[Ended] SamyGO Extensions on F series

[brunogts77]

I have tried both things and nothing works!!

[zoelechat]

Ok, sorry this time I'm out of ideas!

[brunogts77]

Ok, thanks. I have a D5700 and works fine.

[hav0k]

It root f5300 (1119) . Thank you for the work done.

My problem on ssh server (bad password, bad key). If disabled telnet server and reboot TV: `PTY allocation request failed on channel 0`.
I copied a few lines from the script (01_02_telnet.init) :

Code: Select all

...
if [ `cat /proc/mounts | grep -c "/dev/pts"` -lt "1" ] ; then
  #$SYSROOT/bin/busybox mount -t devpts devpts /dev/pts  #original str
   
  insmod $MOD_DIR/kernel/drivers/pty/SRS_module.ko >> $LOGFILE 2>&1
  insmod $MOD_DIR/kernel/drivers/pty/ptys.ko >> $LOGFILE 2>&1
else
...
fi

but (bad password, bad key). Telnet does not use password, non secure. Problem in sh?
---
p.s. I have a case where the /etc/password was specified /bin/zsh, zsh but was not installed(ubuntu).

[juusso]

lsmod | grep mount

[hav0k]

/mnt # lsmod | grep mount
/mnt # mount -t devpts devpts /dev/pts
mount: mounting devpts on /dev/pts failed: Device or resource busy
/mnt # lsmod | grep mount
/mnt # lsmod

SpoilerShow

fuse 51788 0 - Live 0xbf5fb000
ansi_cprng 4168 0 - Live 0xbf5f6000
aes_generic 34240 0 - Live 0xbf5ea000
krng 608 0 - Live 0xbf5e6000
ecb 1180 0 - Live 0xbf5e2000
arc4 828 0 - Live 0xbf5de000
eseqiv 2360 0 - Live 0xbf5da000
chainiv 2100 0 - Live 0xbf5d6000
crypto_wq 368 1 chainiv, Live 0xbf5d2000
rng 1028 4 ansi_cprng,krng,eseqiv,chainiv, Live 0xbf5d0000
des_generic 45028 0 - Live 0xbf5c2000
hmac 2076 0 - Live 0xbf5be000
md5 1272 0 - Live 0xbf5ba000
md4 3132 0 - Live 0xbf5b6000
crypto_blkcipher 9198 3 ecb,eseqiv,chainiv, Live 0xbf5b0000
cryptomgr 2056 0 - Live 0xbf5ac000
pcompress 660 0 - Live 0xbf5aa000
aead 3432 1 cryptomgr, Live 0xbf5a8000
crypto_hash 7776 3 hmac,md5,md4, Live 0xbf5a5000
crypto_algapi 9464 14 ansi_cprng,aes_generic,krng,ecb,arc4,eseqiv,chainiv,des_generic,hmac,crypto_blkcipher,cryptomgr,pcompress,aead,crypto_hash, Live 0xbf59f000
crypto 4516 9 ansi_cprng,ecb,rng,hmac,crypto_blkcipher,pcompress,aead,crypto_hash,crypto_algapi, Live 0xbf59c000
g_file_storage 19792 0 - Live 0xbf594000
dummy_hcd 11276 1 g_file_storage, Live 0xbf58e000
ptys 10920 3 [permanent], Live 0xbf588000
SRS_module 6244 0 - Live 0xbf583000
anyver 2504 0 - Live 0xbf57f000
ARS_module 7404 0 - Live 0xbf57c000 (P)
usb_storage 32412 1 - Live 0xbf4e5000
exfat_fs 15600 0 - Live 0xbf4de000 (P)
exfat_core 46112 1 exfat_fs, Live 0xbf4cf000 (P)
tntfs 419736 0 - Live 0xbf465000 (P)
ftdi_sio 26712 0 - Live 0xbf45b000
usbserial 21268 1 ftdi_sio, Live 0xbf452000
rt5572sta 1467120 0 - Live 0xbf2e8000
cfg80211 121492 1 rt5572sta, Live 0xbf2c7000
hid_chicony 1068 0 - Live 0xbf2c3000
hid_apple 4016 0 - Live 0xbf2bf000
hid_microsoft 1864 0 - Live 0xbf2bb000
mousedev 7708 0 - Live 0xbf2b6000
evdev 6688 0 - Live 0xbf2b1000
usbhid 13152 0 - Live 0xbf2aa000
hid 40668 4 hid_chicony,hid_apple,hid_microsoft,usbhid, Live 0xbf29d000
mdrv_emac 17380 0 - Live 0xbf287000
snd_pcm 47612 0 - Live 0xbf278000
snd_page_alloc 2600 1 snd_pcm, Live 0xbf274000
snd_hwdep 3700 0 - Live 0xbf270000
snd_rawmidi 12836 0 - Live 0xbf269000
snd_seq_device 3612 1 snd_rawmidi, Live 0xbf265000
snd_timer 13652 1 snd_pcm, Live 0xbf25e000
snd 28168 5 snd_pcm,snd_hwdep,snd_rawmidi,snd_seq_device,snd_timer, Live 0xbf254000
soundcore 444 1 snd, Live 0xbf250000
v4l2_common 4340 0 - Live 0xbf24d000
videodev 64676 1 v4l2_common, Live 0xbf23a000
v4l2_int_device 1436 0 - Live 0xbf238000
samsung_mstar 1700660 0 - Live 0xbf06b000
btusb 34020 0 - Live 0xbf05f000
samsung_mali 91060 25 - Live 0xbf045000
tzdrv 28524 56 - Live 0xbf03d000
ehci_hcd 43484 0 - Live 0xbf02f000
usbcore 100516 9 dummy_hcd,usb_storage,ftdi_sio,usbserial,rt5572sta,usbhid,btusb,ehci_hcd, Live 0xbf013000
PreInit 61596 0 - Live 0xbf000000

ps,netstat bug, Working on web shell.

