Warning: the process has finished, but seems like ssh connection to the router is not working as expected.

[Benjeny]

Hello, is there someone who can help me ? First of all, thank you for your work. I am trying to use the exploit on a Xiaomi Mi4A (Gigabit Edition) router, chinese version, firmware Version 2.28.62 The goal is to flash openwrt.

I have connected my MAC directly to the Mi router (192.168.31.1),followed the video(https://www.youtube.com/watch?v=SLbkce-M2nE&list=PL_Z5kQQ5KSSXOenNFFUOq2qMdOYEzRngq&index=12) of Youtuber, Hoddys Guides,steped by steped. When the viedo at 12:22, showed that"Warning: the process has finished, but seems like ssh connection to the router is not working as expected....", what happened? how and why?

[freddysolorzano]

I have the same problem but with an r4a router manufactured in 2023.5 with firmware 2.30.28

[AddaxSoft]

same on 2.30.28; this exploit command seems to be working and it does reboot the router, but when running the full exploit chain it fails.

http://192.168.31.1/cgi-bin/luci/;stok={{{STOK}}}/api/misystem/set_config_iotdev?bssid=XXXXXX&user_id=XXXXXX&ssid=-h%0Areboot%0A

• router model: r4a Chinese (gigabit edition)
• firmware version 2.30.28

[RadioOperator]

If fw 2.30.28 is the same hardware (Xiaomi 4A v2) with 2.30.20, maybe this issue would help: https://github.com/acecilia/OpenWRTInvasion/issues/141

[AddaxSoft]

yes it does help as I already mentioned above the initial RCE exploit works (the router reboots) but when the exploit is chained (binary upload, and trying to execute it later for telnet access) something breaks in between

[RadioOperator]

try to downgrade to 2.30.20 firmware.

[imakiro]

Same issue with Router Mi Router 4A Giga Version, version 3.0.27 Setting up a proxy didn't help : https://github.com/acecilia/OpenWRTInvasion/issues/185