| BBルータ解剖 |
|
|
| BUFFALO WLM2-G54 |
|
業務用なので、値段もそれなりですが、認証関係の設定が色々とできるようです。 そのためか、 Linux を採用しているようで、CPU も PPC 200MHz を使っています。 もし手に入れば面白いかもしれません。(2004.8.4) |
| アップデートファームの取り出し |
|---|
| 確認ファーム Version : 2.62 |
ここから ダウンロードしたファームのアップデートファイルから中身を取り出します。 ファームウェアは WLM2-G54, WLM2-A54G54 共通です。 まず、ダウンロードしたファームウェア wlm2series-262.bin ファイルを分解します。 前半部分が vmlinux ファイル、後半部分は wlmr_loopfiles というファイルです。 前半部は dd if=wlm2series-262.bin of=image1 bs=1 skip=108 count=629291 で取り出すことができます。この取り出したファイルは gzip で圧縮されているので、 解凍しますと、vmlinux ファイルが取り出せます。このファイルは言わずと知れた ファイルですので、適当に中を見ることができます。 中の kernel は Linux 2.4.2 ベースで、詳細は下の通りです。 Linux version 2.4.2_hhl20 (root@ceylon) (gcc version 2.95.3 20010315 (release/MontaVista)) #1973 2004年 7月 22日 木曜日 13:53:22 JST kernel 自体は PowerPC 用 のものです。 web page にも 『モトローラ社製CPU「MPC8241 200MHz」を搭載』とあります。 後半部は dd if=wlm2series-262.bin of=image2 bs=1 skip=629399 で取り出します。取り出したファイルは同じく gzip で圧縮されているので、 解凍します。すると、wlmr_loopfiles というファイルになります。 このファイルは Linux などで loop オプションをつけて mount をすることができます。 ちょっと長いですが、このファイルを mount して tree コマンドを実行した ものを下に付けます。色々あって、面白そうです。
.
|-- bin
| |-- CLIparser
| |-- EapolRadius
| |-- EapolTimer
| |-- EapolWDog
| |-- ash
| |-- assh
| |-- busybox
| |-- cat -> busybox
| |-- chgrp
| |-- chmod
| |-- chown
| |-- cp
| |-- cut -> busybox
| |-- date
| |-- dd
| |-- df
| |-- dmesg -> busybox
| |-- dnsdomainname
| |-- domainname -> hostname
| |-- eapol_conv
| |-- echo -> busybox
| |-- egrep
| |-- expr -> busybox
| |-- fgrep
| |-- firmup
| |-- grep
| |-- gzip
| |-- hostname
| |-- initswd
| |-- kill -> busybox
| |-- ln
| |-- login
| |-- ls
| |-- mkdir -> busybox
| |-- mknod -> busybox
| |-- mktemp
| |-- more
| |-- mount
| |-- mv
| |-- netstat
| |-- nisdomainname -> hostname
| |-- pidof -> ../sbin/killall5
| |-- ping
| |-- pivot_root
| |-- ps
| |-- pwd -> busybox
| |-- readlink
| |-- rm -> busybox
| |-- rmdir -> busybox
| |-- run-parts
| |-- sed
| |-- sh -> ash
| |-- sleep -> busybox
| |-- stty
| |-- su
| |-- sync -> busybox
| |-- tar
| |-- tempfile
| |-- touch
| |-- umount
| |-- uname -> busybox
| |-- usleep -> busybox
| |-- vi -> busybox
| `-- ypdomainname -> hostname
|-- dev
| |-- console
| |-- core -> /proc/kcore
| |-- fd -> /proc/self/fd
| |-- fl0
| |-- fl1
| |-- fl2
| |-- fl3
| |-- fl4
| |-- fl5
| |-- full
| |-- initctl
| |-- initsw
| |-- kmem
| |-- loop0
| |-- loop1
| |-- loop2
| |-- loop3
| |-- loop4
| |-- loop5
| |-- loop6
| |-- loop7
| |-- mem
| |-- mf
| |-- null
| |-- port
| |-- ptmx
| |-- pts
| |-- ram -> ram1
| |-- ram0
| |-- ram1
| |-- ram10
| |-- ram11
| |-- ram12
| |-- ram13
| |-- ram14
| |-- ram15
| |-- ram16
| |-- ram2
| |-- ram3
| |-- ram4
| |-- ram5
| |-- ram6
| |-- ram7
| |-- ram8
| |-- ram9
| |-- random
| |-- rtc
| |-- stderr -> fd/2
| |-- stdin -> fd/0
| |-- stdout -> fd/1
| |-- tty
| |-- tty0
| |-- tty1
| |-- tty10
| |-- tty11
| |-- tty12
| |-- tty13
| |-- tty14
| |-- tty15
| |-- tty16
| |-- tty17
| |-- tty18
| |-- tty19
| |-- tty2
| |-- tty3
| |-- tty4
| |-- tty5
| |-- tty6
| |-- tty7
| |-- tty8
| |-- tty9
| |-- ttyS0
| |-- ttyS1
| |-- ttyS2
| |-- ttyS3
| |-- urandom
| |-- vcs -> vcs0
| |-- vcs0
| |-- vcs1
| |-- vcs10
| |-- vcs11
| |-- vcs12
| |-- vcs13
| |-- vcs14
| |-- vcs15
| |-- vcs16
| |-- vcs17
| |-- vcs18
| |-- vcs19
| |-- vcs2
| |-- vcs3
| |-- vcs4
| |-- vcs5
| |-- vcs6
| |-- vcs7
| |-- vcs8
| |-- vcs9
| |-- vcsa -> vcsa0
| |-- vcsa0
| |-- vcsa1
| |-- vcsa10
| |-- vcsa11
| |-- vcsa12
| |-- vcsa13
| |-- vcsa14
| |-- vcsa15
| |-- vcsa16
| |-- vcsa17
| |-- vcsa18
| |-- vcsa19
| |-- vcsa2
| |-- vcsa3
| |-- vcsa4
| |-- vcsa5
| |-- vcsa6
| |-- vcsa7
| |-- vcsa8
| |-- vcsa9
| |-- wdt
| `-- zero
|-- etc
| |-- airdev_11a.conf
| |-- airdev_11g.conf
| |-- ap_servd.conf
| |-- apache
| | |-- access.conf
| | |-- httpd.conf
| | |-- magic
| | |-- mime.types
| | `-- srm.conf
| |-- as_mng.conf
| |-- asconf_info
| |-- breader.inf
| |-- bridge.conf
| |-- chkap.conf
| |-- cron.d
| |-- cron.daily
| | |-- inetd
| | `-- passwd
| |-- crontab
| |-- default
| | |-- devpts