SpoilerShow

VDLinux#> ps -ax
VDLinux#> ps
VDLinux#> netstat -ant
















































































































































































VDLinux#>
VDLinux#> sh
/mnt # ps
/mnt #

? ~/ ssh -vvv -i .ssh/id_rsa.sams root@10.10.10.161

SpoilerShow

OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /Users/h0/.ssh/config
debug1: /Users/h0/.ssh/config line 4: Applying options for 10.10.10.161
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 10.10.10.161 [10.10.10.161] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load ".ssh/id_rsa.sams" as a RSA1 public key
debug1: identity file .ssh/id_rsa.sams type 1
debug1: identity file .ssh/id_rsa.sams-cert type -1
debug3: Incorrect RSA1 identifier
debug3: Could not load "/Users/h0/.ssh/id_rsa.sams" as a RSA1 public key
debug1: identity file /Users/h0/.ssh/id_rsa.sams type 1
debug1: identity file /Users/h0/.ssh/id_rsa.sams-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version dropbear_0.52
debug1: no match: dropbear_0.52
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "10.10.10.161" from file "/Users/h0/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /Users/h0/.ssh/known_hosts:30
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,ssh-dss-cert-v01@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa
debug2: kex_parse_kexinit: aes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: aes128-ctr,3des-ctr,aes256-ctr,aes128-cbc,3des-cbc,aes256-cbc,twofish256-cbc,twofish-cbc,twofish128-cbc,blowfish-cbc
debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: hmac-sha1-96,hmac-sha1,hmac-md5
debug2: kex_parse_kexinit: zlib,zlib@openssh.com,none
debug2: kex_parse_kexinit: zlib,zlib@openssh.com,none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug2: dh_gen_key: priv key bits set: 119/256
debug2: bits set: 516/1024
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Server host key: RSA c1:fc:98:46:5f:e7:e2:d8:c3:32:ca:09:d1:07:8c:f7
debug3: load_hostkeys: loading entries for host "10.10.10.161" from file "/Users/h0/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file /Users/h0/.ssh/known_hosts:30
debug3: load_hostkeys: loaded 1 keys
debug1: Host '10.10.10.161' is known and matches the RSA host key.
debug1: Found key in /Users/h0/.ssh/known_hosts:30
debug2: bits set: 523/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: .ssh/id_rsa.sams (0x7f91cb600310), explicit
debug2: key: /Users/h0/.ssh/id_rsa.sams (0x7f91cb40bde0), explicit
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: .ssh/id_rsa.sams
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Offering RSA public key: /Users/h0/.ssh/id_rsa.sams
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
root@10.10.10.161's password:
debug3: packet_send2: adding 64 (len 54 padlen 10 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
root@10.10.10.161's password:
debug3: packet_send2: adding 64 (len 54 padlen 10 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
root@10.10.10.161's password:
debug3: packet_send2: adding 64 (len 49 padlen 15 extra_pad 64)
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,password).

- reboot(bisybox?), Hangs helps power off. Tv working, but RC does not react.

---
UPD - power off smart TV, after power on. Telnet, apache and etc not started .

http://10.10.10.161:80(original 404) => downloads files

0YcmXgMA.dms

SpoilerShow

?:????????r??"????p?o#????Eq*'V?:?? ?j??4BK??n???Z?X???r?k?????

Yrq33xdZ.dms

SpoilerShow

06e6 e14c 35bd ce66 d6f7 1367 7a5c fac0
f0b0 191d 1928 ca0c e9fd 8f32 a9bb 6249
f973 8cb7 978e 15aa e6b2 5683 0aca a579
1daa 9328 7956 4fb4 95c2 cb00 71ee 070c
0dda 03d8 6986 bf64 85f2 3bb0 611e 77bc
fd0a 7388 59b6 c3d4 9cb2 c66d 449d

helped only Factory reset, install Samygo.

[hav0k]

yay!
ssh working(any password , use key file disabled password auth), problem in /etc/profile. ps, netstat working.

Code: Select all

if [ `cat /proc/mounts | grep -c "/dev/pts"` -lt "1" ] ; then
  #disable telnetd!
  insmod $MOD_DIR/kernel/drivers/pty/SRS_module.ko
  insmod $MOD_DIR/kernel/drivers/pty/ptys.ko
  $SYSROOT/bin/busybox mount -o bind /mtd_rwarea/profile /etc/profile || echo "can not mount profile!" && dmesg | tail >> $LOGFILE 2>&1
else
  echo "/dev/pts is mounted"
fi

fix mc.sh -> mc(wont):

Code: Select all

> echo "alias mc='mc.sh'" >> /etc/profile

Please do not kick.

[juusso]

so can you attach full scripts you`ve just changed?

[myname70]

Hi Guys, my F8000 (rooted) worked fine for months.. This afternoor I switched it ON and the root simply stopped. No ftp/telnet access at all.. no OSCAM working.. I removed the SamyGO widget and re-installed it (with the data.zip from this thread), it says-OK. But still do not have access (ftp,telnet..) I saw the new Firmware appeared. Tried and update it as well (till 1118), made the root - but again nothing...

[hav0k]

NEW problem! I what is done, but nothing has been deleted... TV rebooted and smart hub 2 app (web browse and samygo). Cam module not working.

"mute 2 4 7 exit" -> ciplus storage test: fail

Delete SamyGO, reset smart hub and factory reset. No effect. CI+ not working(cam module another TV test: ok). USB fimware 1119 -> 1119 no find update.

Any ideas or call samung service center? Storage dump similar TV?