlmac=’00:18:84:XX:XX:XX’ mac=’00:18:84:XX:XX:XX’ fonrev=’2′ firmware=’0.7.1′ chillver=’1.0-1′ thclver=’1.0′ device=’fonera’
+ ssh -T -p 1937 -i /etc/dropbear/key openwrt@download.fon.com
root@fon01:~#
</pre>

(I’ve XX’ed my MAC addresses for obvious privacy reasons).

So, here is how the Fonera start an automatic upgrade: it send by ssh some information about itself: macs, version and revision… What for?

The result of the last command is written into the /tmp/.thinclient.sh file, which is then supposed to be launched. Let’s look at it:

<pre>root@fon01:~# cat .thinclient.sh
cd /tmp
wget http://download.fon.com/firmware/update/0.7.1/2/upgrade.fon
/bin/fonverify /etc/public_fon_rsa_key.der /tmp/upgrade.fon

rm -f /tmp/.thinclient.sh

exit
</pre>

Ok, the the next step of the upgrade is to get the upgrade.fon file from FON, check it’s authenticity and extract it (fonverify)

From a Linux box (not my Fonera), I wget the file and run a hacked version of fonverify (skipping the verification of the file and only extracting it).

Running the fonverify scripts in my Linux, we will get the actual update tarball (in that case: upgrade_0713.tgz) and we will be able to see what it affects in our Fonera:

<pre>alegrome$ tar ztf upgrade_0713.tgz
bin/
bin/thinclient
etc/
etc/init.d/
etc/init.d/N45ntpclient
etc/functions.sh
etc/fon_revision
etc/banner
usr/
usr/lib/
usr/lib/webif/
usr/lib/webif/validate.awk
usr/lib/qos.sh
usr/bin/
usr/bin/haserl
www/
www/cgi-bin/
www/cgi-bin/webif/
www/cgi-bin/webif/adv_net.sh
www/cgi-bin/webif/adv_pf.sh
www/cgi-bin/webif/adv_wifi.sh
www/cgi-bin/webif/connection.sh
www/cgi-bin/webif/language.sh
www/cgi-bin/webif/password.sh
www/cgi-bin/webif/private.sh
www/cgi-bin/webif/public.sh
www/cgi-bin/webif/upgrade.sh
alegrome$
</pre>

Notice that the update from 7.1r2 to 7.1r3 modifies the /bin/thinclient script, what actually re-enabled the automatic updates! Beware of it.

ShareThis / Compartelo

Fin de la promocion “Fonero Gets Fonero”?

Published
by
alex
on Sunday April 15th, 2007
in Fon & La Fonera
. Comments

La promocion “Fonero Gets Fonero” (FGF) era una promocion de Fon con la cual un Fonero tenia invitaciones para regalar Foneras gratis a sus amigos.

Al entrar en nuestra userzone de Fon, hemos podido comprobar que el boton Fonero Gets Fonero ha desaparecido. Aun asi, es posible acceder a la pagina, con este link, pero esta informa que no tenemos mas invitaciones disponibles.

Por lo visto, segun comentan en este post del Foro de Fon, la promocion se habria acabado.

Lastima, porque el concepto molaba… aun asi, hemos podido aprovecharla un poco.

ShareThis / Compartelo

Shell access (ssh) on your Fonera

Published
by
alex
on Sunday March 4th, 2007
in Fon & La Fonera
. Comments

Movimiento FONRight after receiving my free La Fonera social router, I plugged it into my local home network, and registred it, as explained in the provided guide. The problem (I knew it later), is that when the Fonera boots, it connects to Fon and upgrades itself (and reconfigures itself also).

So, as I plugged my Fonera to Internet, it upgraded to the latest firmware revision, for which there is no known hack to get ssh shell access.

Today I searched for a way to succesfully downgrade my Fonera to it’s original firmware.

After trying several ways (found on the Internet) with no success, this is the way that finally worked for me:

* Configure your PC with ip 169.254.255.2/24
* Connect your PC and the Fonera with a direct cable (straight or crossover ethernet, doesn’t matter, the Fonera is smart enough)
* Press the reset button (down the fonera) for 20 seconds
* Release the button
* From the PC, ping 169.254.255.1 (As it cannot get any DHCP IP, the Fonera autoconfigure it’s eth0:1 with this zeroconf IP).
* Wait till it’s reachable (approx 2mn)

When the IP is reacheable (when the Fonera answers the ping requests), you can now apply the following hack:

Create on your PC 2 html files, with the following content:

step1.html:

step2.html

Now, open step1.html with your favorite browser and click the submit button (if your are asked for login/passwd, unless you changed it, try admin/admin). Once done, do the same with step2, and submit.

The dropbear ssh deamon should now be open on your Fonera! You can get a shell inside your Fonera: connect by ssh to 169.254.255.1 (port 22): user root and password admin, unless you changed it (the same passwd as the web UI).

Final steps are:

* Activate ssh permanently :

root@OpenWrt:~# mv /etc/init.d/dropbear /etc/init.d/S50dropbear

* Unlock firewalling rules :

root@OpenWrt:~# vi /etc/firewall.user

* Uncomment the following :

iptables -t nat -A prerouting_rule -i $WAN -p tcp --dport 22 -j ACCEPT
iptables -A input_rule -i $WAN -p tcp --dport 22 -j ACCEPT

* Deactivate automatic Fonera updates :

root@OpenWrt:~# vi /bin/thinclient

* Comment the following line (last one) :

#. /tmp/.thinclient.sh

At this point I had some troubles with the Fonera not catching IP by DHCP. By advice of another fonero-geek and friend (Ivan!), I set up the Fonera to use a static IP (using the MyPlace web UI), and everything worked fine. Eventually this morning I changed back the Fonera to get it’s IP by DHCP and it actually worked too.

Some sources that inspired me a lot (and more):
http://imil.net/docs/fonera-ssh.txt
http://blog.blase16.de/2006/11/28/Hacking-Fonera

ShareThis / Compartelo

Close
Powered by ShareThis