**** BEGIN LOGGING AT Thu Apr 23 02:59:58 2020 Apr 23 09:03:57 people are already rooting vendor devices via that recent pppd flaw https://gist.github.com/namidairo/1e3fb3404c9f148474c06ae6616962f3 :] Apr 23 09:04:32 from https://github.com/openwrt/openwrt/pull/2954 Apr 23 09:05:03 neat Apr 23 09:06:12 thank mediatek for never updating their bsp Apr 23 09:07:26 well they get what they deserve Apr 23 09:07:56 still dreaming of the day these bsp's can be made obsolete and manufacturers just pay an openwrt dev to add support for their new device to openwrt :) Apr 23 09:08:25 all these half-assed forks are .. half-assed Apr 23 09:09:01 Namidairo: there is no serial on this device? Apr 23 09:09:28 Namidairo: nm, I now see `nvram set uart_en=1` Apr 23 09:10:13 hopefully this exploit could be used for unlocking the UART on most Xiaomi devices Apr 23 09:10:41 for the mediatek ones it'll work since they don't turn on any security options in their compiler Apr 23 09:11:12 the new ax3600 one obviously is built with a brand spanking new bsp from qualcomm with options enabled Apr 23 09:11:24 ah, bummer Apr 23 09:11:58 anyway, nice work :) Apr 23 09:15:20 I checked out a couple of other firmware images from other vendors using mt7621 Apr 23 09:15:50 they looked like they were in similar straits in terms of not turning on mitigations Apr 23 09:27:16 ynezz: can the pppd flaw really be used by attackers outside of ISP network? Apr 23 09:28:30 2nd flash chip in that AP7060DN seems to be Spansion MS01G200BH100 Apr 23 09:28:40 can't find much about it Apr 23 09:39:10 I can't see them injecting at layer 2 so probably not? Apr 23 09:41:39 I wonder if I should recommend gl.inet to anybody who considers xiaomi gear. mir3gv1 was reasonably ok but with all the later devices they started to mistreat the users big time... Apr 23 10:01:53 jow: ping reg SYNPROXY :) Apr 23 10:15:06 RobertP: so what kconfig symbols are required to enable synproxy? Apr 23 10:37:09 can PKG_SOURCE_URL be removed for a package if it points to a "default" location, like Apr 23 10:37:15 PKG_SOURCE_URL:=https://sources.openwrt.org/ Apr 23 10:38:08 aparcar[m]: FYI https://bugs.openwrt.org/index.php?do=details&task_id=3036 (x86-64-generic-squashfs-rootfs.img image won't boot) probably some regression related to that image generation refactoring Apr 23 11:08:23 jow: I'm not sure, but I believe CONFIG_IP_NF_SYNPROXY & CONFIG_IPT_NF_SYNPROXY - any advice how can I check it to be 100% sure? Apr 23 11:20:24 jow: + looks like there are some additional symbols for NFT... Apr 23 11:31:29 jow: kernel's symbols: https://github.com/torvalds/linux/search?q=KConfig+SYNPROXY&unscoped_q=KConfig+SYNPROXY Apr 23 11:32:57 jow: so it looks like there are only two: NETFILTER_SYNPROXY and NFT_SYNPROXY Apr 23 11:42:24 jow: however current config-5.4 has different symbols (i.e. /target/linux/generic/config-5.4): CONFIG_IP_NF_TARGET_SYNPROXY, CONFIG_NFT_SYNPROXY, CONFIG_IP6_NF_TARGET_SYNPROXY Apr 23 11:46:24 jow: setting them make appropriate code compile, but looks like not everything works Apr 23 11:46:26 https://pastebin.com/AszBjiGU Apr 23 11:47:16 (for now I'm not bother with IP6 support nor NFT) Apr 23 20:57:32 Namidairo: “thank mediatek for never updating their bsp” … are they still shipping 2.6.32? Apr 23 22:26:50 build #375 of sunxi/cortexa53 is complete: Success [build successful] Build details are at http://buildbot.openwrt.org/master/images/builders/sunxi%2Fcortexa53/builds/375 Apr 24 02:18:43 philipp64: no I think it was some iteration of 3.10 but there were a couple leftover files that still referenced 2.6.32 in /etc Apr 24 02:45:44 philipp64: Their latest OpenWrt SDK is based on LEDE 17.01/Linux 4.4.198 Apr 24 02:46:47 wow. they’re at least up to the last decade. Apr 24 02:47:03 build #336 of x86/generic is complete: Failure [failed pkgbuild] Build details are at http://buildbot.openwrt.org/master/images/builders/x86%2Fgeneric/builds/336 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:04 build #335 of mvebu/cortexa9 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/mvebu%2Fcortexa9/builds/335 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:04 build #337 of mvebu/cortexa53 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/mvebu%2Fcortexa53/builds/337 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:05 build #333 of archs38/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/archs38%2Fgeneric/builds/333 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:06 build #334 of x86/geode is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/x86%2Fgeode/builds/334 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:07 build #344 of kirkwood/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/kirkwood%2Fgeneric/builds/344 