Difference between revisions of "Samsung SDR-3102N"
From Exploitee.rs
Jump to navigationJump to search
m (Zenofex moved page Samsung SDR-3102N to Samsung SDR-3102N) |
m (Zenofex moved page Samsung SDR-3102N to Samsung SDR-3102N over redirect) |
||
| (One intermediate revision by the same user not shown) | |||
| Line 26: | Line 26: | ||
/bin/busybox telnetd -l /bin/sh</code> | /bin/busybox telnetd -l /bin/sh</code> | ||
* Reboot | * Reboot | ||
=== Demo === | |||
{{#ev:youtube|CDm7FSfwp3Y}} | |||
== UART Root == | == UART Root == | ||
Latest revision as of 03:42, 11 August 2017
"Although the information we release has been verified and shown to work to the best our knowledge, we cant be held accountable for bricked devices or roots gone wrong."
Purchase
Buying devices is expensive and, in a lot of cases our testing leads to bricked equipment. If you would like to help support our group, site, and research please use one of the links below to purchase your next device. Purchase the Samsung SDR-3102N at Amazon
Information
- Name: SDR-3102N
- Manufacturer: Samsung
- SoC: HiSilicon
- OS: Linux
UART
The pin-out for UART can be found on the image below.
USB Root
- Startup script detects a FAT USB Drive
- Executes "diag_1673" if it exists
- Create a file named "diag_1673"
#!/bin/sh
/bin/busybox telnetd -l /bin/sh
- Reboot
Demo
UART Root
- Connect to UART, baudrate: 115200
- Hold enter to break into UBoot
- Run following commands to set console and init to /bin/sh
setenv bootargs "mem=160M console=ttyAMA0,115200 root=/dev/ram rw rootfstype=ext2 mtdparts=hinand:1M(boot),1M(env),4M(kernel),15M(rootfs),99M(data),4M(system),4M(logo) libata.force=noncq init=/bin/sh"
- Then run the bootcmd to boot to kernel
run bootcmd
- It should drop you into a root shell
