hg5145f
记录折腾光猫的过程
开telent,获取超密:https://www.right.com.cn/forum/thread-8305036-1-1.html
自启程序思路:https://akbwe.com/posts/f7607p_java/ https://www.right.com.cn/forum/thread-8305846-1-1.html
[admin@hgu ~]# cat /proc/mtd
dev: size erasesize name
mtd0: 00020000 00020000 "spl"
mtd1: 04f00000 00020000 "main partition"
mtd2: 04f00000 00020000 "slave partition"
mtd3: 05f00000 00020000 "config"
mtd4: 00000010 0001f000 "flaga"
mtd5: 00000010 0001f000 "flagb"
mtd6: 00461918 0001f000 "kernel"
mtd7: 01458000 0001f000 "rootfs"
mtd8: 01895000 0001f000 "app"
mtd9: 00f04000 0001f000 "framework"
mtd10: 000994fa 0001f000 "uboot"
mtd11: 0083c000 0001f000 "felix"
mtd12: 00000010 0001f000 "flaga"
mtd13: 00000010 0001f000 "flagb"
mtd14: 00463638 0001f000 "kernel"
mtd15: 01458000 0001f000 "rootfs"
mtd16: 01895000 0001f000 "app"
mtd17: 00f04000 0001f000 "framework"
mtd18: 000994fa 0001f000 "uboot"
mtd19: 0083c000 0001f000 "felix"
mtd20: 04699000 0001f000 "Apps"
mtd21: 00991000 0001f000 "data"
mtd22: 00554000 0001f000 "fhdata"[admin@hgu ~]# df -h
Filesystem Size Used Available Use% Mounted on
ubi1:rootfs 16.9M 16.9M 0 100% /
tmpfs 256.0M 16.5M 239.5M 6% /var
tmpfs 16.0K 0 16.0K 0% /mnt
/dev/ubi1_4 20.8M 19.5M 1.4M 93% /fhrom
/dev/mtdblock19 6.6M 6.6M 0 100% /fhrom/felix/bundles/preset_bundles
/dev/ubi2_0 63.4M 37.0M 26.4M 58% /osgi
/dev/ubi2_1 6.9M 312.0K 6.6M 4% /fhconf
/dev/ubi2_2 3.1M 36.0K 3.1M 1% /fhdata
tmpfs 233.2M 4.0K 233.2M 0% /tmp
/dev/loop0 2.0M 22.0K 1.9M 1% /osgi/bvasPlugtest
/dev/ubi2_0 63.4M 37.0M 26.4M 58% /etc/dropbear
/dev/ubi2_0 63.4M 37.0M 26.4M 58% /home/admin
/dev/mtdblock17 14.4M 14.4M 0 100% /fhos~/route # file *.bin
mtd1.bin: UBI image, version 1
mtd2.bin: UBI image, version 1
mtd3.bin: UBI image, version 1
mtd4.bin: data
mtd5.bin: data
mtd6.bin: u-boot legacy uImage, uImage, Linux/ARM, OS Kernel Image (Not compressed), 4593880 bytes, Fri Aug 19 14:06:30 2022, Load Address: 0X90000000, Entry Point: 0X90000040, Header CRC: 0X385D2B40, Data CRC: 0X17A1D5FF
mtd7.bin: UBIfs image, sequence number 13342, length 4096, CRC 0x839e5827
mtd8.bin: UBIfs image, sequence number 10944, length 4096, CRC 0x3a6f3330
mtd9.bin: Squashfs filesystem, little endian, version 4.0, xz compressed, 15071258 bytes, 73 inodes, blocksize: 131072 bytes, created: Fri Aug 19 15:52:43 2022
mtd10.bin: data
mtd11.bin: Squashfs filesystem, little endian, version 4.0, xz compressed, 7233418 bytes, 16 inodes, blocksize: 131072 bytes, created: Fri Aug 19 15:52:44 2022[admin@hgu ~]# ps aux |grep java
340 admin 16:19 /bin/sh /etc/init.d/monitor_java.sh
26158 admin 0:00 grep java
[admin@hgu ~]# which -a java
/fhos/jre/bin/java观察到有一个java命令调用的/fhos目录,这个目录是mtd9|mtd17,可以修改
~/r/custom # unsquashfs mtd9.bin
Parallel unsquashfs: Using 16 processors
64 inodes (191 blocks) to write
[=======================================================================================================|] 255/255 100%
created 63 files
created 9 directories
created 1 symlink
created 0 devices
created 0 fifos
created 0 sockets
created 0 hardlinks将squashfs-root/jre/bin/java文件替换为一个脚本,脚本调用外部的命令
#!/bin/sh
if [ ! -f /tmp/started ]; then
/usr/plugin/startup.sh &
touch /tmp/started
fi打包
mksquashfs squashfs-root modified.bin -comp xz但是写入时发现无法,写入
[admin@hgu custom]# nandwrite /dev/mtd9 modified.bin
nandwrite: can't open '/dev/mtd9': Permission denied最后试着猜想一下,可能需要拆机接ttl线进入uboot来写入
暂无标签