| | `-- rcS
| |-- dhcpc
| | `-- dhcpcd-brg0.ipset.exe
| |-- fstab
| |-- group
| |-- host.conf
| |-- hosts
| |-- inetd.conf
| |-- init.d
| | |-- README
| | |-- access_limit
| | |-- apache
| | |-- apservd
| | |-- as_mng.sh
| | |-- attackblock
| | |-- bcm43xx.sh
| | |-- bootmisc.sh
| | |-- breader
| | |-- bridge_init.sh
| | |-- bridge_param.sh
| | |-- checkfs.sh
| | |-- checkroot.sh
| | |-- chk_env.sh
| | |-- cron
| | |-- devpts.sh
| | |-- eapol
| | |-- fixer_wireless.sh
| | |-- halt
| | |-- hostname.sh
| | |-- inetd
| | |-- initswd
| | |-- iptables
| | |-- lnkitg.sh
| | |-- load_config
| | |-- load_config.bak
| | |-- logoutd
| | |-- miiset
| | |-- mountall.sh
| | |-- mountnfs.sh
| | |-- networking
| | |-- nscd
| | |-- passwd
| | |-- pcmcia
| | |-- pcml11g.sh
| | |-- procps.sh
| | |-- rc
| | |-- rcS
| | |-- reboot
| | |-- rmnologin
| | |-- sendsigs
| | |-- set_wlan_dev.sh
| | |-- single
| | |-- skeleton
| | |-- snmpd
| | |-- snmpd.bak
| | |-- syslog
| | |-- umountfs
| | |-- umountnfs.sh
| | |-- urandom
| | |-- ver_up
| | |-- wdt_wireless.sh
| | |-- wireless.sh
| | `-- zebra
| |-- inittab
| |-- inputrc
| |-- ioctl.save
| |-- limits
| |-- lnkitg.conf
| |-- localtime -> /usr/share/zoneinfo/Asia/Tokyo
| |-- login.access
| |-- login.defs
| |-- logrotate.d
| | |-- syslog
| | `-- zebra
| |-- mgetty
| |-- modules.conf
| |-- motd
| |-- mtab -> /proc/mounts
| |-- network
| | |-- check-mac-address.sh
| | |-- easyfilter
| | |-- easyfilter_init
| | |-- get-mac-address.sh
| | |-- ifstate
| | |-- interfaces
| | |-- ipchains
| | |-- options
| | |-- pcmcia-compat.sh
| | `-- ping-places.sh
| |-- nscd.conf
| |-- nsswitch.conf
| |-- opt
| |-- pam.d
| | |-- chfn
| | |-- chsh
| | |-- cron
| | |-- ftp
| | |-- login
| | |-- other
| | |-- passwd
| | |-- ppp
| | |-- rexec
| | |-- rlogin
| | |-- rsh
| | |-- ssh
| | |-- su
| | `-- sudo
| | `-- sudo.pam
| |-- passwd
| |-- pcmcia
| | |-- config
| | |-- config.opts
| | |-- ip-down.d
| | | `-- dnrd
| | |-- ip-up.d
| | | `-- 0dnrd
| | |-- network
| | |-- pcmcia.conf.org
| | |-- shared
| | |-- wireless
| | `-- wireless.opts
| |-- porttime
| |-- profile
| |-- protocols
| |-- rc.d
| | |-- init.d -> ../init.d
| | |-- rc0.d
| | | |-- K19nscd -> /etc/init.d/nscd
| | | |-- K20inetd -> /etc/init.d/inetd
| | | |-- K20logoutd -> /etc/init.d/logoutd
| | | |-- K20zebra -> /etc/init.d/zebra
| | | |-- K30urandom -> /etc/init.d/urandom
| | | |-- K90syslog -> /etc/init.d/syslog
| | | |-- S20sendsigs -> ../init.d/sendsigs
| | | |-- S31umountnfs.sh -> /etc/init.d/umountnfs.sh
| | | |-- S40umountfs -> /etc/init.d/umountfs
| | | `-- S90halt -> ../init.d/halt
| | |-- rc1.d
| | | |-- K19nscd -> /etc/init.d/nscd
| | | |-- K20inetd -> /etc/init.d/inetd
| | | |-- K20logoutd -> /etc/init.d/logoutd
| | | |-- K20zebra -> /etc/init.d/zebra
| | | |-- K90syslog -> /etc/init.d/syslog
| | | `-- S20single -> ../init.d/single
| | |-- rc2.d
| | | |-- S11snmpd -> /etc/rc.d/init.d/snmpd
| | | |-- S20apache -> /etc/rc.d/init.d/apache
| | | |-- S20apservd -> /etc/rc.d/init.d/apservd
| | | |-- S20cron -> ../init.d/cron
| | | |-- S20inetd -> /etc/init.d/inetd
| | | |-- S20iptables -> /etc/rc.d/init.d/iptables
| | | |-- S20logoutd -> /etc/init.d/logoutd
| | | |-- S20zebra -> /etc/init.d/zebra
| | | |-- S21as_mng.sh -> ../init.d/as_mng.sh
| | | |-- S70access_limit -> ../init.d/access_limit
| | | |-- S80wdt_wireless.sh -> ../init.d/wdt_wireless.sh
| | | |-- S99breader -> ../init.d/breader
| | | |-- S99lnkitg.sh -> ../init.d/lnkitg.sh
| | | |-- S99rmnologin -> /etc/init.d/rmnologin
| | | `-- _S19nscd -> /etc/init.d/nscd
| | |-- rc3.d
| | | |-- S10syslog -> /etc/init.d/syslog
| | | |-- S19nscd -> /etc/init.d/nscd
| | | |-- S20inetd -> /etc/init.d/inetd
| | | |-- S20logoutd -> /etc/init.d/logoutd
| | | |-- S20zebra -> /etc/init.d/zebra
| | | `-- S99rmnologin -> /etc/init.d/rmnologin
| | |-- rc4.d
| | | |-- S10syslog -> /etc/init.d/syslog
| | | |-- S19nscd -> /etc/init.d/nscd
| | | |-- S20inetd -> /etc/init.d/inetd
