The content of this topic has been archived on 13 Apr 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.
hello,
I want to know if there is a way to unlock(to check inside of) luci using TTL? (uart) or in any way?
if ssh is locked with public key, reset is disabled, uhttpd disabled.
router is in possession.
i hope not.
(Last edited by seandex on 10 Mar 2017, 15:13)
you know what they say in my country? "the hope is a whore"
depends on busybox configuration, so better check login
If uhttpd or another web server is not running you don't actually have LUCI, just a bunch of files.
Use serial or recovery mode to get a root prompt. Password is not needed. You can see and alter the whole filesystem from there (in recovery mode, mount_root after logging in). The passwd command will reset the password, or firstboot to wipe all the settings back to default.
The Linux convention is that physical access to a device lets one override almost all security.
If uhttpd or another web server is not running you don't actually have LUCI, just a bunch of files.
Use serial or recovery mode to get a root prompt. Password is not needed. You can see and alter the whole filesystem from there (in recovery mode, mount_root after logging in). The passwd command will reset the password, or firstboot to wipe all the settings back to default.
The Linux convention is that physical access to a device lets one override almost all security.
wow that's sad..
how about if UART is also disabled? is there still away to access the files? is there a way to completely block?
and you are right i mean 'busybox' not 'luci', just confused.
The discussion might have continued from here.