826-x-ip-camera icon indicating copy to clipboard operation
826-x-ip-camera copied to clipboard

Published 20 hours ago verified publisher icon btsimonh

Root Login requires password

Open Aragur opened this issue 3 years ago • 12 comments

Hey I followed all the steps on the Step by Step guide.
However after setting the debug flag a root password is still required.
What can I do? (All commands ran without an error)

Aragur avatar Aug 01 '20 13:08 Aragur

Can you update your camera FS? Can you boot your camera in dev mode?

MatteoGheza avatar Aug 01 '20 18:08 MatteoGheza

Yes I can.

How can I verify that I'm in Dev mode?

Aragur avatar Aug 01 '20 18:08 Aragur

In wiki: Be aware, that it will prevent the CAM from fully starting up - but you'll be able to access the CAM via the UART adapter without password. just enter root as username at the login prompt.

MatteoGheza avatar Aug 01 '20 18:08 MatteoGheza

https://github.com/btsimonh/826-x-ip-camera/wiki/Step-by-Step-Guide#workaround-to-gain-root-access (from wiki)

MatteoGheza avatar Aug 01 '20 18:08 MatteoGheza

Yes I did this.
Cam is not booting,I see a login shell via UART.
When I enter root I need a password.

Aragur avatar Aug 01 '20 19:08 Aragur

Can you try empty password?

MatteoGheza avatar Aug 01 '20 19:08 MatteoGheza

I tried pressing return. "Password incorrect"

Aragur avatar Aug 02 '20 10:08 Aragur

@btsimonh

MatteoGheza avatar Aug 02 '20 11:08 MatteoGheza

seems they may have set a root password... If you extracted the user jffs2 partition, you could examine it to see if there is anything executable in it which you could modify to run a similar passwd reset to the script I gave an example of.... just be aware that it's an older jffs2 - small changes seem to work ok with the later fs drivers, but major changes fail. So watch your logs after applying a mod, and keep a backup.

btsimonh avatar Aug 03 '20 06:08 btsimonh

@btsimonh

I cannot find any executable:

total 20
drwxr-xr-x 4 root  root      0 Jan  1  1970 ./
drwxr-xr-x 3 simon users  4096 Aug  1 14:24 ../
-rw-r--r-- 1 root  root    174 Oct 28  2017 dev_id.json
-rw-r--r-- 1 root  root      0 Aug  1 14:20 flag_debug_dev_start
-rw-r--r-- 1 root  root      6 Jan  1  1970 flag_sensor_model
-rw-r--r-- 1 root  root      0 May 12  2018 flag_sys_ok_audio_off
-rwxr-xr-x 1 root  root   2807 May 13  1971 gmlib.cfg*
drwxr-xr-x 2 root  root      0 Jan  4  2019 important_data/
-rwxr-xr-x 1 root  root  10488 Jan  4  2019 sbull.ko*
-rw-r--r-- 1 root  root     20 Jun 16 19:31 test_log_reboot
-rw-r--r-- 1 root  root     44 Jan  4  2019 upgrade_patch_info

Directory important_data:

total 7
drwxr-xr-x 2 root root    0 Jan  4  2019 ./
drwxr-xr-x 4 root root    0 Jan  1  1970 ../
-rwxrwxrwx 1 root root 6932 Nov  9  2018 feed_dog*

Aragur avatar Aug 03 '20 08:08 Aragur

You can hijack almost any process or linux exectubale ad create a kind of wrapper for it also resetting the password. Or, maybe easier, replace the password hash in the /etc/shadow file... but it might be located on another partition as the user one.

NightDragon1 avatar Aug 05 '20 18:08 NightDragon1

Hey,

I'm completely stuck I don't know what I should do next..

Replaceing the shadow file didn't work, because on every reboot a new password is generated..

Aragur avatar Aug 24 '20 10:08 Aragur