| | | |-- S20logoutd -> /etc/init.d/logoutd
| | | |-- S20zebra -> /etc/init.d/zebra
| | | `-- S99rmnologin -> /etc/init.d/rmnologin
| | |-- rc5.d
| | | |-- S10syslog -> /etc/init.d/syslog
| | | |-- S19nscd -> /etc/init.d/nscd
| | | |-- S20inetd -> /etc/init.d/inetd
| | | |-- S20logoutd -> /etc/init.d/logoutd
| | | |-- S20zebra -> /etc/init.d/zebra
| | | `-- S99rmnologin -> /etc/init.d/rmnologin
| | |-- rc6.d
| | | |-- K19nscd -> /etc/init.d/nscd
| | | |-- K20inetd -> /etc/init.d/inetd
| | | |-- K20logoutd -> /etc/init.d/logoutd
| | | |-- K20zebra -> /etc/init.d/zebra
| | | |-- K30urandom -> /etc/init.d/urandom
| | | |-- K90syslog -> /etc/init.d/syslog
| | | |-- S20sendsigs -> ../init.d/sendsigs
| | | |-- S31umountnfs.sh -> /etc/init.d/umountnfs.sh
| | | |-- S40umountfs -> /etc/init.d/umountfs
| | | `-- S90reboot -> ../init.d/reboot
| | `-- rcS.d
| | |-- README
| | |-- S10checkroot.sh -> /etc/init.d/checkroot.sh
| | |-- S30checkfs.sh -> /etc/init.d/checkfs.sh
| | |-- S30procps.sh -> /etc/init.d/procps.sh
| | |-- S33devpts.sh -> /etc/init.d/devpts.sh
| | |-- S33mountall.sh -> /etc/init.d/mountall.sh
| | |-- S34bootmisc.sh -> /etc/init.d/bootmisc.sh
| | |-- S35load_config.sh -> ../init.d/load_config
| | |-- S36ver_up -> ../init.d/ver_up
| | |-- S38miiset -> ../init.d/miiset
| | |-- S38pcml11g.sh -> ../init.d/pcml11g.sh
| | |-- S39bcm43xx.sh -> ../init.d/bcm43xx.sh
| | |-- S40bridge_init.sh -> ../init.d/bridge_init.sh
| | |-- S40set_wlan_dev.sh -> ../init.d/set_wlan_dev.sh
| | |-- S41hostname.sh -> /etc/init.d/hostname.sh
| | |-- S41wireless.sh -> ../init.d/wireless.sh
| | |-- S42bridge_param.sh -> ../init.d/bridge_param.sh
| | |-- S43syslog -> /etc/init.d/syslog
| | |-- S44networking -> /etc/rc.d/init.d/networking
| | |-- S45mountnfs.sh -> /etc/init.d/mountnfs.sh
| | |-- S55urandom -> /etc/init.d/urandom
| | |-- S5initswd -> ../init.d/initswd
| | |-- S60passwd -> /etc/init.d/passwd
| | |-- S80eapol -> ../../init.d/eapol
| | `-- S99chk_env.sh -> ../init.d/chk_env.sh
| |-- resolv.conf
| |-- rpc
| |-- securetty
| |-- security
| | |-- access.conf
| | |-- group.conf
| | |-- limits.conf
| | |-- pam_env.conf
| | `-- time.conf
| |-- services
| |-- shells
| |-- shells.conf
| |-- skel
| |-- snmp
| | |-- snmpd.conf
| | |-- snmpd.conf.bak
| | `-- snmpd.conf.swp
| |-- suauth
| |-- sysctl.conf
| |-- syslog.conf
| |-- tmp
| |-- ver_up
| | |-- 10clean
| | |-- 120airdev
| | |-- 122airdev_11g
| | |-- 130bridge
| | |-- 140lnkitg
| | |-- 150syslog
| | |-- 160zebra
| | |-- 170efilter
| | `-- 180ntp
| |-- ver_up.conf
| `-- zebra
| |-- daemons
| |-- ripd.conf
| `-- zebra.conf
|-- home
| |-- d-yama
| | |-- nfsmount.sh
| | `-- vssver.scc
| `-- test
| |-- output_test.sh
| |-- setup_11a_10.sh
| |-- setup_11a_23.sh
| |-- syslog_test
| `-- udp_test
|-- lib
| |-- ld-2.2.3.so
| |-- ld.so.1 -> ld-2.2.3.so
| |-- libasconf.so -> libasconf.so.1
| |-- libasconf.so.1 -> libasconf.so.1.5.1
| |-- libasconf.so.1.5.1
| |-- libc-2.2.3.so
| |-- libc.so.6 -> libc-2.2.3.so
| |-- libcrypt-2.2.3.so
| |-- libcrypt.so.1 -> libcrypt-2.2.3.so
| |-- libdl-2.2.3.so
| |-- libdl.so.2 -> libdl-2.2.3.so
| |-- libm-2.2.3.so
| |-- libm.so.6 -> libm-2.2.3.so
| |-- libncurses.so.5 -> libncurses.so.5.2
| |-- libncurses.so.5.2
| |-- libnsl-2.2.3.so
| |-- libnsl.so.1 -> libnsl-2.2.3.so
| |-- libnss_compat-2.2.3.so
| |-- libnss_compat.so.2 -> libnss_compat-2.2.3.so
| |-- libnss_dns-2.2.3.so
| |-- libnss_dns.so.2 -> libnss_dns-2.2.3.so
| |-- libnss_files-2.2.3.so
| |-- libnss_files.so.2 -> libnss_files-2.2.3.so
| |-- libnss_hesiod-2.2.3.so
| |-- libnss_hesiod.so.2 -> libnss_hesiod-2.2.3.so
| |-- libnss_nis-2.2.3.so
| |-- libnss_nis.so.2 -> libnss_nis-2.2.3.so
| |-- libnss_nisplus-2.2.3.so
| |-- libnss_nisplus.so.2 -> libnss_nisplus-2.2.3.so
| |-- libpam.so.0 -> libpam.so.0.72
| |-- libpam.so.0.72
| |-- libpam_misc.so.0 -> libpam_misc.so.0.72
| |-- libpam_misc.so.0.72
| |-- libpamc.so.0 -> libpamc.so.0.72
| |-- libpamc.so.0.72
| |-- libproc.so.2.0.7
| |-- libpthread-0.9.so
| |-- libpthread.so.0 -> libpthread-0.9.so
| |-- libresolv-2.2.3.so
| |-- libresolv.so.2 -> libresolv-2.2.3.so
| |-- librt-2.2.3.so
| |-- librt.so.1 -> librt-2.2.3.so
| |-- libutil-2.2.3.so
| |-- libutil.so.1 -> libutil-2.2.3.so
| |-- libwrap.so.0 -> libwrap.so.0.7.6
| |-- libwrap.so.0.7.6
| |-- modules
| | |-- 2.4.2_hhl20
| | | |-- build -> /home/d-yama/workVSS2/Project/AirStation/Core/PPC_Linux/Current/kernel
| | | |-- kernel
| | | | `-- drivers
| | | | `-- net
| | | | |-- broadcom
| | | | | `-- 11g
| | | | | |-- hnd_3_61_xx
| | | | | | `-- hnd.o
| | | | | `-- wl_3_60_9_13
| | | | | `-- wl.o
| | | | |-- dummy.o
| | | | `-- pcml11g
| | | | `-- pcml11g.o
| | | `-- pcmcia
| | `-- misc
| | |-- as_info.o
| | `-- led_warn.o
| `-- security
| |-- pam_env.so
| |-- pam_limits.so
| |-- pam_nologin.so
| |-- pam_securetty.so
| |-- pam_unix.so
| |-- pam_unix_acct.so -> pam_unix.so
| |-- pam_unix_auth.so -> pam_unix.so
| |-- pam_unix_passwd.so -> pam_unix.so
| `-- pam_unix_session.so -> pam_unix.so
|-- lost+found
|-- mnt
|-- proc
| |-- dri
| |-- driver
| |-- fs
| |-- irq
| |-- mounts
| |-- net
| |-- sys
| |-- sysvipc
| `-- tty
|-- root
| |-- common
| | |-- chroot
| | |-- portmap
| | `-- tcpdump
| |-- haba
| | |-- chpw
| | `-- mnt_rd
| |-- tamura
| | `-- mount_private.sh
| `-- test
| |-- channel
| |-- essid
| |-- locale
| |-- setup
| `-- show
|-- sbin
| |-- brcfg
| |-- breadd
| |-- cardctl
| |-- cardmgr
| |-- depmod
| |-- dhcpcd -> /usr/sbin/dhcpcd
| |-- fsck
| |-- fsck.nfs
| |-- genksyms
| |-- getty
| |-- halt
| |-- hwclock
| |-- ifconfig
| |-- ifport
| |-- ifuser
| |-- init
| |-- insmod
| |-- insmod_ksymoops_clean
| |-- ipmaddr
| |-- iptablectl
| |-- iptables
| |-- iptunnel
| |-- iwconfig
| |-- iwgetid
| |-- iwlist
| |-- iwpriv
| |-- iwspy
| |-- kallsyms -> insmod
| |-- kernelversion
| |-- killall5
| |-- klog_sup
| |-- klogd
| |-- ksyms -> insmod
| |-- lnkitgd
| |-- losetup
| |-- lsmod -> insmod
| |-- mgetty
| |-- mii-tool
| |-- modinfo
| |-- modprobe -> insmod
| |-- netifctl
| |-- plipconfig
| |-- poweroff -> halt
| |-- probe
| |-- rarp
| |-- reboot -> halt
| |-- rmmod -> insmod
| |-- route
| |-- runlevel
| |-- shutdown
| |-- slattach
| |-- start-stop-daemon
| |-- sulogin
| |-- swapoff -> swapon
| |-- swapon
| |-- sysctl
| |-- syslogd
| |-- telinit -> init
| |-- unix_chkpwd
| `-- wlu
|-- tmp
|-- usr
| |-- bin
| | |-- as_flash
| | |-- c_rehash
| | |-- chage
| | |-- chfn
| | |-- chsh
| | |-- clear -> ../../bin/busybox
| | |-- crontab
| | |-- dircolors
| | |-- du -> ../../bin/busybox
| | |-- encode_keychange
| | |-- expiry
| | |-- faillog
| | |-- find
| | |-- fixer_wireless
| | |-- free
| | |-- ftp
| | |-- getent
| | |-- gpasswd
| | |-- head -> ../../bin/busybox
| | |-- htdigest
| | |-- htpasswd
| | |-- id -> ../../bin/busybox
| | |-- install
| | |-- killall
| | |-- last
| | |-- lastb -> last
| | |-- lastlog
| | |-- locale
| | |-- locate
| | |-- mesg
| | |-- mkfifo
| | |-- newgrp
| | |-- newslock
| | |-- oldps
| | |-- passwd
| | |-- pgrep
| | |-- pkill
| | |-- sensible-editor
| | |-- sensible-pager
| | |-- sg -> newgrp
| | |-- sh -> ../../bin/busybox
| | |-- shred
| | |-- skill
| | |-- snice
| | |-- su
| | |-- tail -> ../../bin/busybox
| | |-- test -> ../../bin/busybox
| | |-- tload
| | |-- top
| | |-- tty -> ../../bin/busybox
| | |-- updatedb
| | |-- upnpd
| | |-- uptime
| | |-- utmpdump
| | |-- vmstat
| | |-- w
| | |-- watch
| | |-- wdt_wireless
| | |-- which -> ../../bin/busybox
| | `-- xargs
| |-- include
| | `-- initreq.h
| |-- lib
| | |-- apache
| | | |-- httpd.exp
| | | |-- mod_access.so
| | | |-- mod_actions.so
| | | |-- mod_alias.so
| | | |-- mod_asis.so
| | | |-- mod_auth.so
| | | |-- mod_auth_pam.so
| | | |-- mod_autoindex.so
| | | |-- mod_cgi.so
| | | |-- mod_dir.so
| | | |-- mod_env.so
| | | |-- mod_imap.so
| | | |-- mod_include.so
| | | |-- mod_log_config.so
| | | |-- mod_mime.so
| | | |-- mod_negotiation.so
| | | |-- mod_setenvif.so
| | | |-- mod_status.so
