Not working with firmware 2.30.500 ( Xiaomi Mi Router 4A Gigabit Edition - chinese version 2023.11 )

Question

Not working with firmware 2.30.500 ( Xiaomi Mi Router 4A Gigabit Edition - chinese version 2023.11 )

Closed this issue 4 months ago · 1 comments

When I try with newest models shipped with firmware 2.30.500, it does not work unfurtunatly:

python3 remote_command_execution_vulnerability.py
Router IP address [press enter for using the default 'miwifi.com']: 192.168.31.1
Enter router admin password: ************
There two options to provide the files needed for invasion:
   1. Use a local TCP file server runing on random port to provide files in local directory `script_tools`.
   2. Download needed files from remote github repository. (choose this option only if github is accessable inside router device.)
Which option do you prefer? (default: 1)
****************
router_ip_address: 192.168.31.1
stok: 23eeba256f7499a5f92338d20a460ab5
file provider: local file server
****************
start uploading config file...
start exec command...
local file server is runing on 0.0.0.0:51743. root='script_tools'
Warning: the process has finished, but seems like ssh connection to the router is not working as expected.
* Maybe your firmware version is not supported, please have a look at https://github.com/acecilia/OpenWRTInvasion/blob/master/README.md#unsupported-routers-and-firmware-versions
* Anyway you can try it with: telnet 192.168.31.1

It does not seem to be possible to downgrade the firmware to 2.28.503, from the web interface either.

Answer 1 · 2024-05-21T08:54:32.000Z

Duplicate of #178