JAWUG

RoDent::
Lemon and I have managed to find a way to get binaries onto the GigabyteAp, by using the firmware upgrade utility, but lying in the headers about the file checksum. This causes the file to be uploaded, and to live under /ramdisk/upgrade, from whence it can be untarred and executed. Unfortunately, the busybox executable I've built appears to run, but then promptly hang, so there's probably still something silly in the BRECIS build process. Back to hacking at hack night. Lemon --- I donot suggest playing around rite now with uploading your own files just wait a small while, when we get binaries uploaded and verify that they work 100% we will post them here along with step by step instructions on how to upload them so that you donot Brick your ap. ---

RoDent:: Wee! I've managed to build a new busybox executable for the GAP, using an extraordinarily complicated crosscompiling nightmare... Anyhow, http://rodent.za.net/files/busybox is a Gigabyte ready mips binary with wget, lsmod, netcat, telnet (client), uuen/decode, umount, uname, vi all built-in...

./busybox: ELF 32-bit MSB executable, mips-6 MIPS R3000_BE,
 version 1 (SYSV), statically linked, stripped

Now: How the hell do we get this thing ON the actual AP?

RoDent ---

Lemon--
Ok so I have managed to Fsk up the gigabyte web interface, DONOT overwrite index.html by using the command: echo "Hello World" > /wwwroot/index.ntml . It causes stuff to break :P Luckly that is all stored on a ram drive so just reboot the AP and its all fixed. Only one problem with that, the AP uses the web interface to reboot :P So just unplugging the thing works.
But from this excercise I have discovered that you can write webpages so it must be possible to compile some sort of a cgi script to allow for file upload, thus enabeling us to upload a telnet binary to it and properly fsk it up. I have checked out the Upload option on the web frontend, it refers to a binary cgi script so untill I can figure out how to "decompile" it and see the parameters I cannot use it for uploading files. Im still going to try though.
Oh well im off to break it some more... the only thought that keeps poping up now and then is... "Should I be playing with the AP that I rely on for my connection?"---

pookfuzz
Busy looking at what can be done with a Gigabyte gn-a16b access point. Like the others it is also based on a embedded linux system. See the gna16b page for the info.

Not really hacking but for lack of a generic Gigabyte hardware section ive put some pics of the USB dongle here. GN-WKBG

RoDent:: It looks like the Gigabyte AP's use a version of busybox that includes wget... Can someone check under /usr/bin/ or /bin if a symlink to busybox for wget exists?

Lemon --
Im creating a GigabyteB49GDirectoryListing page so you can see what I see :P ---

RoDent:: Ok, checking thru the built-source, it seems wget isn't enabled in the busybox, or busybox-msh version on the Gigabyte. Will have to find another hole :(

Lemon ---
Hmmm I am a little worried now... I showed RoDent how to get external access to my AP and now the web page is dead, but the sole fact that I am updating this page means that it is working... I will not touch it till I speak to him...

Lemon ---
REMOVED THIS NOTE BECAUSE IT WAS DANGEROUS AND DID NOT WORK :P
---

Lemon ---
OK we have successfuly loaded files onto the AP :P Now to get them to run ..... ---

TheRoDent --- %%

How to insert quoted/plain text into a wiki:

<code>
____test

</code>

Lemon ---
An update for you all.
To get your own files loaded onto the Gigabyte B49G access point following these steps should work. Please note: You could Brick your AP if something goes wrong so keep track of what you do and cleanup before you decide to reboot.

• Get your file ready that you want to put onto the AP
• Add the following Header to the File:

 __________B49GSPLITER__________KERNEL_IMG:

• Add the following Footer to the file at the end:

__________B49GSPLITER__________KERNEL_CHECKSUM:

with nothing following the :

• To add the header and footer I used vim but in windows you should be able to use wordpad, just remove the file extension so windows dosnt block the read/write access to the file header
• Now go to the gigabyte and use the upload firmware page (see why this could be dangerous ) Select your modifyed file and click upload.
• You will get an "Update Error!" reason: "File Format Error" Thats fine.
• Now if you check your /ramdisk/update/ folder there will be 2 files: kernel.md5sum annd kernel.img. the img file is the file you uploaded the md5sum is the md5sum of the file. You can now rename and play with the kernel.img file anywhere in the /ramdisk/ folder as that is the only Writable file system on the AP.

That will now allow you to put most of your files on the ap. Now for the fun part. How to get an executable on the AP and run it...

• First you WILL need a linux PC for this because you need to set the file ownership and group settings and you need to set it to executable.
• Set the Group and owner to 500:500
• Make the file executable
• tar it up ... this is important because the the file permissions do not get transfered if you simply upload the file with the correct properties.
• upload the file
• use the following command to extract it: ";cd /ramdisk/upgrade; tar xvf kernel.img" without the ""
• Now if all went well, your file is in the /ramdisk/upload/ directory and it is executable.

• http://search.yahoo.com/search?fr=slv1-&p=ntml+hello+world