| | | `-- mod_userdir.so
| | |-- findutils
| | | |-- bigram
| | | |-- code
| | | `-- frcode
| | |-- iptables
| | | |-- libip6t_MARK.so
| | | |-- libip6t_icmp.so
| | | |-- libip6t_mark.so
| | | |-- libip6t_standard.so
| | | |-- libip6t_tcp.so
| | | |-- libip6t_udp.so
| | | |-- libipt_DNAT.so
| | | |-- libipt_LOG.so
| | | |-- libipt_MARK.so
| | | |-- libipt_MASQUERADE.so
| | | |-- libipt_MIRROR.so
| | | |-- libipt_REDIRECT.so
| | | |-- libipt_REJECT.so
| | | |-- libipt_SNAT.so
| | | |-- libipt_TOS.so
| | | |-- libipt_icmp.so
| | | |-- libipt_limit.so
| | | |-- libipt_mac.so
| | | |-- libipt_mark.so
| | | |-- libipt_multiport.so
| | | |-- libipt_owner.so
| | | |-- libipt_standard.so
| | | |-- libipt_state.so
| | | |-- libipt_tcp.so
| | | |-- libipt_tos.so
| | | |-- libipt_udp.so
| | | `-- libipt_unclean.so
| | |-- libbz2.so -> libbz2.so.0.0.0
| | |-- libbz2.so.0 -> libbz2.so.0.0.0
| | |-- libbz2.so.0.0.0
| | |-- libcap.so.1 -> libcap.so.1.10
| | |-- libcap.so.1.10
| | |-- libcrypto.so.0.9.6
| | |-- libdb-3.2.so
| | |-- libdb-3.so -> libdb-3.2.so
| | |-- libdb.so -> libdb-3.2.so
| | |-- libform.so.5 -> libform.so.5.2
| | |-- libform.so.5.2
| | |-- libmenu.so.5 -> libmenu.so.5.2
| | |-- libmenu.so.5.2
| | |-- libpanel.so.5 -> libpanel.so.5.2
| | |-- libpanel.so.5.2
| | |-- libpcap.so -> libpcap.so.0
| | |-- libpcap.so.0 -> libpcap.so.0.6.1
| | |-- libpcap.so.0.6.1
| | |-- libpopt.a
| | |-- libpopt.la
| | |-- libpopt.so -> libpopt.so.0.0.0
| | |-- libpopt.so.0 -> libpopt.so.0.0.0
| | |-- libpopt.so.0.0.0
| | |-- libshadow.la
| | |-- libsnmp-0.4.2.2^M.so
| | |-- libsnmp.so -> libsnmp-0.4.2.2^M.so
| | |-- libucdagent-0.4.2.2^M.so
| | |-- libucdagent.so -> libucdagent-0.4.2.2^M.so
| | |-- libucdmibs-0.4.2.2^M.so
| | |-- libucdmibs.so -> libucdmibs-0.4.2.2^M.so
| | |-- libuuid.a
| | |-- libuuid.so
| | |-- libuuid.so.1
| | |-- libuuid.so.1.2
| | |-- libz.so -> libz.so.1
| | |-- libz.so.1 -> libz.so.1.1.3
| | |-- libz.so.1.1.3
| | |-- pt_chown
| | `-- telnetlogin
| |-- local
| | |-- apache
| | | |-- cgi-bin
| | | | |-- help.cgi -> ../cgi-bin-lock/ap_conf.cgi
| | | | |-- index.cgi -> ../cgi-bin-lock/ap_conf.cgi
| | | | |-- jslib.cgi -> ../cgi-bin-lock/ap_conf.cgi
| | | | `-- template -> ../cgi-bin-lock/template
| | | |-- cgi-bin-lock
| | | | |-- ap_conf.cgi
| | | | |-- export.bin -> ap_conf.cgi
| | | | |-- logfile.log -> ap_conf.cgi
| | | | `-- template
| | | | |-- ENG
| | | | | |-- help
| | | | | | |-- apcomm.txt
| | | | | | |-- apcomm.txt~
| | | | | | |-- atkblk.txt
| | | | | | |-- baseinfo.txt
| | | | | | |-- baseinfo.txt~
| | | | | | |-- bridge.txt
| | | | | | |-- dhcps.txt
| | | | | | |-- easy.txt
| | | | | | |-- filter.txt
| | | | | | |-- fwupdate.txt
| | | | | | |-- glossary.txt
| | | | | | |-- help.html
| | | | | | |-- init.txt
| | | | | | |-- lanport.txt
| | | | | | |-- linkitg.txt
| | | | | | |-- log.txt
| | | | | | |-- log.txt.bak
| | | | | | |-- manage.txt
| | | | | | |-- nat.txt
| | | | | | |-- packet.txt
| | | | | | |-- ping.txt
| | | | | | |-- pppoe.txt
| | | | | | |-- pptp.txt
| | | | | | |-- route.txt
| | | | | | |-- snmp.txt
| | | | | | |-- station.txt
| | | | | | |-- station.txt~
| | | | | | |-- stationinfo.txt
| | | | | | |-- time.txt
| | | | | | |-- top.txt
| | | | | | |-- vssver.scc
| | | | | | |-- wanport.txt
| | | | | | |-- wlan.txt
| | | | | | |-- wlan.txt.bak
| | | | | | `-- wlan.txt~
| | | | | |-- string.txt
| | | | | |-- string.txt~
| | | | | `-- vssver.scc
| | | | |-- JPN
| | | | | |-- help
| | | | | | |-- apcomm.txt
| | | | | | |-- apcomm.txt~
| | | | | | |-- atkblk.txt
| | | | | | |-- baseinfo.txt
| | | | | | |-- baseinfo.txt.bak
| | | | | | |-- baseinfo.txt~
| | | | | | |-- bridge.txt
| | | | | | |-- dhcps.txt
| | | | | | |-- easy.txt
| | | | | | |-- filter.txt
| | | | | | |-- fwupdate.txt
| | | | | | |-- glossary.txt
| | | | | | |-- help.html
| | | | | | |-- init.txt
| | | | | | |-- lanport.txt
| | | | | | |-- linkitg.txt
| | | | | | |-- log.txt