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:07 build #331 of omap/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/omap%2Fgeneric/builds/331 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:08 build #343 of ramips/rt288x is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/ramips%2Frt288x/builds/343 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:09 build #302 of x86/legacy is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/x86%2Flegacy/builds/302 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:10 build #300 of bcm53xx/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/bcm53xx%2Fgeneric/builds/300 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:10 build #299 of lantiq/xrx200 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/lantiq%2Fxrx200/builds/299 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:11 build #291 of octeon/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/octeon%2Fgeneric/builds/291 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:12 build #286 of malta/be is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/malta%2Fbe/builds/286 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:13 build #284 of ath79/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/ath79%2Fgeneric/builds/284 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:14 build #281 of samsung/s5pv210 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/samsung%2Fs5pv210/builds/281 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:15 build #277 of mpc85xx/p2020 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/mpc85xx%2Fp2020/builds/277 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:15 build #275 of ramips/mt7620 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/ramips%2Fmt7620/builds/275 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:16 build #273 of ramips/mt7621 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/ramips%2Fmt7621/builds/273 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:17 build #270 of lantiq/falcon is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/lantiq%2Ffalcon/builds/270 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:17 build #286 of sunxi/cortexa7 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/sunxi%2Fcortexa7/builds/286 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:18 build #287 of x86/64 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/x86%2F64/builds/287 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:19 build #286 of rb532/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/rb532%2Fgeneric/builds/286 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:19 build #302 of mpc85xx/p1020 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/mpc85xx%2Fp1020/builds/302 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:20 build #301 of ramips/rt305x is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/ramips%2Frt305x/builds/301 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:21 build #300 of gemini/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/gemini%2Fgeneric/builds/300 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:22 build #301 of imx6/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/imx6%2Fgeneric/builds/301 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:22 build #297 of ramips/mt76x8 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/ramips%2Fmt76x8/builds/297 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:23 build #295 of lantiq/xway is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/lantiq%2Fxway/builds/295 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:24 build #294 of armvirt/64 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/armvirt%2F64/builds/294 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:24 build #292 of zynq/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/zynq%2Fgeneric/builds/292 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:25 build #292 of mxs/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/mxs%2Fgeneric/builds/292 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:26 build #276 of layerscape/armv7 is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/layerscape%2Farmv7/builds/276 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:27 build #282 of ath79/tiny is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/ath79%2Ftiny/builds/282 blamelist: Adrian Schmutzler , Daniel Engberg Apr 24 02:47:27 build #270 of ipq40xx/generic is complete: Exception [exception dlfindbinpl] Build details are at http://buildbot.openwrt.org/master/images/builders/ipq40xx%2Fgeneric/builds/270 blamelist: Adrian Schmutzler , Daniel Engberg **** ENDING LOGGING AT Fri Apr 24 02:59:57 2020