by
derek » Sun Jul 10, 2016 6:52 pm
Well, I forgot to update this, but the answer is yes and no.
the custadmin/admin account can be (ab)used to reset the root password.
I've cracked that root password, but since it grants full root access from the administrative IP blocks, which are very wide, I have not yet been able to confirm whether this password and the firewall are accessible from the WAN in the wild. As such, I don't feel it is appropriate to share what that password is. However, you can exploit the password web interface on as follows. (in 9.7.9.3.3 and below for sure, which is the maximum version you'll find on deployed hardware) In the ping test, field, put
8.8.8.8 ; sed -i -e 's#root:.............#root:thepasswordhashyouwant#' '/etc/config/shadow'
thepasswordhashyouwant should be a standard unix crypt() hash corresponding to your desired password.
For example, PQyFAAHPD3vKs would correspond to 'password'.
I have confirmed that newer e250 firmwares work on this box, including ATT and unbranded e250 firmwares. (I tested with ATT 9.7.9.3.3, 11.5.6.1, EWN 11.6.23, 13.12.6, 14.7.0, upgrading in order. I don't know whether you can skip more than that, but I figured it was safer since I have no idea how big the flash is, or whether the config files are upgraded correctly).
However. As far as compatiblity with Sonic is concerned, ADSL+DHCP is NOT a supported configuration on this box, which is what you would use with Sonic.. A lot of things are hardcoded, interface wise, for ADSL+PPPoE, ADSL+PPPoA, ADSL+Static, but NOT ADSL+DHCP. It is supported on other edgemarcs, so it may only need a bit of tweaking, but without that tweaking, a lot of things will not work correctly (you can dhcp from the root shell, but it doesn't bring up the correct firewall and routing rules in the packaged software stack. You could of course, do this yourself)
Ethernet+DHCP works though, so that is how I'm using it in the meantime. I may try building my own modified firmware at some point. A couple of oddities that I've noticed though -- on 9.7.9.3.3, at least sometimes the router stops sending packets out on the WAN interface (eth1), as confirmed by tcpdump (on another machine... tcpdump on the edgemarc thinks the packets go out!). On 14.7.0, UDP packets on port 500 don't seem to be sent out correctly on the wifi interface (br0/wlan0), but do on the wired ports (br0/eth0)!