Jump to content
Hak5 Forums
Legomaniac

Cow Milking Robot Hacks/Mods X11

Recommended Posts

On 8/2/2017 at 5:40 PM, Help4Tec said:

It's more simpel then you think. At the XLink of your Robot is an USB Port.
That's all you need. Just go there an connect a keyboard. Then you can open a terminal.
Ther is allredy VNC Insalled you just need to chage it from view only.

Thats it.

Hey guys! Sorry for the delay I didn't realize there was this much demand. I do have a semi-useful (functional but cludgey) remote access to the robot. Now that Help4Tec has said to just plug in a keyboard I am going to try that and I will post a video showing what happens.

Thanks everyone!

Share this post


Link to post
Share on other sites
On 29-8-2017 at 6:20 AM, Legomaniac said:

Hey guys! Sorry for the delay I didn't realize there was this much demand. I do have a semi-useful (functional but cludgey) remote access to the robot. Now that Help4Tec has said to just plug in a keyboard I am going to try that and I will post a video showing what happens.

Thanks everyone!

And how did it go ?

 

Share this post


Link to post
Share on other sites

 Hi Everyone, update time. I plugged in a keyboard and it did do interesting things, sort of. Ctrl + Alt + FX (X != 2 ) directs you to a console login. I tried all the obvious-ish default passwords. Lely, Password, 123456, etc. It is quite slow on the password denied response, so perhaps I need to buy a rubber ducky and let it go all night long or something. The good news is it does keep milking cows while messing with it, you just have to remember to CtrlAltF2 before you unplug the keyboard. 

Video: 

I haven't done a hard reboot, I think that's the next step, remove power and see what shows up during boot. 

 

Share this post


Link to post
Share on other sites
Just now, user_1577 said:

@Legomaniac I was able to login with username: lely password: lely no root access though:sad:

I'm actually not sure I tried that! Mostly I tried to log into root or 'admin' I'll try lely lely

it likely is vulnerable to privilege escalation attacks somewhere 

Share this post


Link to post
Share on other sites
9 minutes ago, Legomaniac said:

I'm actually not sure I tried that! Mostly I tried to log into root or 'admin' I'll try lely lely

it likely is vulnerable to privilege escalation attacks somewhere 

I'm not home but I tried to ssh in as username lely password lely

no sauce yet

Share this post


Link to post
Share on other sites

Thats strange just tried it again for me and it logged in:

 

login as: lely
lely@10.4.1.101's password:
Linux elink-tab 3.10.17-R07 #1 SMP PREEMPT Mon Feb 15 15:14:56 CET 2016 armv7l

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Mon Sep 11 23:34:29 2017 from 10.4.1.1
lely@elink-tab:~$ ls /
bin   dev  home          lib    media  opt   root  sbin  sys  usr
boot  etc  lely_install  lib64  mnt    proc  run   srv   tmp  var
lely@elink-tab:~$

 
 

Share this post


Link to post
Share on other sites
5 minutes ago, user_1577 said:

Thats strange just tried it again for me and it logged in:

 


login as: lely
lely@10.4.1.101's password:
Linux elink-tab 3.10.17-R07 #1 SMP PREEMPT Mon Feb 15 15:14:56 CET 2016 armv7l

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Mon Sep 11 23:34:29 2017 from 10.4.1.1
lely@elink-tab:~$ ls /
bin   dev  home          lib    media  opt   root  sbin  sys  usr
boot  etc  lely_install  lib64  mnt    proc  run   srv   tmp  var
lely@elink-tab:~$

 

Did you copy & paste that or type it out? Also, what version of robot is it, and what software version is i running?

Share this post


Link to post
Share on other sites

so, What I'm getting looks like this: 

If you trust this host, enter "y" to add the key to                                                             
PuTTY's cache and carry on connecting.                                                                          
If you want to carry on connecting just once, without                                                           
adding the key to the cache, enter "n".                                                                         
If you do not trust this host, press Return to abandon the                                                      
connection.                                                                                                     
Store key in cache? (y/n) yes                                                                                   
login as: lely                                                                                                  
lely@10.4.1.101's password:  (I entered lely)                                                                                   
Access denied                                                                                                   
lely@10.4.1.101's password:                                                                                     

Update: I tried it on robot 2 and got the same results.

PS C:\Program Files\PuTTY> .\plink.exe 10.4.1.102                                                               
The first key-exchange algorithm supported by the server is                                                     
diffie-hellman-group1-sha1, which is below the configured warning threshold.                                    
Continue with connection? (y/n) y                                                                               
The server's host key is not cached in the registry. You                                                        
have no guarantee that the server is the computer you                                                           
think it is.                                                                                                    
The server's rsa2 key fingerprint is:                                                                           
ssh-rsa 1040 be:44:a8:36:71:ec:1e:b9:df:28:23:d3:c9:eb:b6:8a                                                    
If you trust this host, enter "y" to add the key to                                                             
PuTTY's cache and carry on connecting.                                                                          
If you want to carry on connecting just once, without                                                           
adding the key to the cache, enter "n".                                                                         
If you do not trust this host, press Return to abandon the                                                      
connection.                                                                                                     
Store key in cache? (y/n) y                                                                                     
login as: Lely                                                                                                  
Lely@10.4.1.102's password:                                                                                     
Access denied                                                                                                   
Lely@10.4.1.102's password:                                                                                     
Access denied                                                                                                   
Lely@10.4.1.102's password:                                                                                     
Access denied                                                                                                   
Lely@10.4.1.102's password:                                                                                     
Access denied                                                                                                   
Lely@10.4.1.102's password:                                                                                     
Access denied                                                                                                   
Lely@10.4.1.102's password:                                                                                     
Access denied                                                                                                   
Lely@10.4.1.102's password:               

So it appears that your robot has a different default ssh password than mine, or perhaps mine has password login disabled :( 

Question for those in the know, If you disable password login, will it still give you a 'fake' password prompt?

Edited by Legomaniac
More info

Share this post


Link to post
Share on other sites
Quote

Question for those in the know, If you disable password login, will it still give you a 'fake' password prompt?

Quite likely, yeah.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.

×