falsephilosopher / pppwnwrt Goto Github PK

Hello
Thanks for this amazing tutorial
I changed stage2.bin with the goldhen.bin (renaming it of course)As the Orignal setup just gave pppwned message on screen

But the problem is

[*] Sending stage2 payload...
[+] Done!

It states this but the goldhen isn’t loaded on the ps4
What am I doing wrong please help

I just help for run this hack on 4mb router tplink wr841nd on openwrt installed. Is possible ?

This pppwn auto-start process really works very well for me, but I have seen in other repositories that they install a script to turn off the router after the pppwn process has been executed. Could someone help me with this?

Thanks in advance

sorry my bad english ( google traslate)

I've tried following the guide and PPPwnWRT is installed, and I can have it run "pppwn list" to show the interfaces. When I've tried running the below script though, it gives me a "Killed" notification just a few seconds after running.
"pppwn --interface eth0.1 --fw 1100 --stage1 "/etc/PPPwnWRT/stage1.bin" --stage2 "/etc/PPPwnWRT/stage2.bin" --auto-retry"

I'm using an Asus RT-N12+ B1 and have used the MIPS build

How can I edit /etc/pppwnwrt/pppwnwrt.sh script to run the autostart code

I am very new to this process, I would like your support

I managed to execute the exploit properly, but I cannot edit the ppwnwrt.sh or I do not know how to do it

sorry my bad english, and tanks

Any chance to get a right script for FW 10.00/10.01 ?
Thanks

Just FYI. For some reason the stage1.bin provided for MIPS devices is causing Kernel Panic on PS4
As a solution, i've change BIN files in my OpenWRT router with stage1.bin from THeFlow's github and stage2.bin from SISTR0's repo and worked normally.

Hello,
I tried each line of the script pppwnwrt11.sh, and i tried to launch:
pppwn --interface lan1 --fw 1100 --stage1 "/etc/PPPwnWRT/stage1.bin" --stage2 "/etc/PPPwnWRT/stage2.bin" --auto-retry
Without adding it in rc.local, but i get this error:
/bin/pppwn: line 1: syntax error: unexpected word (expecting ")")
I get this error even if I just run pppwn

My OpenWRT firmware Version is: OpenWrt 23.05.2 r23630-842932a63d / LuCI openwrt-23.05 branch git-23.306.39416-c86c256

Is this normal?
Thanks

Is this processor supported?
CPU： RK3228A Quad Core 32bits Cortex-A7 @ up to 1.2 GHz

Hi!

I tried following the instructions for dd-wrt but, as per it's design I cannot copy to /etc or /bin as they are mounted as read only, The only folders I can copy to are:

jffs
tmp
usr
var

I can also copy the pppwnwrt folder, but not its content, into dev... If that helps.

can you please suggest a solution?

Thanks a lot!

Sasiccia

Im using open wrt version 21.02.01 stuck at ipcp configure ack

[+] args: interface=br-lan fw=1100 stage1=/etc/pppwnwrt/stage1_1100.bin stage2=/etc/pppwnwrt/stage2.bin timeout=0 wait-after-pin=1 groom-delay=4 auto-retry=on no-wait-padi=off real_sleep=off

[+] STAGE 0: Initialization
[] Waiting for PADI...
[] Waiting for PADI...
[+] pppoe_softc: 0xffff97f80799da00
[+] Target MAC: 0c:fe:45:a5:cd:20
[+] Source MAC: 07:da:99:07:f8:97
[+] AC cookie length: 4e0
[] Sending PADO...
[] Waiting for PADR...
[] Sending PADS...
[] Sending LCP configure request...
[] Waiting for LCP configure ACK...
[] Waiting for LCP configure request...
[] Sending LCP configure ACK...
[] Sending IPCP configure request...
[] Waiting for IPCP configure ACK...
[] Waiting for IPCP configure request...
[] Sending IPCP configure NAK...
[] Waiting for IPCP configure request...
[] Sending IPCP configure ACK...
[] Waiting for interface to be ready...
[+] Target IPv6: fe80::efe:45ff:fea5:cd20

[] Heap grooming...0%
[] Heap grooming...6%
[] Heap grooming...12%
[] Heap grooming...18%
[] Heap grooming...25%
[] Heap grooming...31%
[] Heap grooming...37%
[] Heap grooming...43%
[] Heap grooming...50%
[] Heap grooming...56%
[] Heap grooming...62%
[] Heap grooming...68%
[] Heap grooming...75%
[] Heap grooming...81%
[] Heap grooming...87%
[] Heap grooming...93%
[+] Heap grooming...done

[+] STAGE 1: Memory corruption

[] Pinning to CPU 0...00%
[] Pinning to CPU 0...06%
[] Pinning to CPU 0...12%
[] Pinning to CPU 0...18%
[] Pinning to CPU 0...25%
[] Pinning to CPU 0...31%
[] Pinning to CPU 0...37%
[] Pinning to CPU 0...43%
[] Pinning to CPU 0...50%
[] Pinning to CPU 0...56%
[] Pinning to CPU 0...62%
[] Pinning to CPU 0...68%
[] Pinning to CPU 0...75%
[] Pinning to CPU 0...81%
[] Pinning to CPU 0...87%
[] Pinning to CPU 0...93%
[+] Pinning to CPU 0...done
[] Sending malicious LCP configure request...
[] Waiting for LCP configure reject...
[] Sending LCP configure request...
[] Waiting for LCP configure ACK...
[] Waiting for LCP configure request...
[] Sending LCP configure ACK...
[] Sending IPCP configure request...
[] Waiting for IPCP configure ACK...
[] Waiting for IPCP configure request...
[] Sending IPCP configure NAK...
[] Waiting for IPCP configure request...
[] Sending IPCP configure ACK...

[] Scanning for corrupted object... 0xf00
[] Scanning for corrupted object... 0xe00
[] Scanning for corrupted object... 0xd00
[] Scanning for corrupted object... 0xc00
[] Scanning for corrupted object... 0xb00
[] Scanning for corrupted object... 0xa00
[] Scanning for corrupted object... 0x900
[] Scanning for corrupted object... 0x800
[] Scanning for corrupted object... 0x700
[] Scanning for corrupted object... 0x600
[] Scanning for corrupted object... 0x500
[] Scanning for corrupted object... 0x400
[] Scanning for corrupted object... 0x300
[] Scanning for corrupted object... 0x200
[*] Scanning for corrupted object... 0x100
[+] Scanning for corrupted object...found fe80::007f:4141:4141:4141

[+] STAGE 2: KASLR defeat

[*] Defeating KASLR...
[+] pppoe_softc_list: 0xffffffffdbf7a578
[+] kaslr_offset: 0x57a98000

[+] STAGE 3: Remote code execution
[] Sending LCP terminate request...
[] Waiting for PADI...
[+] pppoe_softc: 0xffff97f80799da00
[+] Target MAC: 0c:fe:45:a5:cd:20
[+] Source MAC: 97:9f:94:da:ff:ff
[+] AC cookie length: 510
[] Sending PADO...
[] Waiting for PADR...
[] Sending PADS...
[] Triggering code execution...
[] Waiting for stage1 to resume...
[] Sending PADT...
[] Waiting for PADI...
[+] pppoe_softc: 0xffff97f80799da00
[+] Target MAC: 0c:fe:45:a5:cd:20
[+] AC cookie length: 0
[] Sending PADO...
[] Waiting for PADR...
[] Sending PADS...
[] Sending LCP configure request...
[] Waiting for LCP configure ACK...
[] Waiting for LCP configure request...
[] Sending LCP configure ACK...
[] Sending IPCP configure request...
[] Waiting for IPCP configure ACK...

Any solution ??

Title, installed for MIPS architecture and PS4 is connected to LAN1 port. Tried restarting the router with no success. I didn't configure my router in any way besides root password and enabling SSH. Are there any logs available? I'm not very familiar with OpenWRT

What package i need for WRT 54g V2.2 ?

请问aarch64使用哪个文档？

Hi all,

I am running pppwnwrt on a very old router, La Fonera+ from 2007. 16 MB of RAM, 8 MB of flash and a MIPS processor.

I got the aforementioned error as soon as I reach Stage 1. ChatGPT suggests it may be related to hardware limitations.

So my question is, which are the absolutely minimum system requirements to run this software?

May uninstall unused services relieve some RAM and processor workload and make it work?

I can provide more context if necessary.

Thank you and regards.

PS: the complete error says "libc++abi: terminating due to uncaught exception of type std::__1::system_error: thread constructor failed: Resource temporarily unavailable Aborted"