| | | | | | |-- log.txt.bak
| | | | | | |-- manage.txt
| | | | | | |-- nat.txt
| | | | | | |-- packet.txt
| | | | | | |-- ping.txt
| | | | | | |-- pppoe.txt
| | | | | | |-- pptp.txt
| | | | | | |-- route.txt
| | | | | | |-- snmp.txt
| | | | | | |-- station.txt
| | | | | | |-- station.txt~
| | | | | | |-- station_bak.txt
| | | | | | |-- stationinfo.txt
| | | | | | |-- time.txt
| | | | | | |-- top.txt
| | | | | | |-- vssver.scc
| | | | | | |-- wanport.txt
| | | | | | |-- wlan.txt
| | | | | | |-- wlan.txt.bak
| | | | | | `-- wlan.txt~
| | | | | |-- string.txt
| | | | | |-- string.txt~
| | | | | `-- vssver.scc
| | | | |-- app_data
| | | | | |-- ftp.dat
| | | | | |-- http.dat
| | | | | `-- vssver.scc
| | | | `-- html
| | | | |-- atk_notify.html
| | | | |-- base_info.html
| | | | |-- bw_80211base.html
| | | | |-- bw_80211base.html~
| | | | |-- bw_80211security.html
| | | | |-- bw_chk.html
| | | | |-- bw_easyfilter.html
| | | | |-- bw_head.html
| | | | |-- bw_snmpagent.html
| | | | |-- bw_snmptool.html
| | | | |-- bw_static_mac.html
| | | | |-- bw_stp.html
| | | | |-- bw_time.html
| | | | |-- bw_top.html
| | | | |-- bw_wds.html
| | | | |-- bw_wds.html~
| | | | |-- chk_easy.html
| | | | |-- chk_setup.html
| | | | |-- dhcps.html
| | | | |-- filter.html
| | | | |-- frame.html
| | | | |-- frame_easy.html
| | | | |-- frame_sub.html
| | | | |-- frame_sub.html.swp
| | | | |-- fwupdate.html
| | | | |-- index.html
| | | | |-- init.html
| | | | |-- lanport.html
| | | | |-- lib.js
| | | | |-- lib.js.swp
| | | | |-- lib.js~
| | | | |-- link_iteg.html
| | | | |-- log.html
| | | | |-- manage_snmp.html
| | | | |-- nat.html
| | | | |-- nopage
| | | | |-- nopage.html
| | | | |-- packet_info.html
| | | | |-- password.html
| | | | |-- ping.html
| | | | |-- pppoe.html
| | | | |-- pptp.html
| | | | |-- quickstart.html
| | | | |-- quickstart_nf.html
| | | | |-- result.html
| | | | |-- route.html
| | | | |-- secret.html
| | | | |-- security_radius.html
| | | | |-- security_static_mac.html
| | | | |-- setup_index.html
| | | | |-- show_ret.html
| | | | |-- snmp.html
| | | | |-- station_info.html
| | | | |-- syslog.html
| | | | |-- syslog.html~
| | | | |-- tmail.html
| | | | |-- upnp.html
| | | | |-- vssver.scc
| | | | `-- wanport.html
| | | |-- htdocs
| | | | |-- cleanup.sh
| | | | |-- err400.shtm
| | | | |-- err401.shtm
| | | | |-- err401_eng.shtm
| | | | |-- err401_jpn.shtm
| | | | |-- err404.shtm
| | | | |-- err415.shtm
| | | | |-- err500.shtm
| | | | |-- err501.shtm
| | | | |-- index_eng.shtm
| | | | |-- index_jpn.shtm
| | | | `-- vssver.scc
| | | |-- images
| | | | |-- bar.png
| | | | |-- bg.gif
| | | | |-- buffalo.gif
| | | | |-- buffalo.png
| | | | |-- darrow.png
| | | | |-- eng.png
| | | | |-- jpn.png
| | | | |-- logo_as11g.png
| | | | |-- logo_aspro.png
| | | | |-- logo_aspro_plus.png
| | | | |-- node.png
| | | | |-- node0.png
| | | | |-- node1.png
| | | | |-- node2.png
| | | | |-- question.gif
| | | | |-- rarrow.png
| | | | |-- uarrow.png
| | | | `-- vssver.scc
| | | `-- internal
| | | |-- internal.cgi -> ../cgi-bin-lock/ap_conf.cgi
| | | `-- template -> ../cgi-bin-lock/template
| | |-- bin
| | |-- include
| | |-- kensa
| | | `-- inspection
| | | |-- diagsendmsg
| | | |-- ethcmd
| | | |-- inspection_cmd
| | | |-- textecho
| | | |-- wlcmd
| | | `-- wlledblink
| | |-- lib
| | |-- man
| | |-- sbin
| | |-- share
| | | `-- snmp
| | | `-- mibs -> /usr/share/snmp/mibs
| | `-- src
| |-- sbin
| | |-- ab
| | |-- alarm_notify
| | |-- ap_servd
| | |-- apachectl
| | |-- arp
| | |-- as_mng
| | |-- asinfo
| | |-- checksecurity
| | |-- chkapd
| | |-- chpasswd
| | |-- cpgr -> cppw
| | |-- cppw
| | |-- cron
| | |-- dhcpcd
| | |-- dpasswd
| | |-- getlanip
| | |-- getorgmac
| | |-- getunnum
| | |-- getver
| | |-- getwanip
| | |-- groupadd
| | |-- groupdel
| | |-- groupmod
| | |-- grpck
| | |-- grpconv
| | |-- grpunconv
| | |-- httpd
| | |-- icmprequest
| | |-- in.telnetd
| | |-- inetd
| | |-- initdconfig
| | |-- logoutd
