Hacking “My Cloud”

N.B. Doing any of the things in this document will void your warranty and may turn your cloud into a brick. That said the WD My Cloud box is quite a handy little device and as it’s running Debian Wheezy you can do quite a lot of fun stuff with it. How much you want and can do will obviously depend on what you’re using it for, but keep an eye on load and it’s really quite capable. Back everything up! Frequently! Seriously, I mean it make back ups of all the system files before you start doing anything and make backups after each change. The My Cloud device doesn’t have convenient console access so it’s not too hard to lock yourself out. Though the reset/restore function is actually very forgiving and mainly just loses changes to the /etc/password file. I also suggest putting as many of the files (especially… Continue reading

Shell access via PDNS LUA

I’ve been spending a bit of time playing with the LUA functionality of Power DNS, it was inevitable that I got round to implementing a generic shell over DNS. It’s not very polished it doesn’t like interactive commands or commands with odd characters and it is more insecure than a very insecure thing that isn’t very safe. It is however a surprisingly short amount of code for what it does. There are a very few circumstances I can think of where a very restricted version of this might be useful, but really there’s always going to be a better and more sensible option. However it’s an interesting proof of concept and more importantly it was fun. If you don’t understand this code do not use it , if you do understand this code you know why you don’t want to use it. The code as shown below won’t actually work… Continue reading

Credential free, anonymous system access

I suspect that in this day and age where very few services are made available via telnet and SSH that this document is of limited use. However I need the notes and it may help out someone else. Anonymous access to services these days isn’t that common, and the traditional approach has always been to use a published username and password. I’ve never been that keen on such an approach as it means the account has to have a valid password and thus be locked out of every other service on the machine, also it means that you present a slightly greater window for people to try to send you malicious data. Because of this I rather prefer to just not ask for credentials on public services. So if you want to allow people to connect to a system via SSH or telnet (Yes I know telnet isn’t secure and… Continue reading

Yet another “How to Chroot” article

There are loads of “how to set up chroot” guides out there, and this is yet another one as I had to piece together quite a few to get things to work they way I needed them to and to my liking. So as I need to make notes for when I inevitably need to set this up again I figure I may as well share those notes. Hopefully this well be a suitably idiot guide. This is written for a Ubuntu system so on other systems your mileage may vary. The basics I’m going to break this down to the first steps that are vital for getting any chroot jail to work and then look at making it useful. But even these basic steps could probably be made even more minimal if you really wanted to. For the purpose of these notes just assume that every command is either… Continue reading