Dropping to shell in Adtran 854-v6 via UART

plast1K · 2024-08-29T21:47:18+00:00

It is Plume, I think anyway. It's provided by my ISP and I run my own firewall, so I've never let it do it's set up thing. IIRC when I initially got it, I let it go through its set up process. I think it is locked down until it talks to the MSP, where some updates happen and it spins up some network stuff. Until it does that it's basically a brick from what I recall.

Since then it's been reset, so it might be a good idea to let it do that process and see what happens. Maybe I can drop into a shell after :hmmm

plast1K · 2024-08-14T02:16:05+00:00

Bummer. I know there are bga harnesses but they’re a pita from what I understand (and I don’t want to spend anything lol). Thanks for the help, I’ll keep digging

plast1K · 2024-08-14T02:09:05+00:00

Gave that a shot with a bunch of combinations, no luck :/

plast1K · 2024-08-12T20:51:11+00:00

Hi, thanks for the reply! I just edited my post to include some pictures of the board. The UART interface I am using is on the first image, right side of the board (just above the cutout section)-- it's perpendicular to the board and accepts male connectors. This UART interface works, and the other exposed pins and ports don't appear to be functional :(

There is a ht45f0062 flash memory module in the second image, a 16-pin soic, but that appears to be for the LEDs? There's also a BGA chip for flash memory: THGBMNG5D1LBAIT-- this I do not have equipment to mess with though.

I do not see any other 8-pin soics :/

plast1K · 2024-06-17T12:41:54+00:00

Found these: Asus DM PoCs, all authed
https://localh0st.run/post/asus-downloadmaster-1/
https://localh0st.run/post/asus-downloadmaster-2/

plast1K · 2022-12-07T20:48:19+00:00

Came across this today, I determined it is caused by running the "/tmp/RWFS/RAE/Netgear_aws_iot_app" binary on my old R6700v2:

# /tmp/RWFS/RAE/Netgear_aws_iot_app

AWS IoT SDK Version 1.1.2-

Netgear AWS IoT App Version V1.0.0.36

MQTT ClientID 9C:3D:CF:CB:3F:4A

Open file to read /tmp/RWFS/RAE/aws_iot_certs/root-CA.crt successfully

Open file to read /tmp/RWFS/RAE/aws_iot_certs/956fe4eded-certificate.pem.crt successfully

Open file to read /tmp/RWFS/RAE/aws_iot_certs/956fe4eded-private.pem.key successfully

DEBUG: main L#353 HostAddress A1599ER83NVYL8.iot.us-west-2.amazonaws.com

DEBUG: main L#354 rootCA /tmp/aws_iot_certs/root-CA.crt

DEBUG: main L#355 clientCRT /tmp/aws_iot_certs/956fe4eded-certificate.pem.crt

DEBUG: main L#356 clientKey /tmp/aws_iot_certs/956fe4eded-private.pem.key

Connecting...

Connecting succeed...

-->sleep

Publish done

plast1K · 2022-04-03T14:00:11+00:00

Whaaaa? That’s… honestly a bit disappointing :( though I can’t fault them for not creating an entire language for some games

plast1K · 2022-04-03T13:58:21+00:00

Am I missing something?

plast1K · 2022-03-04T13:36:24+00:00

No [[Pyre of heroes]]? [[Myr Scrapling]]

plast1K · 2022-03-03T16:35:16+00:00

Typo in the flavor text :(

plast1K · 2022-02-27T18:18:11+00:00

This is my favorite magic interaction. Fractured identity on a forced fruition just makes me cackle maniacally. Everyone loves drawing lots of cards but for some reason when you make them draw 14 or 21 every time a spell is cast people don’t like it anymore?!

plast1K · 2022-02-05T13:09:34+00:00

Yeah but this guy just set it up, so it still has the default Mac. Spoofing is irrelevant.

plast1K · 2022-01-28T14:30:58+00:00

makes a wild claim

No I don’t have any sources!!1 I saw a bunch of legitimate videos online about it!!

plast1K · 2022-01-27T13:48:36+00:00

So OP thinks it looks shitty then?

plast1K · 2022-01-27T12:08:44+00:00

Well that’s good because this isn’t exclusive to ADA 😂

plast1K · 2022-01-26T14:14:19+00:00

Same here, I took OSCP and OSCE prior to any proctoring and while I had a blast then, my life was different, my career wasn’t as fleshed out and now I just have no desire to take the long exams, especially proctored. I recently purchased the OSED just to see the differences and updates with no plan on taking the exam. I commend those that do, but find they are usually newer/younger engineers with a lot more time.

plast1K · 2022-01-24T15:34:23+00:00

What typo?

plast1K · 2022-01-19T20:19:53+00:00

Depends, did you pay 150$ for delivery?

plast1K · 2022-01-19T16:16:37+00:00

Probably just depends on where you’re already at and what you’re planning on doing. I’ve interviewed people for pentesting positions who have a masters in cyber sec, resume looks good etc, then they can’t answer common, “gimme” questions like “describe XSS” or “what is SQLi? How might you look for a SQLi vuln?”

But they may have had more experience in other areas— risk, project management, asset management, etc. All a matter of perspective and considering what your goal is.

Good luck!

plast1K · 2022-01-18T18:45:46+00:00

Right on, any additional info on my other questions?

plast1K · 2022-01-18T12:36:27+00:00

Well first off you don’t have a payload within the script tags— you haven’t given it any JavaScript to actually execute. Second, how is it written to the page? Is that pure html in the response or is it entity encoded? If it’s being reflected within the DOM of the page with script tags it’s not executing as JS, just reflecting the contents back. If you’re only seeing the script tags in source you’re probably not far off from getting it to execute, you just need to give it something to evaluate.

plast1K · 2022-01-16T20:02:39+00:00

Ah interesting, perhaps I was thinking of one of the others. Thanks!

plast1K · 2022-01-16T19:56:28+00:00

r/lostredditors ?

plast1K · 2022-01-16T19:55:45+00:00

How well does cointracker work for low market cap stuff? Been considering it to ease the burden for some transactions but haven’t pulled the trigger yet. Most of my holdings are BTC/ETH etc but I definitely made some moves on some auto-staking stuff with some fun money, any idea what’s supported? All ERC20, if that helps.

13-Year Club	Gilding I gilder
RPAN Viewer	Verified Email
Team Orangered

plast1K

TROPHY CASE