This maybe brick your ONT device, use at your own risk!
find an exploit in /etc/rc.d/rc.start/1.sdk_init.sh
, use kernel module .ko to run a shell script /mnt/jffs2/hw/getshell.sh
when system reboot.
mkdir -p /mnt/jffs2/TranStar/
cp -rf /lib/modules/hisi_sdk/* /mnt/jffs2/TranStar/
obj.id = "0x00000001" ; obj.value = "4";
cp getshell.ko to /mnt/jffs2/TranStar/hi_epon.ko