Summary of Reddit Comments on "conn bz2"

Reverse Shell and Password Cracking

• The user mentioned trying to insert a Reverse Shell and crack passwords, with suggestions to check /etc/passwd and /etc/shadow:
  • "if you get a shell, attempt to pull its /etc/passwd or /etc/shadow and find which other usernames are in there and attempt to crack em."
• They were able to read /etc/passwd using a Lua script with the guidance of a Reddit user:
  • "I could read the /etc/passwd using a lua script and sending the result via tcp (receiving via netcat) as suggested by DrinkMoreCodeMore."
• They found out that the password hash was unsalted MD5 and successfully cracked it using John the Ripper.

SSH and Accessing Devices

• Tried to add authentication keys to root's .[SSH](https://www.amazon.com/SSH-Secure-Shell-Definitive-Guide/dp/0596008953/ref=sr_1_1?dib=eyJ2IjoiMSJ9.rDXVpLC-dxiVVspTklb71KsW5vnYTGgBQlaac1WNRJneyhvSSlnXmQwqUgkI-C_0inFmYh8yAU1cPAiqKtgs0CgsIlmRujLCvPQvdXMJPCHFI0Zd9YtvdCsXkESW01hnKtIVJsI7CPBt7cu27LGLu142X3Kq5XxwHdNfzjJL4p4WqrZL3h0csFOPgDCoEoTUwfHzAySi-A1c88jdLQU3_478KJuU4FD6EvlZ9FBnFlU.ydoHttEkJnx-qa980FCMdDWObS8bsE1E5w6FRXnmB7E&dib_tag=se&keywords=SSH&qid=1732197100&sr=8-1&tag=redditrevie08-20) folder, but the filesystem was read-only.
• Managed to gain root access by using a specific SSH command:
  • "SSH -oHostKeyAlgorithms=+SSH-dss root@address"
• Device runs on "HiLinux" with BusyBox software and uses ARM926EJ-S rev 5.
• Recommendations were made to check if the device has [ping](https://www.amazon.com/Story-about-Ping-Marjorie-Flack/dp/0448421658/ref=sr_1_1?dib=eyJ2IjoiMSJ9.o8VdIEOv3A4OBCAfMK8F47Xr6v4IQN6q9ewxwTv2nzay6nCZCxHVLDisgfZUEElQI8gwN2XeaIoCBfk1iT5QLL6iBQ9XgHmG-HXuXBfwzIHD_052U2jR_lWH964DGTSoGmYDca8VNW2-4MDfB-LpYqKd8YLp1UTJDpPE6mP5lByHS6yrj-5tg4pzAHuY9RWyHIoJsUsMDTJPTezz5Vfu2V9m9maZAYAMb4MelfXKzSo.E0fZKXsBhCDXFwjPRSP-WrXPi3TF7n_XE3eodRccMIk&dib_tag=se&keywords=ping&qid=1732197100&sr=8-1&tag=redditrevie08-20) installed and establishing a [tcpdump](https://www.amazon.com/Complete-Routing-Protocol/dp/1852338229/ref=sr_1_1?dib=eyJ2IjoiMSJ9.BeMAIYkyj7Bx2eU7-oENhQGbFfvcpy0JPirtWXXuN4OAv0Ns5KvYYct9j9KZlSbm.mUCmBKv1iLie2RENla8jn62tE_UmkhYzi2nO4MHK6lY&dib_tag=se&keywords=tcp+dump&qid=1732197100&sr=8-1&tag=redditrevie08-20) listener for network connectivity testing.

Other References

• Suggested looking at SQL WHERE statements for better query efficiency.
• Indicated that the function discussed might not exist in PHP versions above 7.0.
• Additional resources shared included links for Reverse Shells, troubleshooting SSL setups, and PHP module loading.