Pages:
Author

Topic: Antminer Hack S9 /S15 / S17 / Sx aso. SSH and so on for free - page 3. (Read 3377 times)

legendary
Activity: 2030
Merit: 1569
CLEAN non GPL infringing code made in Rust lang
[...]

Why? Have you never done serial? You just need 3 wires: TXD RXD and GND which corresponds to pins 2, 3 and 5 in a standard db-9 plug. You might need to swap TXD and RXD if you got it wrong. Don't ask me about usb because that's a whole new can of worms.



To clarify in case you somehow got it wrong: You can use either port, the rj45 or the 3 pin header for serial communications. "Both" should work... Using an rj45 for serial communications is old. The port knows when you plug this type of cable instead of Ethernet in devices with serial, there is nothing special about this. But in addition there happens to be a 3 pin header that appears to be the same. Just ignore the 3 pin header if you don't get it.

RJ-45 PinSignalDB-9 PinSignal
1RTS8CTS
2DTR6DSR
3TXD2RXD
4GND5GND
6RXD3TXD
7DSR4DTR
8CTS7RTS

https://www.juniper.net/documentation/en_US/release-independent/junos/topics/reference/specifications/port-rj45-db9-adapter-pinout.html

You could wire them all if you are bothered with hardware control, but my made by Cisco version cable didn't bother. I don't think they use it (cts/rts) anyway, or the data ready pins.
member
Activity: 68
Merit: 13
Or you can do it without buying any tools: https://asicseer.com/page/security-restoring-ssh

We released it for free. If you like the tool, try ASICseer itself Smiley
member
Activity: 264
Merit: 16
Both apparently. I did saw the 3 pin header on S9s, but this may vary with controller model/revision.

Both? If both where is diagram for board connections?
This post seems a joke!

see the first post (edited today)!

This sounds like one enigma, why dont do this like if this was for very stupid people?
Put some pictures of connections, or a video in youtube, why not?
hero member
Activity: 561
Merit: 521
Trustless IceColdWallet
I have everything but dont work, what is supposed to use as terminal to login, Putty or coolterm?
We need to connect energy to the databoard or not?

see the first post (edited today)!
legendary
Activity: 2030
Merit: 1569
CLEAN non GPL infringing code made in Rust lang
I bought one already cable in Amazon from USB to RJ45, but like i told you nothing works.
The connections are in the RJ45 or in the boards points like old JTAGs ?

Both apparently. I did saw the 3 pin header on S9s, but this may vary with controller model/revision.
member
Activity: 264
Merit: 16
Why? Did you made the cable yourself? Just search online for FTDI usb cable pinout... I believe it involves a chip, due to usb, unless you want to make a direct rj45 to serial which i happen to have one lol. Cisco switches and such use them in both the true serial and usb variants that go into an rj45 jack and serial/usb on the other side. Oh, if you are using a true serial port, make sure its enabled in the bios. Some bios are set to "auto" and won't turn it on if nothing is plugged at boot.

I haven't touched putty in over a decade, but if it can do true serial then its a matter of picking the right port and speed parameters (115kbps 8,n,1).
If unsure test the program with something else if you have anything that still connects via serial (such as the aforementioned router, or an old fashioned pc).

I bought one already cable in Amazon from USB to RJ45, but like i told you nothing works.
The connections are in the RJ45 or in the boards points like old JTAGs ?
newbie
Activity: 14
Merit: 16
For the exploit, I searched and tried the few exploits on exploit-db. I haven't found anything thats a windowns script. The others didin't seem to work (were for older versions than lighttpd 1.4.32, which is whats on the newest firmware.) Has anyone else had more luck?

Thanks
legendary
Activity: 2030
Merit: 1569
CLEAN non GPL infringing code made in Rust lang
Why? Did you made the cable yourself? Just search online for FTDI usb cable pinout... I believe it involves a chip, due to usb, unless you want to make a direct rj45 to serial which i happen to have one lol. Cisco switches and such use them in both the true serial and usb variants that go into an rj45 jack and serial/usb on the other side. Oh, if you are using a true serial port, make sure its enabled in the bios. Some bios are set to "auto" and won't turn it on if nothing is plugged at boot.

I haven't touched putty in over a decade, but if it can do true serial then its a matter of picking the right port and speed parameters (115kbps 8,n,1).
If unsure test the program with something else if you have anything that still connects via serial (such as the aforementioned router, or an old fashioned pc).
member
Activity: 264
Merit: 16
Putty can use serial terminal too, but i use coolterm and i cant get nothing.
Why there is no connections scheme, can someone put some pictures of the connections scheme?
legendary
Activity: 2030
Merit: 1569
CLEAN non GPL infringing code made in Rust lang
I have everything but dont work, what is supposed to use as terminal to login, Putty or coolterm?
We need to connect energy to the databoard or not?

Power the controller, no need for hashboards.
This is a serial link, old fashioned method you may not be familiar with depending on your age, so use a serial terminal, not ssh client; forget putty.

If you do it correctly you should get a prompt when you plug the cable and hit enter; probably login and password.
member
Activity: 264
Merit: 16
I have everything but dont work, what is supposed to use as terminal to login, Putty or coolterm?
We need to connect energy to the databoard or not?
sr. member
Activity: 463
Merit: 309
Do you know the pinout for the ftdi to connect it to the miner? or would any console cable work?
https://www.amazon.com/dp/B07MY6F8TP/
hero member
Activity: 561
Merit: 521
Trustless IceColdWallet
HACK FIRMWARE and SSH and EXPLOIT for free

FIRMWARE


Code:
vi /www/pages/cgi-bin/upgrade.cgi

  • remove line 45,46,46,48,49,50,51,52,77,78 (move with up and press d to remove a line. 77 and 78 are the last fi on that function)
  • press ESC : wq
  • open your antminer website and upload what ever you want

SSH on any Antminer


Code:
dropbearkey -t rsa -f /config/dropbear_rsa_host_key -y

  • reboot -f
  • power off your antminer
  • disconnect ftdi
  • power on
  • login via ssh as usual

EXPLOIT Antminer (not only S15 or 17)

The exploit uses a security issue on Lighttpd!

  • research your self
  • if you use Kali Linux search for XSS, Lighttpd, remote execution
  • It's hard to find but not impossible!
  • do not spend any cent on this exploit use the above instructions
  • if you have found the script use dos2linux to convert the script (it's a Win script)
  • the code to execute is: dropbearkey -t rsa -f /config/dropbear_rsa_host_key -y
  • Why? Because if you set a new dropbearkey ssh service will start from alone Grin

Stop PM me if you will not pm your real name to me!

Hint: It works also above 1.4.32 Grin
Pages:
Jump to: