trillion
-
Posts
4 -
Joined
-
Last visited
Everything posted by trillion
-
I did include a factory reset I set it to bridge mode yeah It's definitely hacked, I just wondered if it was possible to tell from the system log alone - it was not showing this amount of warning messages before it's running port scans, mitm attacks, looks like traffic is being routed elsewhere
-
tried that, has no effect
-
Jan 1 00:00:14 daemon warn kernel: Allocated FAP0 GSO Buffers (0xA5D2EC58) : 1048576 bytes @ 0xA5E00000 Jan 1 00:00:14 daemon warn kernel: Allocated FAP1 GSO Buffers (0xA5DAEC58) : 1048576 bytes @ 0xA5F00000 Jan 1 00:00:14 daemon warn kernel: Allocated FAP0 TM SDRAM Queue Storage (a5d2ec5c) : 341376 bytes @ a5800000 Jan 1 00:00:14 daemon warn kernel: Allocated FAP1 TM SDRAM Queue Storage (a5daec5c) : 341376 bytes @ a5880000 Jan 1 00:00:14 daemon warn kernel: ^[[0;34m[NTC fapProto] fapReset : Reset FAP Protocol layer^[[0m Jan 1 00:00:14 daemon warn kernel: [FAP0] DSPRAM : stack <0x80000000><1536>, global <0x80000600><3960>, free <2696>, total<8192> Jan 1 00:00:14 daemon warn kernel: [FAP1] DSPRAM : stack <0x80000000><1536>, global <0x80000600><3960>, free <2696>, total<8192> Jan 1 00:00:14 daemon warn kernel: [FAP0] PSM : addr<0x80002000>, used <23452>, free <1124>, total <24576> Jan 1 00:00:14 daemon warn kernel: [FAP1] PSM : addr<0x80002000>, used <23452>, free <1124>, total <24576> Jan 1 00:00:14 daemon warn kernel: [FAP0] DQM : availableMemory 14652 bytes, nextByteAddress 0xE0004948 Jan 1 00:00:14 daemon warn kernel: [FAP1] DQM : availableMemory 14652 bytes, nextByteAddress 0xE0004948 Jan 1 00:00:14 daemon warn kernel: [FAP0] GSO Buffer set to 0xA5E00000 Jan 1 00:00:14 daemon warn kernel: [FAP1] GSO Buffer set to 0xA5F00000 Jan 1 00:00:14 daemon warn kernel: [FAP0] FAP BPM Initialized. Jan 1 00:00:14 daemon warn kernel: [FAP1] FAP BPM Initialized. Jan 1 00:00:14 daemon warn kernel: fapDrv_construct: FAP0: pManagedMemory=b0820650. wastage 8 bytes Jan 1 00:00:14 daemon warn kernel: fapDrv_construct: FAP1: pManagedMemory=b0a20650. wastage 8 bytes Jan 1 00:00:14 daemon warn kernel: bcmPktDma_bind: FAP Driver binding successfull Jan 1 00:00:14 daemon warn kernel: [FAP0] FAP TM: ON Jan 1 00:00:14 daemon warn kernel: [FAP1] FAP TM: ON Jan 1 00:00:14 daemon warn kernel: bcmxtmcfg: bcmxtmcfg_init entry Jan 1 00:00:14 daemon warn kernel: adsl: adsl_init entry Jan 1 00:00:14 daemon warn kernel: Broadcom BCM63168D0 Ethernet Network Device v0.1 Aug 7 2014 18:23:46 Jan 1 00:00:14 daemon warn kernel: Broadcom GMAC Char Driver v0.1 Aug 7 2014 18:23:52 Registered<249>^[[0m Jan 1 00:00:14 daemon warn kernel: Broadcom GMAC Driver v0.1 Aug 7 2014 18:23:52 Initialized Jan 1 00:00:14 daemon warn kernel: fapDrv_psmAlloc: fapIdx=1, size: 4800, offset=b0a20650 bytes remaining 7000 Jan 1 00:00:14 daemon warn kernel: ETH Init: Ch:0 - 200 tx BDs at 0xb0a20650 Jan 1 00:00:14 daemon warn kernel: fapDrv_psmAlloc: fapIdx=0, size: 4800, offset=b0820650 bytes remaining 7000 Jan 1 00:00:14 daemon warn kernel: ETH Init: Ch:1 - 200 tx BDs at 0xb0820650 Jan 1 00:00:14 daemon warn kernel: fapDrv_psmAlloc: wastage 8 bytes Jan 1 00:00:14 daemon warn kernel: fapDrv_psmAlloc: fapIdx=0, size: 4808, offset=b0821910 