Shell access to your ix2/ix4 exposed! “Get yer red hot ssh here!”

January 8th, 2010
by Christopher Kusek (PKGuild)

So, I promised you guys in Iomega ix4-200d data reconstruction, ssh and more! that I would expose the password to login to the ix2 and ix4 as soon as I could.    Well, your wait is finally over!

Let’s start as you normally would, by logging into the support console!

http://192.168.1.1/support.html

Click on Support Files

Whoa, what’s that I highlighted there and even tossed in an arrow?! Can I MAKE it any more straight forward? Psst.. Click on Support Files :)

Click on the Dump button

Ooh, what’s that little guy down there? Dump? Yea, I didn’t even notice this before (because I had shell access myself ;)) but this is for your benefit!

The system will go through "Gathering system state…"

Open up your dump file!

Why yes, I did go mad with clicking colors and arrows in the win7 version of MSPaint.. Okay, but I digress. :)

Click that bad boy, which will include dump data about your system! Download it, and open it!

Drill down into the dump –> config –> etc –> and open up the file named “shadow”   (dump-20100107225620.tar.gz\dump-20100107225620\config\etc)

Wait, what?! Is that an exposed hash with the root password from your shadow?!

Find your shadow File in there, and lo and behold, you will have your Iomega root users hash!    Now it’s just a matter of cracking it!

It is beyond the scope of this article to tell you how to actually crack the pwd.. (giggle) go here, download john the ripper and you’ll do just fine :)

Password CRACKED in seconds! user:root pwd:soho

Taking my seed from my system and running it through a simple alphanumeric search, I come up with username root, password soho! That was easy! That works if you have NO Password set!

Through a collaborative effort with @randyjcress @Kiwi_Si @VirtualisedReal and @gabvirtualworld we were able to determine that by using soho and whatever password you use on the system, that should do it! And really, the credit does primarily go to @randyjcress for leading us in that specific direction so props randy! :)

ie: admin pwd is apples, so login using sohoapples – This is still undergoing verification, but I thought I’d share it out there, while we sort it out!

Disclaimer: The means to perform all of these tasks has been replicated and verified in the wild without requiring any intimate knowledge of the inner workings of the system. 

Tags: , , , , , , , , ,
Posted in Iomega, NAS, Storage | Comments (160)

Older Comments

  • Pingback: Iomega Storcenter – enable ssh access and install mediatomb server | Ramblings

  • Remco

    I have 4x StorCenter ix2-200 with out iCloud and have buy a new one this is with iCloud but i dont like the system, is there a way to switch the firmware back to the old version?

    Thx for your feedback.

  • http://pkguild.com Christopher Kusek

    What you’ve all been waiting for! My good friend Chris Colotti brings us:

    How To: Convert an Iomega IX4-200D to an IX4-200D “Cloud Edition” bit.ly/vMbkWU (by @ccolotti)

    http://www.chriscolotti.us/technology/how-to-convert-an-iomega-ix4-200d-to-an-ix4-200d-cloud-edition/

  • Tohesop

    it works on ix4-200r, 2.0.4.41587 
    i’m amused :-)

  • matt

    This just worked with my “iomega 34785 3TB Home Media Network Hard Drive, Cloud Edition”, purchased last week (http://www.newegg.com/Product/Product.aspx?Item=N82E16822186283), with the latest firmware.

    I went through the whole cracking process to find it’s still root:soho

  • matt

    I forgot to mention, I had to use /diagnostics.html, as described by Magneto below.

  • Mao

    Someone has the instructions to update to ix4-200d to Cloud Edition? Colotti has removed

  • http://pkguild.com Christopher Kusek

    It looks like technically they’ve released a new(er) updated Firmware to take it to 2.1.40 which gives support for LION, though I imagine doesn’t convert it over to the Cloud Edition.

    Having never actually gotten around to updating my IX4 to the Cloud Edition (Hey, I was busy! :)) What benefits did it particularly provide?

    https://iomega-eu-en.custhelp.com/app/answers/detail/a_id/22315

  • Mao

    The firmware 2.1.40 only adds support to the lion.
    I have the old version of ix4 and I also tried the version cloud edition.
    it has a new interface and management different from the old, new applications have “cloud” and some applications to synchronize their profiles in social networks

  • Mao

    Hi Christopher, if you have the update files and instructions, you could send them to me or make it  public?

Older Comments

  • Archives

Google