Root shell exploit for several Xiaomi routers: 4A Gigabit, 4A 100M, 4, 4C, 3Gv2, 4Q, miWifi 3C...
In this release:
Notify when detecting unsupported firmware (https://github.com/acecilia/OpenWRTInvasion/pull/148)
In this release:
In this release:
In this release:
This release includes a small bugfix for https://github.com/acecilia/OpenWRTInvasion/issues/48
Added support for SSH: after running the exploit, you will find an ssh server up and running
--insecure
option to the curl command that downloads busybox, to avoid problems with SSL when the user runs the script in a complex network setup. See: https://github.com/acecilia/OpenWRTInvasion/issues/31#issuecomment-690755250
This version adds a FTP server at port 21, so you can get access to the filesystem using a GUI (for example cyberduck).
The exploit will start a telnet server connection:
Pros:
Cons:
busybox
binary in order to start telnetd
root
account will be reset to none
The exploit will open a shell using netcat:
Pros:
Cons: