|
La Fonera dissection and hack |
|
|
|
|
Written by Shawn
|
|
Saturday, 02 December 2006 |
|
Page 5 of 7
 Well, now that I have dissected this little router, time to put it back together. After I got it back together, I powered it on, and hooked it up to my network. Through my searching on the internet, I found out that La Fonera has a deliberate back door more or less to allow FON to check to see wether it was online, upgrade the firmware, and other various things. I found this rather unacceptable. Thats where the SSH daemon comes into play. I needed to inject a couple of specially designed requests into some of the SH scripts La Fonera uses. To do this we need to create two HTML documents. These can be made in notepad or any text editor. The first one, lets call it step1.html:
Save that and make the second one lets call it step2.html:
Now save the second one and at this point we need to be connected to La Fonera. If you have hooked it up already you know that it has 2 SSIDs. One called FON_AP(default) and another called MyPlace(default). You need to be connected to the MyPlace. The MyPlace SSID is encrypted, and the key is the serial number of your La Fonera on the bottom of the device.
*note: this assumes you haven't changed the ip of your La Fonera*
Now open both of the web pages in your web browser. The first one should look like this:
Go ahead and hit Submit. You may either get some weird code or a page on the La Fonera management console. Then the second page should look like this:
Once again go ahead and hit Submit. Now if all went to plan your La Fonera should be accepting SSH connection. We will test this out on the next page.
|
|
Last Updated ( Saturday, 19 January 2008 )
|
