This is how this firmware was made.
1. Use imagetool to unpack firmware SB6120-1.0.2.0-ENG00-SH.NNEMN.bin. This is the only shell firmware I have.
2. Edit etc/scripts/dsdk.pcd
change from
Code: Select all
# INCLUDE = /etc/scripts/vendor.pcd
Code: Select all
INCLUDE = /etc/scripts/vendor.pcd
At the end change from
Code: Select all
if [ -z "$docsis_auto_run" ]; then
# Kill the current watchdog, and let PCD start and monitor it
rtwd=`ps|grep watchdog_rt|grep -v grep|cut -c 1-5`
if [ -n "$rtwd" ]; then
kill -9 $rtwd ; \
fi
# Spawn PCD, start the system
/usr/sbin/pcd -f /etc/scripts/dsdk.pcd -v -t 20 -d -e /nvram/pcd_error_log.txt &
fi
Code: Select all
# if [ ! -f /nvram/agent_cm.cnf ]; then
# cp /etc/agent_cm.cnf.org /nvram/agent_cm.cnf
# fi
echo "root:ABW9wzpK6VV4Q:0:0:Root User,,,:/nvram:/bin/sh">/var/tmp/passwd
echo "root:ABW9wzpK6VV4Q:0:0:Root User,,,:/nvram:/bin/sh">/var/tmp/shadow
# Spawn PCD, start the system
/usr/sbin/pcd -f /etc/scripts/dsdk.pcd -v -t 20 -d -e /nvram/pcd_error_log.txt &
fi
Code: Select all
############################################################################
#
# Vender PCD Script
#
############################################################################
#################################################################
# Index of the rule
RULE = SYSTEM_DROPBEAR
# Condition to start rule, existence of one of the following
START_COND = RULE_COMPLETED,DOCSIS_HALREADY,DOCSIS_DBRIDGEINIT
# Command with parameters
COMMAND = /usr/sbin/dropbear -i lan0 -r /etc/rsa_key.priv -p 22
# Scheduling (priority) of the process
SCHED = NICE,0
# Daemon flag - Process must not end
DAEMON = YES
# Condition to end rule and move to next rule, wait for one of the following:
END_COND = NONE
# Timeout for end condition. Fail if timeout expires
END_COND_TIMEOUT = -1
# Action upon failure, do one of the following actions upon failure
FAILURE_ACTION = NONE
# Active
ACTIVE = YES
#################################################################
Code: Select all
cli docsis/scan 0
Code: Select all
#!/bin/sh
cli docsis/scan 0
Now while bootup on serial port you can type "stop" then hit tab and auto complete as stopscan
SSH is enabled and password is Admin
Have fun.