| | |-- logresolve
| | |-- macradd
| | |-- mkpasswd
| | |-- newusers
| | |-- nscd
| | |-- nscd_nischeck
| | |-- ntpdate
| | |-- ntpdate_script
| | |-- pam_tally
| | |-- ppc_82xx-initdconfig -> initdconfig
| | |-- ppc_82xx-shellconfig -> shellconfig
| | |-- pwck
| | |-- pwconv
| | |-- pwunconv
| | |-- ripd
| | |-- rotatelogs
| | |-- setmf
| | |-- shadowconfig
| | |-- shellconfig
| | |-- snmpd
| | |-- snmptrap
| | |-- tcpd
| | |-- useradd
| | |-- userdel
| | |-- usermod
| | |-- vigr -> vipw
| | |-- vipw
| | `-- zebra
| `-- share
| |-- snmp
| | |-- mib2c.conf
| | |-- mib2c.storage.conf
| | |-- mib2c.vartypes.conf
| | |-- mibs
| | | |-- EtherLike-MIB.txt
| | | |-- IANA-ADDRESS-FAMILY-NUMBERS-MIB.txt
| | | |-- IANA-LANGUAGE-MIB.txt
| | | |-- IANAifType-MIB.txt
| | | |-- IF-MIB.txt
| | | |-- IP-MIB.txt
| | | |-- RFC-1215.txt
| | | |-- RFC1155-SMI.txt
| | | |-- RFC1213-MIB.txt
| | | |-- SNMPv2-MIB.txt
| | | |-- SNMPv2-SMI.txt
| | | |-- SNMPv2-TC.txt
| | | |-- TCP-MIB.txt
| | | `-- UDP-MIB.txt
| | `-- snmpconf
| | |-- snmp.conf
| | | |-- authopts
| | | |-- debugging
| | | |-- mibs
| | | `-- output
| | |-- snmpd.conf
| | | |-- acl
| | | |-- basic_setup
| | | |-- extending
| | | |-- monitor
| | | |-- operation
| | | |-- system
| | | `-- trapsinks
| | `-- snmptrapd.conf
| | |-- formatting
| | `-- traphandle
| |-- terminfo
| | |-- a
| | | `-- ansi
| | |-- k
| | | |-- kterm
| | | `-- xterm
| | |-- l
| | | `-- linux
| | |-- v
| | | `-- vt100
| | `-- x
| `-- zoneinfo
| |-- America
| | |-- Adak
| | |-- Anchorage
| | |-- Anguilla
| | |-- Antigua
| | |-- Araguaina
| | |-- Aruba
| | |-- Asuncion
| | |-- Atka
| | |-- Barbados
| | |-- Belem
| | |-- Belize
| | |-- Boa_Vista
| | |-- Bogota
| | |-- Boise
| | |-- Buenos_Aires
| | |-- Cambridge_Bay
| | |-- Cancun
| | |-- Caracas
| | |-- Catamarca
| | |-- Cayenne
| | |-- Cayman
| | |-- Chicago
| | |-- Chihuahua
| | |-- Cordoba
| | |-- Costa_Rica
| | |-- Cuiaba
| | |-- Curacao
| | |-- Dawson
| | |-- Dawson_Creek
| | |-- Denver
| | |-- Detroit
| | |-- Dominica
| | |-- Edmonton
| | |-- Eirunepe
| | |-- El_Salvador
| | |-- Ensenada
| | |-- Fort_Wayne
| | |-- Fortaleza
| | |-- Glace_Bay
| | |-- Godthab
| | |-- Goose_Bay
| | |-- Grand_Turk
| | |-- Grenada
| | |-- Guadeloupe
| | |-- Guatemala
| | |-- Guayaquil
| | |-- Guyana
| | |-- Halifax
| | |-- Havana
| | |-- Hermosillo
| | |-- Indiana
| | | |-- Indianapolis
| | | |-- Knox
| | | |-- Marengo
| | | `-- Vevay
| | |-- Indianapolis
| | |-- Inuvik
| | |-- Iqaluit
| | |-- Jamaica
| | |-- Jujuy
| | |-- Juneau
| | |-- Kentucky
| | | |-- Louisville
| | | `-- Monticello
| | |-- Knox_IN
| | |-- La_Paz
| | |-- Lima
| | |-- Los_Angeles
| | |-- Louisville
| | |-- Maceio
| | |-- Managua
| | |-- Manaus
| | |-- Martinique
| | |-- Mazatlan
| | |-- Mendoza
| | |-- Menominee
| | |-- Merida
| | |-- Mexico_City
| | |-- Miquelon
| | |-- Monterrey
| | |-- Montevideo
| | |-- Montreal
| | |-- Montserrat
| | |-- Nassau
| | |-- New_York
| | |-- Nipigon
| | |-- Nome
| | |-- Noronha
| | |-- Panama
| | |-- Pangnirtung
| | |-- Paramaribo
| | |-- Phoenix
| | |-- Port-au-Prince
| | |-- Port_of_Spain
| | |-- Porto_Acre
| | |-- Porto_Velho
| | |-- Puerto_Rico
| | |-- Rainy_River
| | |-- Rankin_Inlet
| | |-- Recife
| | |-- Regina
| | |-- Rio_Branco
| | |-- Rosario
| | |-- Santiago
| | |-- Santo_Domingo
| | |-- Sao_Paulo
| | |-- Scoresbysund
| | |-- Shiprock
| | |-- St_Johns
| | |-- St_Kitts
| | |-- St_Lucia
| | |-- St_Thomas
| | |-- St_Vincent
| | |-- Swift_Current
| | |-- Tegucigalpa
| | |-- Thule
| | |-- Thunder_Bay
| | |-- Tijuana
| | |-- Tortola
| | |-- Vancouver
| | |-- Virgin
| | |-- Whitehorse
| | |-- Winnipeg
| | |-- Yakutat
| | `-- Yellowknife
| |-- Asia
| | |-- Aden
| | |-- Almaty
| | |-- Amman
| | |-- Anadyr
| | |-- Aqtau
| | |-- Aqtobe
| | |-- Ashgabat
| | |-- Ashkhabad
| | |-- Baghdad
| | |-- Bahrain
| | |-- Baku
| | |-- Bangkok
| | |-- Beirut
| | |-- Bishkek
| | |-- Brunei
| | |-- Calcutta
| | |-- Chungking
| | |-- Colombo
| | |-- Dacca
