Mr-Protocol Posted December 7, 2012 Share Posted December 7, 2012 After playing around with this, I may have found a way for people to get into their pineapples without sending it back or needing a UART. If you are using the stock firmware of the pineapple (2.4.1) that you purchased from the HakShop Used the GUI to change your password If your password contains special characters (specifically $) Try: echo YOUR_ELITE_PASS > my_real_passwordcat my_real_password[/CODE]Try using the string returned to you from [CODE]cat my_real_password[/CODE] to login as root.Example:[CODE]protocol@protocol-desktop:~$ echo super$elite > testprotocol@protocol-desktop:~$ cat testsuper[/CODE]So if my new password was "super$elite" when put into the 2.4.1 web GUI, the password to login would be "super"If you get errors when trying to echo the string into a file, chances are the password didn't change. You will have to figure it out depending on the errors you get back of what may have happened. Or buy http://hakshop.myshopify.com/products/serial-ttl-cableI advise if this works to upgrade to the latest firmware, also read the change logs on the web GUI URL change to http://172.16.42.1:1471Hopefully this will work and make it easier for the Hakshop and users to get back up and running.Cheers,Mr-Protocol Quote Link to comment Share on other sites More sharing options...
digininja Posted December 7, 2012 Share Posted December 7, 2012 Basically it has taken whatever is after the $ and assumed that it is a shell variable, by doing this you are reproducing what the shell script would have seen and so hopefully the password that was set. You can't just assume that everything after the $ was truncated because certain characters aren't allowed in variable names so would have terminated the variable and let the normal characters back in. If you want to see what is happening try this in a sh/bash shell echo $PATH[/CODE]shows the current path[CODE]echo xxx$PATH[/CODE]shows the path with xxx at the start[CODE]echo xxx$PATHyyy[/CODE]shows just xxx as $PATHyyy doesn't exist[CODE]echo xxx$PATH+yyy[/CODE]shows xxx+yyy as the + terminates the variable name Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted December 7, 2012 Author Share Posted December 7, 2012 Well put. It was too early in the morning for me to keep poking around at it. Quote Link to comment Share on other sites More sharing options...
vidkun Posted December 7, 2012 Share Posted December 7, 2012 digininja's explanation makes sense for why $ doesn't work, but what about spaces? Changing your password through the GUI with a space in your password truncates your new password at the first space as well. Quote Link to comment Share on other sites More sharing options...
digininja Posted December 7, 2012 Share Posted December 7, 2012 I've not looked at the code but if it is just passing the entry to a script without using quotes around the variable then it would be something like changepassword.sh newpassword thatwasaspace so it would take "newpassword" as the password and ignore the "thatwasaspace" as an unused second parameter Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.