bytes remaining 2184 Jan 1 00:00:14 daemon warn kernel: ETH Init: Ch:0 - 600 rx BDs at 0xb0821910 Jan 1 00:00:14 daemon warn kernel: fapDrv_psmAlloc: wastage 8 bytes Jan 1 00:00:14 daemon warn kernel: fapDrv_psmAlloc: fapIdx=1, size: 4808, offset=b0a21910 bytes remaining 2184 Jan 1 00:00:14 daemon warn kernel: ETH Init: Ch:1 - 600 rx BDs at 0xb0a21910 Jan 1 00:00:14 daemon warn kernel: dgasp: kerSysRegisterDyingGaspHandler: bcmsw registered Jan 1 00:00:14 daemon warn kernel: eth0: MAC Address: Jan 1 00:00:14 daemon warn kernel: eth1: MAC Address: Jan 1 00:00:14 daemon warn kernel: eth2: MAC Address: Jan 1 00:00:14 daemon warn kernel: eth3: MAC Address: Jan 1 00:00:14 daemon info kernel: NComm TMS V6.80 Kernel Module loaded. Jan 1 00:00:14 daemon warn kernel: ^[[0;34m[NTC arl] arlEnable : Enabled ARL binding to FAP^[[0m Jan 1 00:00:14 daemon warn kernel: Broadcom Address Resolution Logic Processor (ARL) Char Driver v0.1 Aug 7 2014 18:23:20 Registered <245> Jan 1 00:00:14 daemon warn kernel: --SMP support Jan 1 00:00:14 daemon warn kernel: wl: dsl_tx_pkt_flush_len=338 Jan 1 00:00:14 daemon warn kernel: wl: high_wmark_tot=6149 Jan 1 00:00:14 daemon warn kernel: wl: passivemode=1 Jan 1 00:00:14 daemon warn kernel: wl: napimode=0 Jan 1 00:00:14 daemon warn kernel: wl0: allocskbmode=1 currallocskbsz=512 Jan 1 00:00:14 daemon warn kernel: Neither SPROM nor OTP has valid image Jan 1 00:00:14 daemon warn kernel: wl:srom/otp not programmed, using main memory mapped srom info(wombo board) Jan 1 00:00:14 daemon warn kernel: wl:loading /etc/wlan/bcm6362_map.bin Jan 1 00:00:14 daemon warn kernel: srom rev:8 Jan 1 00:00:14 daemon warn kernel: wl: reading /etc/wlan/bcmcmn_nvramvars.bin, file size=32 Jan 1 00:00:14 daemon warn kernel: wl0: Broadcom BCM435f 802.11 Wireless Controller 6.30.102.7.cpe4.12L08.4 Jan 1 00:00:14 daemon warn kernel: dgasp: kerSysRegisterDyingGaspHandler: wl0 registered Jan 1 00:00:14 daemon warn kernel: Loading DECT Shim driver Jan 1 00:00:14 daemon warn kernel: Initialize DECT Shim layer.... Jan 1 00:00:14 daemon warn kernel: p8021ag: p8021ag_init entry Jan 1 00:00:14 daemon info kernel: Broadcom 802.1Q VLAN Interface, v0.1 Jan 1 00:00:14 daemon warn kernel: usb r:0 Jan 1 00:00:14 daemon info kernel: ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver Jan 1 00:00:14 daemon warn kernel: PCI: Enabling device 0000:00:0a.0 (0000 -> 0002) Jan 1 00:00:14 daemon info kernel: ehci_hcd 0000:00:0a.0: EHCI Host Controller Jan 1 00:00:14 daemon info kernel: ehci_hcd 0000:00:0a.0: new USB bus registered, assigned bus number 1 Jan 1 00:00:14 daemon warn kernel: ehci_hcd 0000:00:0a.0: Enabling legacy PCI PM Jan 1 00:00:14 daemon info kernel: ehci_hcd 0000:00:0a.0: irq 18, io mem 0x10002500 Jan 1 00:00:14 daemon info kernel: ehci_hcd 0000:00:0a.0: USB f.f started, EHCI 1.00 Jan 1 00:00:14 daemon info kernel: usb usb1: configuration #1 chosen from 1 choice Jan 1 00:00:14 daemon info kernel: hub 1-0:1.0: USB hub found Jan 1 00:00:14 daemon info kernel: hub 1-0:1.0: 2 ports detected here is first part of log, got cut off yes I thought that looked suspicious I assume I would have to open it up physically and JTAG or something to actually stop the hack?