| | |-- Damascus
| | |-- Dhaka
| | |-- Dili
| | |-- Dubai
| | |-- Dushanbe
| | |-- Gaza
| | |-- Harbin
| | |-- Hong_Kong
| | |-- Hovd
| | |-- Irkutsk
| | |-- Istanbul
| | |-- Jakarta
| | |-- Jayapura
| | |-- Jerusalem
| | |-- Kabul
| | |-- Kamchatka
| | |-- Karachi
| | |-- Kashgar
| | |-- Katmandu
| | |-- Krasnoyarsk
| | |-- Kuala_Lumpur
| | |-- Kuching
| | |-- Kuwait
| | |-- Macao
| | |-- Magadan
| | |-- Manila
| | |-- Muscat
| | |-- Nicosia
| | |-- Novosibirsk
| | |-- Omsk
| | |-- Phnom_Penh
| | |-- Pyongyang
| | |-- Qatar
| | |-- Rangoon
| | |-- Riyadh
| | |-- Riyadh87
| | |-- Riyadh88
| | |-- Riyadh89
| | |-- Saigon
| | |-- Samarkand
| | |-- Seoul
| | |-- Shanghai
| | |-- Singapore
| | |-- Taipei
| | |-- Tashkent
| | |-- Tbilisi
| | |-- Tehran
| | |-- Tel_Aviv
| | |-- Thimbu
| | |-- Thimphu
| | |-- Tokyo
| | |-- Ujung_Pandang
| | |-- Ulaanbaatar
| | |-- Ulan_Bator
| | |-- Urumqi
| | |-- Vientiane
| | |-- Vladivostok
| | |-- Yakutsk
| | |-- Yekaterinburg
| | `-- Yerevan
| |-- Europe
| | |-- Amsterdam
| | |-- Andorra
| | |-- Athens
| | |-- Belfast
| | |-- Belgrade
| | |-- Berlin
| | |-- Bratislava
| | |-- Brussels
| | |-- Bucharest
| | |-- Budapest
| | |-- Chisinau
| | |-- Copenhagen
| | |-- Dublin
| | |-- Gibraltar
| | |-- Helsinki
| | |-- Istanbul
| | |-- Kaliningrad
| | |-- Kiev
| | |-- Lisbon
| | |-- Ljubljana
| | |-- London
| | |-- Luxembourg
| | |-- Madrid
| | |-- Malta
| | |-- Minsk
| | |-- Monaco
| | |-- Moscow
| | |-- Nicosia
| | |-- Oslo
| | |-- Paris
| | |-- Prague
| | |-- Riga
| | |-- Rome
| | |-- Samara
| | |-- San_Marino
| | |-- Sarajevo
| | |-- Simferopol
| | |-- Skopje
| | |-- Sofia
| | |-- Stockholm
| | |-- Tallinn
| | |-- Tirane
| | |-- Tiraspol
| | |-- Uzhgorod
| | |-- Vaduz
| | |-- Vatican
| | |-- Vienna
| | |-- Vilnius
| | |-- Warsaw
| | |-- Zagreb
| | |-- Zaporozhye
| | `-- Zurich
| |-- GMT
| |-- GMT+0
| |-- GMT+1
| |-- GMT+10
| |-- GMT+11
| |-- GMT+12
| |-- GMT+13
| |-- GMT+14
| |-- GMT+2
| |-- GMT+3
| |-- GMT+4
| |-- GMT+5
| |-- GMT+6
| |-- GMT+7
| |-- GMT+8
| |-- GMT+9
| |-- GMT-0
| |-- GMT-1
| |-- GMT-10
| |-- GMT-11
| |-- GMT-12
| |-- GMT-2
| |-- GMT-3
| |-- GMT-4
| |-- GMT-5
| |-- GMT-6
| |-- GMT-7
| |-- GMT-8
| |-- GMT-9
| |-- GMT0
| |-- US
| | |-- Alaska
| | |-- Aleutian
| | |-- Arizona
| | |-- Central
| | |-- East-Indiana
| | |-- Eastern
| | |-- Hawaii
| | |-- Indiana-Starke
| | |-- Michigan
| | |-- Mountain
| | |-- Pacific
| | `-- Samoa
| |-- iso3166.tab
| `-- zone.tab
`-- var
|-- cache
|-- lib
| |-- locate
| |-- misc
| `-- pcmcia
| `-- stab
|-- local
|-- lock
|-- log
| `-- apache
| `-- access_log -> /dev/null
|-- mail
|-- network
| `-- bridge_port.conf
|-- opt
|-- run
|-- spool
| `-- mail -> ../mail
`-- tmp
143 directories, 1295 files
少しだけ、解析したいと思います。 |
| アップデートファームの中身解析 |
|---|
wlmr_loopfiles ファイルを linux マシンで mount して、簡単に中身を解析してみました。 まず、 /etc/inittab は # The default runlevel. id:2:initdefault: となっているので、 /etc/rc.d/rc2.d の中身を確認します。 [toyota@kashyyyk]% ls S* S11snmpd S20apache S20apservd S20cron S20inetd S20iptables S20logoutd S20zebra S21as_mng.sh S70access_limit S80wdt_wireless.sh S99breader S99lnkitg.sh S99rmnologininetd.conf が動いているので、 /etc/inetd.conf を確認します。 telnet stream tcp nowait root /usr/sbin/tcpd in.telnetd telnetd が動いているようです。 /etc/passwd を確認します。 [toyota@kashyyyk]% cat passwd root::0:0:root:/root:/bin/assh bin:*:1:1:bin:/bin: daemon:*:2:2:daemon:/usr/sbin: sys:*:3:3:sys:/dev: adm:*:4:4:adm:/var/adm: sync:*:6:8:sync:/bin:/bin/sync shutdown:*:7:9:shutdown:/sbin:/sbin/shutdown halt:*:8:10:halt:/sbin:/sbin/halt operator:*:12:0:operator:/root: ftp:*:15:14:ftp:/var/ftp: nobody:*:65534:65534:nobody:/home:/bin/shなんと、 root がパスワードなして login できるようです。 root の shell である assh を確認してみます。中身には assh: Shell for AirStation. 等とあったので、このルータというか、アクセスポイントは telnet で各種設定を 変更することができるようです。で、さらに assh には、以下の文字が見つかります。 You opened the door for another world !! さらに、この文字の後には /bin/sh の文字が。どうやら、バックドアが ありそうな雰囲気です。時間があれば、解析してみたいと思います。 でも、本当に業務用のルータにバックドアがあったとしたら、 かなり怖いですね。 |
|
|