threat9
kaon-dg2100cr
okay so lets be clear I wanted to exploit this router to use it with openwrt or get at least root and open ports
its embed device made somewhere in china for company O2
- no public firmware
- shitty app for generating password
- softAtHome i dont know what is that
- for me alone impossible to exploit it
if someone wants to help me i can setup remote connection (AKA remote desktop) and you can check what is going on
I know it does not follow rules how to make issue but hey i dont want to throw it to trash so at least i tried to find help :D
thing i found with inspect in chrome
BUILD_CUSTOMER: 'o2', BUILD_PROJECT: 'pexeso', BUILD_HARDWARE: 'kaon-dg2100cr', SESSION_DURATION: '600'
unknown user: install password to it: unknown sadly
usage of 10.0.1.138/ws prolly backend of web server
/sysbus
prolly sys log
It seems openwrt is not supported on this broadcom chip.
https://openwrt.org/docs/techref/hardware/soc/soc.broadcom.bcm63xx
Personally, I am also interested in this problem and the question is whether it would be enough to get the firmware for the classic version (not O2). Kaon used to sell the device normally, so I assume there won't be SW locked in those versions of it.
@WallcroftUK may i have a screenshot of the web interface ? and if you could paste the entire source of the index would be even better.
Anyway, without having the firmware, probably your best try would be via UART (but soldering it's needed) interface.
any progress on this? maybe default firmware from kaon?
also there is something really weird about one-time password application is able to generate it even offline just connected to wifi of smartbox
it is also always 6 digits long and rotates every 1 minute... box is able to generate that password even when it is not connected to internet