-
Jan 1 00:00:14 daemon info kernel: ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver Jan 1 00:00:14 daemon warn kernel: PCI: Enabling device 0000:00:09.0 (0000 -> 0002) Jan 1 00:00:14 daemon info kernel: ohci_hcd 0000:00:09.0: OHCI Host Controller Jan 1 00:00:14 daemon info kernel: ohci_hcd 0000:00:09.0: new USB bus registered, assigned bus number 2 Jan 1 00:00:14 daemon info kernel: ohci_hcd 0000:00:09.0: irq 17, io mem 0x10002600 Jan 1 00:00:14 daemon info kernel: usb usb2: configuration #1 chosen from 1 choice Jan 1 00:00:14 daemon info kernel: hub 2-0:1.0: USB hub found Jan 1 00:00:14 daemon info kernel: hub 2-0:1.0: 2 ports detected Jan 1 00:00:14 daemon warn kernel: Host MIPS Clock divider pwrsaving is enabled Jan 1 00:00:14 daemon warn kernel: DDR Self Refresh pwrsaving is enabled Jan 1 00:00:14 daemon err syslog: dhcpd:udhcp server (v0.9.6) started Jan 1 00:00:14 daemon info kernel: ip_tables: (C) 2000-2006 Netfilter Core Team Jan 1 00:00:15 daemon info kernel: ip6_tables: (C) 2000-2006 Netfilter Core Team Jan 1 00:00:15 daemon warn kernel: Netfilter messages via NETLINK v0.30. Jan 1 00:00:16 daemon info kernel: device eth0 entered promiscuous mode Jan 1 00:00:16 daemon info kernel: ADDRCONF(NETDEV_UP): eth0: link is not ready Jan 1 00:00:17 daemon info kernel: device eth1 entered promiscuous mode Jan 1 00:00:17 daemon info kernel: ADDRCONF(NETDEV_UP): eth1: link is not ready Jan 1 00:00:18 daemon info kernel: device eth2 entered promiscuous mode Jan 1 00:00:18 daemon info kernel: ADDRCONF(NETDEV_UP): eth2: link is not ready Jan 1 00:00:18 daemon info kernel: device eth3 entered promiscuous mode Jan 1 00:00:19 daemon info kernel: ADDRCONF(NETDEV_UP): eth3: link is not ready Jan 1 00:00:19 daemon info kernel: device wl0 entered promiscuous mode Jan 1 00:00:20 daemon info kernel: br0: bridge group port 5(wl0) entering forwarding state Jan 1 00:00:20 daemon warn kernel: *** dslThread dslPid=918 Jan 1 00:00:20 daemon warn kernel: BcmAdsl_Initialize=0xC022AE5C, g_pFnNotifyCallback=0xC026CFC4 Jan 1 00:00:20 daemon warn kernel: lmemhdr[2]=0x100CE000, pAdslLMem[2]=0x100CE000 Jan 1 00:00:20 daemon warn kernel: pSdramPHY=0xA7FFFFF8, 0x1B7743 0xDEADBEEF Jan 1 00:00:20 daemon warn kernel: *** XfaceOffset: 0x5FF90 => 0x5FF90 *** Jan 1 00:00:21 daemon warn kernel: *** PhySdramSize got adjusted: 0xF0B34 => 0x1274F0 *** Jan 1 00:00:21 daemon warn kernel: AdslCoreSharedMemInit: shareMemSize=43757(43760) Jan 1 00:00:21 daemon warn kernel: AdslCoreHwReset: pLocSbSta=85b38000 bkupThreshold=3072 Jan 1 00:00:21 daemon warn kernel: AdslCoreHwReset: AdslOemDataAddr = 0xA7FAF608 Jan 1 00:00:21 daemon warn kernel: ***BcmDiagsMgrRegisterClient: 0 *** Jan 1 00:00:21 daemon