Register Guidelines E-Books Search Today's Posts Mark Forums Read

Go Back   MobileRead Forums > E-Book Readers > Kobo Reader > Kobo Developer's Corner

Notices

Reply
 
Thread Tools Search this Thread
Old 06-13-2014, 07:08 PM   #1
frafra
Member
frafra began at the beginning.
 
Posts: 22
Karma: 10
Join Date: Jun 2014
Device: Onyx BOOX M92 (broken), Kobo Aura HD (stolen), Kobo Aura H2O 2nd ed.
Dropbear SSH preinstalled: new way to access? (false alarm)

Hi,
I've seen (using nmap) that on my new Kobo Aura HD there's Dropbear SSH running on 2222 by default, without doing any kind of hack.

Why is it running? It is something related with the Windows/MacOS client? Is there any key allowed? Could it be a security issue?

This could also be another way to get a remote console: just a simple fake Kobo upgrade tgz containing a public key appended to /.ssh/allowed_keys (or maybe /root/.ssh/...). What do you think about it?

Update: no sign of Dropbear preinstalled; it was just an error caused from Kobo way to manage your default wifi network connection

Last edited by frafra; 06-14-2014 at 12:04 PM.
frafra is offline   Reply With Quote
Old 06-14-2014, 10:29 AM   #2
frafra
Member
frafra began at the beginning.
 
Posts: 22
Karma: 10
Join Date: Jun 2014
Device: Onyx BOOX M92 (broken), Kobo Aura HD (stolen), Kobo Aura H2O 2nd ed.
No one interested in?
I will leave a couple of tips for who wants to play with it.

I've installed dropbear and created a new key. I've tried to add my new public key to /.ssh/authorized_keys and /root/.ssh/authorized_keys but it doesn't work (dbclient still asks for root password, pubkey login doesn't work).

Maybe dropbear is configured to work just as a client? Why does it runs in background listening for open connections? It looks like a backdoor.
frafra is offline   Reply With Quote
Advert
Old 06-14-2014, 11:17 AM   #3
PeterT
Grand Sorcerer
PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.
 
PeterT's Avatar
 
Posts: 12,119
Karma: 73448614
Join Date: Nov 2007
Location: Toronto
Device: Nexus 7, Clara, Touch, Tolino EPOS
What f/w is your Aura HD running? I've seen NO sign of dropbear on any of my devices....

Also I don't see any sign of port 2222 being open

Last edited by PeterT; 06-14-2014 at 11:20 AM.
PeterT is offline   Reply With Quote
Old 06-14-2014, 11:58 AM   #4
frafra
Member
frafra began at the beginning.
 
Posts: 22
Karma: 10
Join Date: Jun 2014
Device: Onyx BOOX M92 (broken), Kobo Aura HD (stolen), Kobo Aura H2O 2nd ed.
Sorry PeterT, you're right, I was scanning another device

I was betrayed from the way Kobo manages wifi connections: you can have wifi on, but you're not connected to your default network until you open your browser. So, fortunately, no ssh backdoor, and I learnt something new about my 1-day old Kobo

By the way, this raises another question: do you know which command or script Kobo uses to bring up the default wifi network?
frafra is offline   Reply With Quote
Old 06-14-2014, 12:26 PM   #5
PeterT
Grand Sorcerer
PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.PeterT ought to be getting tired of karma fortunes by now.
 
PeterT's Avatar
 
Posts: 12,119
Karma: 73448614
Join Date: Nov 2007
Location: Toronto
Device: Nexus 7, Clara, Touch, Tolino EPOS
A great technique for learning more about the f/w on the devices is to download one of them to your PC. Look in the Direct Links to Kobo Firmware thread and download one of the zip files (in your case probably http://download.kobobooks.com/firmwa...date-3.3.1.zip ).

Then on your PC, open the zip file and expand the tgz file; this is the majority of the code for the device.
PeterT is offline   Reply With Quote
Advert
Old 06-14-2014, 03:07 PM   #6
frafra
Member
frafra began at the beginning.
 
Posts: 22
Karma: 10
Join Date: Jun 2014
Device: Onyx BOOX M92 (broken), Kobo Aura HD (stolen), Kobo Aura H2O 2nd ed.
Thank you PeterT
I figured out how to dump the whole internal microsd without using another one (see thread) because I understood a bit more regarding how networking works on Kobo and how the system boots
frafra is offline   Reply With Quote
Reply

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Ssh/telnet access over 3G? lolcat Kindle Developer's Corner 12 02-21-2011 11:56 AM
SSH keys with dropbear? enn Kindle Developer's Corner 2 10-07-2010 12:54 AM
iLiad PC and iliad together: ssh? dropbear? daudi iRex Developer's Corner 10 01-13-2008 09:47 AM
iLiad dropbear ssh: how to change root password? daudi iRex Developer's Corner 2 01-10-2008 04:49 PM
iLiad How do I get ssh access to my 2.7.1 iLiad? narve iRex Developer's Corner 3 11-28-2006 05:59 PM


All times are GMT -4. The time now is 09:46 PM.


MobileRead.com is a privately owned, operated and funded community.