1.1 KiB
Xiaomi 4a Gigabit Edition flashen
https://openwrt.org/inbox/toh/xiaomi/xiaomi_mi_router_4a_gigabit_edition
OpenWRTInvasion|master ⇒ python3 remote_command_execution_vulnerability.py
Router IP address [press enter for using the default 192.168.31.1]: stok: feccc88fbd7980bd3ea14910084d9xyz
router_ip_address: 192.168.31.1 stok: feccc88fbd7980bd3ea14910084d9xyz
start uploading config file... start exec command... done! Now you can connect to the router using several options: (user: root, password: root)
- telnet 192.168.31.1
- ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc -o UserKnownHostsFile=/dev/null root@192.168.31.1
- ftp: using a program like cyberduck
root@XiaoQiang:~# ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc -o UserKnownHostsFile=/dev/null root@192.168.31.1
root@XiaoQiang:~# cd /tmp
root@XiaoQiang:/tmp# mtd -e OS1 -r write gluon-1.6.x-dev-xiaomi-mi-router-4a-sys
upgrade.bin OS1 Unlocking OS1 ... Erasing OS1 ...
Writing from gluon-1.6.x-dev-xiaomi-mi-router-4a-sysupgrade.bin to OS1 ...
Rebooting ...