warn kernel: dgasp: kerSysRegisterDyingGaspHandler: dsl0 registered Jan 1 00:00:21 daemon warn kernel: fapDrv_psmAlloc: fapIdx=1, size: 1600, offset=b0a22be0 bytes remaining 584 Jan 1 00:00:21 daemon warn kernel: XTM Init: Ch:0 - 200 rx BDs at 0xb0a22be0 Jan 1 00:00:21 daemon warn kernel: fapDrv_psmAlloc: fapIdx=1, size: 128, offset=b0a23220 bytes remaining 456 Jan 1 00:00:21 daemon warn kernel: XTM Init: Ch:1 - 16 rx BDs at 0xb0a23220 Jan 1 00:00:21 daemon warn kernel: bcmxtmrt: PTM/ATM Non-Bonding Mode configured in system Jan 1 00:00:21 daemon warn kernel: nf_conntrack version 0.5.0 (2028 buckets, 16224 max) Jan 1 00:00:21 daemon info FDNSLOGIN: EZSO init Jan 1 00:00:22 daemon info kernel: xt_time: kernel timezone is -0000 Jan 1 00:00:23 daemon info kernel: monitor task is initialized pid= 337 Jan 1 00:00:24 daemon crit kernel: eth3 (switch port: 1) Link UP 1000 mbps full duplex Jan 1 00:00:24 daemon info kernel: ADDRCONF(NETDEV_CHANGE): eth3: link becomes ready Jan 1 00:00:24 daemon info kernel: br0: bridge group port 4(eth3) entering forwarding state Jan 1 00:00:25 daemon info kernel: br0: bridge group port 5(wl0) entering disabled state Jan 1 00:00:25 daemon info kernel: device wl0 left promiscuous mode Jan 1 00:00:25 daemon info kernel: br0: bridge group port 5(wl0) entering disabled state Jan 1 00:00:25 daemon info kernel: device wl0 entered promiscuous mode Jan 1 00:00:25 daemon info kernel: br0: bridge group port 5(wl0) entering forwarding state Jan 1 00:00:26 daemon info kernel: br0: bridge group port 5(wl0) entering disabled state Jan 1 00:00:26 daemon info kernel: device wl0 left promiscuous mode Jan 1 00:00:26 daemon info kernel: br0: bridge group port 5(wl0) entering disabled state Jan 1 00:00:26 daemon info kernel: device wl0 entered promiscuous mode Jan 1 00:00:26 daemon info kernel: br0: bridge group port 5(wl0) entering forwarding state Jan 1 00:00:30 daemon info WLAN Schedule: WLAN Schedule Control on wl0 start Jan 1 00:00:47 daemon info kernel: br0: bridge group port 5(wl0) entering disabled state Jan 1 00:00:47 daemon info kernel: device wl0 left promiscuous mode Jan 1 00:00:47 daemon info kernel: br0: bridge group port 5(wl0) entering disabled state Jan 1 00:00:50 daemon info WLAN Schedule: WLAN Schedule Control on wl0 exit Jan 1 00:01:24 user info syslog: shutdown Jan 1 00:01:25 daemon err FDNSLOGIN: Faked DNS shall BYE BYTE:signal=15 Jan 1 00:01:25 daemon err FDNSLOGIN: FakedDnsProxy is closed Jan 1 00:01:25 daemon info FDNSLOGIN: shutdown Jan 1 00:10:36 daemon crit kernel: eth3 (switch port: 1) Link DOWN. Jan 1 00:10:36 daemon info kernel: br0: bridge group port 4(eth3) entering disabled state Jan 1 00:10:38 daemon crit kernel: eth3 (switch port: 1) Link UP 10 mbps half duplex Jan 1 00:10:38 daemon info kernel: br0: bridge group port 4(eth3) entering forwarding state Jan 1 00:11:22 daemon crit kernel: eth3 (switch port: 1) Link DOWN. Jan 1 00:11:22 daemon info kernel: br0: bridge group port 4(eth3) entering disabled state Jan 1 00:11:25 daemon crit kernel: eth3 (switch port: 1) Link UP 1000 mbps full duplex Jan 1 00:11:25 daemon info kernel: br0: bridge group port 4(eth3) entering forwarding state Jan 1 00:15:05 daemon crit kernel: Line 0: VDSL G.993 started Jan 1 00:15:16 daemon crit kernel: Line 0: VDSL2 link up, Bearer 0, us=8493, ds=39997 Jan 1 00:15:16 daemon warn kernel: bcmxtmcfg: XTM Link Information, port = 0, State = UP, Service Support = PTM Jan 1 00:15:16 daemon warn kernel: bcmxtmcfg: ReconfigureSAR port 0 traffictype 2 Jan 1 00:15:16 daemon warn kernel: bcmxtmcfg: Normal(XTM/PTM) Mode enabled Jan 1 00:15:16 daemon warn kernel: TxLineRateTimer=3768 Jan 1 00:15:16 daemon warn kernel: bcmxtmrt: MAC address: Jan 1 00:15:16 daemon warn kernel: [DoCreateDeviceReq.3087]: register_netdev Jan 1 00:15:16 daemon warn kernel: [DoCreateDeviceReq.3089]: register_netdev done Jan 1 00:15:17 daemon warn kernel: [FAP1] xtmCreateDevice : devId 0, encapType 0, headerLen 0 Jan 1 00:15:17 daemon warn kernel: bcmxtmcfg: Reserve PTM vcid=0 ptmPri=1 port=0 bondingPort=4 Jan 1 00:15:17 daemon warn kernel: bcmxtmcfg: Reserve PTM vcid=1 ptmPri=2 port=0 bondingPort=4 Jan 1 00:15:17 daemon warn kernel: bcmxtmcfg: Reserve TxQueueIdx=0 for vcid 0 Jan 1 00:15:17 daemon warn kernel: bcmxtmcfg: Reserve MP group=0 priority=0 weight=1 Jan 1 00:15:17 daemon warn kernel: XTM Init: Ch:0 - 400 tx BDs at 0xa4890000 Jan 1 00:15:17 daemon warn kernel: bcmxtmcfg: Connection UP, LinkActiveStatus=0x1, US=8493000, DS=39997000 Jan 1 00:15:17 daemon warn kernel: [FAP0] xtmCreateDevice : devId 0, encapType 0, headerLen 0 Jan 1 00:15:17 daemon warn kernel: [FAP1] xtmLinkUp : devId 0, matchId 0 Jan 1 00:15:17 daemon warn kernel: [FAP0] xtmLinkUp : devId 0, matchId 0 Jan 1 00:15:17 daemon warn kernel: [FAP1] xtmLinkUp : devId 0, matchId 1 Jan 1 00:15:17 daemon warn kernel: [FAP0] xtmLinkUp : devId 0, matchId 1 Jan 1 00:15:17 daemon warn kernel: netdev path : ptm0.1 Jan 1 00:15:17 daemon info kernel: -> ptm0 Jan 1 00:15:17 daemon warn kernel: BCMVLAN : ptm0 mode was set to RG Jan 1 00:15:17 daemon info kernel: device ptm0.1 entered promiscuous mode Jan 1 00:15:17 daemon info kernel: device ptm0 entered promiscuous mode Jan 1 00:15:17 daemon info kernel: br0: bridge group port 5(ptm0.1) entering forwarding state Jan 1 00:15:18 daemon err syslog: dhcpd:udhcp server (v0.9.6) started here is the log file, look suspicious? faked DNS!?