DSM-G600, DNS-3xx and NSA-220 Hack Forum

cyboc · 2007-08-10 02:32:44

MiK wrote:
cyboc wrote:
There are three fixes for that problem:
..or use WinRAR

/MiK

Er, yes. But I sooooo love GnuWin32, don't you? :-)

MiK · 2007-08-10 04:18:49

Well, I'm partial since I've been a RAR user since ~1994 (beta testing the DOS version).

fonz · 2007-08-10 10:48:18

cyboc wrote:
you will get Windows line ending in that file if you use Winzip to unpack it
3) Use Winzip but then use a program like EditPlus to convert the line endings back to Unix after unpacking.

That's horrible - I had no idea, and even recommended WinZip more than once to unpack these files.

According to hearsay, there's another problem with .gz files - some browsers would unzip .gz files on the fly without removing the .gz extension (ending in a .tar.gz file that's not zipped, so looks corrupted).

This makes me think about 'safer' archives that work well for both Linux and Windows users. Are there any archive formats that Windows (without extra software?) can unpack - without trying to be 'smart'?

cyboc · 2007-08-10 17:55:21

fonz wrote:
Are there any archive formats that Windows (without extra software?) can unpack - without trying to be 'smart'?

Fonz, I just did a quick test. It seems that Winzip only converts the line endings if the file is a ".tar.gz" (and perhaps ".tar", too). If you use Winzip to create a zip file that contains your fun_plug script (with Unix line endings) and your fun_plug.tar, then you unzip it, the line endings in fun_plug seem to stay Unix style.

Try it yourself. If it works for you, then maybe you can distribute both zip and tar.gz versions of your fun_plug.

I'm not sure why Winzip tries to get cute with Unix archives...

trevoryour · 2007-08-10 20:57:52

According to the help file the password problem has is already addressed using fun_plug. It says that you can change your password on the command line, then running a specific script will write it to flash memory. Will this not solve my problem?

cyboc · 2007-08-10 22:09:48

trevoryour wrote:
According to the help file the password problem has is already addressed using fun_plug. It says that you can change your password on the command line, then running a specific script will write it to flash memory. Will this not solve my problem?

Here is what Fonz says about the script:

Fonz wrote:
Copying passwd files to the flash seems to work fine. Haven't tested much, though. The attached script only copies the files. Run it after "passwd" or "smbpasswd" to make the changes permanent.

The question is, when you run passwd in Telnet or ssh, is it pointing to BusyBox 1.00-pre1 (the old BusyBox in the D-Link firmware) or is it pointing to BusyBox 1.6.1 (the one compiled by fonz in included in fun_plug 0.3)? Fonz can confirm but I assume it is pointing to BusyBox 1.6.1. If that is indeed the case, then you should be able to enter passwords longer than 8 characters and with symbol characters too.

There is a caveat, however. You still won't be able to enter long passwords with the flawed web interface. See numerous messages above from me about this issue in this forum topic. If you want long passwords for telnet, ssh, ftp and samba access, you're stuck with the command line. However, if you only want long passwords for samba and you want to set them with the web interface, you can use my asp file hacks, above.

I hope that helps.

By the way, if you have time, please send an email to D-Link telling them to fix their firmware so we can have long passwords and passwords with symbol characters! They probably won't listen but we might as well try, right?

gazoo · 2007-10-12 15:31:00

I'm not sure if this topic was fully resolved or not. However, I want to be able to use a 4 character password and I'm not allowed via the web interface. Am I to understand that using the funplug install, changing the smbpasswd and passwd via command line, and then running the script above I can commit changes to flash that persist after reboot?

I just purchased a Mediagate multimedia box (for streaming movies, music, pictures to an HDTV) and it wants either no password or a set one that is 4 characters in length to access samba shares. I was previously using geexbox but found that the mediagate form factor was smaller. Only problem is I forgot about the dumb password rules.

I'm not a linux newbie, but I can't edit C or compile my own kernel or anything like that. I also don't want to muck around too much in the DNS since it is my family file server and it is indeed very very critical for our household needs. It sounds like the funplug stuff is pretty well established, but I wanted to check out if anyone has extensively used the commit to flash script and has also changed usernames and passwords successfully via command line.

thanks

gazoo · 2007-10-13 17:43:02

Please help!

I installed fun_plug with telnetd. Everything is fine, I can get into the DNS no problem. I created a user via the web interface, gave it a 5 character password. I then telnet into the device, changed the passwords using passwd and smbpasswd to 4 characters. It complained on passwd that it wasn't long enough or strong enough, but it *seemed* to let me do it anyway. smbpasswd didn't complain, it just did it. However, I can't get into that account with FTP OR SMB now! WTF! This is making my head explode. I understand about committing things to nvram, but I haven't rebooted yet or even gotten that far yet. I just want to be able to put in a 4 character password that's all! What a headache! Please someone help....

thank you..

gazoo · 2007-10-13 18:49:29

Nevermind. It was the client machine having trouble - incidentally it's another linux based device (mediagate MG-35). It has built in (hard coded username/pass) passwords, but I think it tries to first connect with the DNS with a null password account (guest, null) and then it tries the one I changed it to that has a 4 character password. I think it hangs up with the DNS after the first try and never gets to try the one with a password). I haven't had much luck getting the DNS to accept null passwords (i did a smbpasswd -n username but it didn't seem to take.). Anyway, sorry for the panicking...i guess I'll have to badger the other forum for the mediagate device now..:-) I still would like to know why it is that it doesn't get to try the 2nd built in account with the 4 character password..

gazoo · 2007-10-14 01:56:49

In yet another reply to myself, I've got it working. There was a case problem with my av device that was accessing the DNS. Username was shown as 'Media' in one website, but it should have been 'media'. I couldn't have gotten it working though if it were not for fun_plug, telnetd, and doing an smbpasswd on the user to give it the correct and shorter than allowed password.

DSM-G600, DNS-3xx and NSA-220 Hack Forum

Announcement

#26 2007-08-10 02:32:44

Re: Removing password restrictions

MiK wrote:

cyboc wrote:

#27 2007-08-10 04:18:49

Re: Removing password restrictions

#28 2007-08-10 10:48:18

Re: Removing password restrictions

cyboc wrote:

#29 2007-08-10 17:55:21

Re: Removing password restrictions

fonz wrote:

#30 2007-08-10 20:57:52

Re: Removing password restrictions

#31 2007-08-10 22:09:48

Re: Removing password restrictions

trevoryour wrote:

Fonz wrote:

#32 2007-10-12 15:31:00

Re: Removing password restrictions

#33 2007-10-13 17:43:02

Re: Removing password restrictions

#34 2007-10-13 18:49:29

Re: Removing password restrictions

#35 2007-10-14 01:56:49

Re: Removing password restrictions

Board footer