[Pablo] is a recent and proud owner of a Transcend WiFi SD Card. It allows him to transfer his pictures to any WiFi-enabled device in a matter of seconds.
As he suspected that some kind of Linux was running on it, he began to see if he could get a root access on it… and succeeded.
His clear and detailed write-up begins with explaining how a simple trick allowed him to browse through the card’s file system, which (as he guessed correctly) is running busybox. From there he was able to see if any of the poorly written Perl scripts had security holes… and got more than he bargained for.
He first thought he had found a way to make the embedded Linux launch user provided scripts and execute commands by making a special HTTP POST request… which failed due to a small technicality. His second attempt was a success: [Pablo] found that the user set password is directly entered in a Linux shell command. Therefore, the password “admin; echo haxx > /tmp/hi.txt #” could create a hi.txt text file.
From there things got easy. He just had to make the card download another busybox to use all the commands that were originally disabled in the card’s Linux. In the end he got the card to connect a bash to his computer so he could launch every command he wanted.
As it was not enough, [Pablo] even discovered an easy way to find the current password of the card. Talk about security…
[Adam Outler] shows us how to expand the Linux tools available on Android without rooting the device. He does this by installing BusyBox. The binary is copied to the device using the Android Developer Bridge. He then opens an ADB shell, adds execution permissions to the binary, and runs it. BusyBox calls itself the Swiss Army Knife of Embedded Linux. It provides a set of very common tools which you’ll find useful in your tinkering. The one that [Adam] shows off in his video is the vi editor, but the basics that make a shell work are all there like: ls, mkdir, grep, dmesg, mount… you get the point.
So what are you going to do with your unrooted device now that you have these commands at your disposal? That’s really for you to figure out. [Adam] continues his demonstration by installing a package that does require root access. It’s BotBrew Basil, which adds apt-get and a few more complex packages. He then uses vi to write a C++ Hello World program, then compiles it and runs it. So if you’re looking to do some development on your phone this is one way.
Continue reading “Common Linux Tools On Android Without Root By Installing BusyBox”
The Vtech InnoTab is a child-sized tablet computer built for kids. Apart from being the ideal solution to keeping the grubby, sticky hands of nieces and nephews away from proper ‘adult sized’ tablets, it can also serve as a Linux tablet perfect for a few homebrew apps. [Mick] picked up an InnoTab for his son, but after getting BusyBox working, we’re thinking it has become a toy for the father and not the son.
[Mick] cracked open the InnoTab and soldered a few wires to a pair of pins that connect to a TTL level converter and then to a TV. There’s a full Linux shell running on [Mick]’s new tablet, encouragement enough for him to start porting ScummVM, the engine behind famous LucasArts point-and-click adventure games of the early 90s.
Right now, it’s still very much a work in progress, but [Mick] has full screen support and a virtual keyboard working; more than enough to enjoy Day of the Tentacle and Sam & Max Hit the Road. After the break you can see the video of [Mick]’s InnoTab running the much more child-friendly SCUMM adventure Putt Putt Goes to the Moon, something we’re sure his son will love.
Continue reading “Putting Linux On The Vtech InnoTab”
[ghostwalker] dropped in on our previous Debian Android post to let us know that he had streamlined the install process. The first time around, it quickly became difficult to complete the process because firmware updates had taken away root access. Hackers have since figured out how to downgrade from RC30 and install BusyBox. All you need to do to put Debian on your phone is download the package from [ghostwalker] and then run the installer script. This isn’t technically a port since Debian already has ARM EABI support. What would you run on your phone if you had access to the entire Debian package tree? A video of Debian starting up is embedded below.
Continue reading “Debian On The G1 Once Again”
Embedded above is a demo video of an iPhone running a Linux 2.6 kernel. The iphone-dev team has created a new bootloader called OpeniBoot. The bootloader lets you boot into a Linux console, which you can talk to over a USB serial device. They’ve got busybox working, but there is no touchscreen support yet. The instructions are not that difficult and include how to back up your settings. It works on first and second gen iPhones and first gen iPod Touch. This is a very early port, but the future is wide open… Android iPhone?