[caiu] RES: Virus UBNT
Diego Canton de Brito
diegocanton em ensite.com.br
Ter Maio 17 04:49:01 BRT 2016
Então deu certo o uso de trigger_url (do airos) :D
Alexandre, fiz uma alteração no meu GIT do seu código de update, para
que o pessoal possa cambiar entre URL de firmware, seria legal fazer ai
tbm.
URL='http://dl.ubnt.com/firmwares/XN-fw/v5.6.5/XM.v5.6.5.29033.160515.2119.bin'
#
URL='http://dl.ubnt.com/firmwares/XN-fw/v5.6.4/XM.v5.6.4.28924.160331.1253.bin'
wget $URL -O /tmp/firmware.bin
ubntbox fwupdate.real -m /tmp/firmware.bin
Para mais exemplos https://github.com/diegocanton/remove_ubnt_mf/
Em 2016-05-17 01:48, Alexandre J. Correa (Onda) escreveu:
> https://github.com/ajcorrea/cleanmf
>
> Migrei para GITHUB, inclui também Compliance test e Alteração de portas padrão (Diego Canton)
>
> O script agora utiliza o github como base para download, utilizando a função trigger_url !!!
>
> Em 16/05/2016 22:09, marcio petarnella escreveu: Já perdi a paciência com esse aircontrol, já instalei o server agora o
> cliente só da erro de login e senha, não funciona nem por decreto, já
> troquei java , já fiz de tudo, não vou mais perder tempo com isso, já não
> basta essa ferramenta da ubiquiti q também não funciona.
> Em 16/05/2016 9:51 PM, "Geeek Masters" <rgeeek em gmail.com> escreveu:
>
> Se você fizer pelo AirControl sim.
>
> 2016-05-16 21:43 GMT-03:00 marcio petarnella <marcio em mgptelecom.com.br>:
>
> Algum script q verifica a versão se xm ou xw e faz a atualização automática ?
> Em 16/05/2016 9:08 PM, "Geeek Masters" <rgeeek em gmail.com> escreveu:
>
> [image: Ubiquiti Networks]
> <
http://ubnt.us8.list-manage1.com/track/click?u=bc856e62a9254399365d0277b&id=e0bce9c5c5&e=fca1226044
>> BROADBAND
>> <
http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=d98a23213c&e=fca1226044
>> ENTERPRISE
>> <
http://ubnt.us8.list-manage1.com/track/click?u=bc856e62a9254399365d0277b&id=1c98dce54c&e=fca1226044
>> PRODUCTS
>> <
http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=a326d664b7&e=fca1226044
>> SUPPORT
>> <
http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=2230187878&e=fca1226044
>> BUY
>> <
http://ubnt.us8.list-manage1.com/track/click?u=bc856e62a9254399365d0277b&id=1ac11f1e55&e=fca1226044
>> IMPORTANT
>> What We Know
>>
>> In recent days, we've seen virus activity taking network devices
offline.
>> In most cases, devices are reset to factory defaults. In other cases,
>> devices are still operational, but inaccessible. The virus is using an
>> HTTP/HTTPS exploit that doesn't require authentication. Simply having a
>> radio with out-of-date firmware and having its HTTP (port 80)/HTTPS
(port
>> 443) interface exposed to the Internet is enough to get infected.
>> Checking Your Devices
>>
>> Devices running the following firmware are *NOT* affected:
>>
>> Ensure the Safety of Your Devices
>>
>> Ubiquiti takes these threats seriously and has created a patch and an
>> Android app to diagnose and fix the problem. To check your devices and
>> remove the virus, please use *the removal tool*
>> <
http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=4444e56b2c&e=fca1226044
>> .
>>
>> Note: The tool has the ability to upgrade airMAX M series devices to
>> airOS(R) v5.6.5,
>> which completely disables custom script usage.
>> If a device is inaccessible, TFTP recovery will be required to reset it
> to
>
>> factory defaults.
>>
>> <
http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=821cdb27dc&e=fca1226044
>> For further discussions, check our *community page *
>> <
http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=da02fcd1ca&e=fca1226044
>> or contact our *support team
>> <
http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=8a12f2fc13&e=fca1226044
> * .
> Copyright (c) 2016, Ubiquiti Networks, Inc. All Rights Reserved.
> Ubiquiti Networks 2580 Orchard Parkway San Jose, CA 95131 USA
>
> Share this on:
> <
http://www.facebook.com/share.php?u=http%3A%2F%2Fus8.campaign-archive2.com%2F%3Fu%3Dbc856e62a9254399365d0277b%26id%3Dd674aca0a1&t=Important%20Information%20Regarding%20Devices%20Running%20Older%20airOS%C2%A0Software
>> <
http://twitter.com/intent/tweet?text=Important%20Information%20Regarding%20Devices%20Running%20Older%20airOS%C2%A0Software%20-%20http%3A%2F%2Feepurl.com%2Fb10cX1
>> <
http://www.linkedin.com/shareArticle?mini=true&url=http%3A%2F%2Fus8.campaign-archive1.com%2F%3Fu%3Dbc856e62a9254399365d0277b%26id%3Dd674aca0a1&title=Important%20Information%20Regarding%20Devices%20Running%20Older%20airOS%C2%A0Software
>> <
http://us8.forward-to-friend.com/forward?u=bc856e62a9254399365d0277b&id=d674aca0a1&e=fca1226044
>> Unsubscribe
>> <
http://ubnt.us8.list-manage.com/unsubscribe?u=bc856e62a9254399365d0277b&id=1c1b02cb37&e=fca1226044&c=d674aca0a1
>> | Update Preferences
>> <
http://ubnt.us8.list-manage2.com/profile?u=bc856e62a9254399365d0277b&id=1c1b02cb37&e=fca1226044
>> | View in browser
>> <
http://us8.campaign-archive2.com/?u=bc856e62a9254399365d0277b&id=d674aca0a1&e=fca1226044
>> Follow: Facebook
>> <
http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=e7237e0c93&e=fca1226044
>> | Twitter
>> <
http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=7e60518caa&e=fca1226044
>> | YouTube
>> <
http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=f50704a90c&e=fca1226044
>> <
http://ubnt.us8.list-manage.com/track/click?u=bc856e62a9254399365d0277b&id=f36406c247&e=fca1226044
>> Em 16 de maio de 2016 15:56, Lucas Fernandes <
lucas em jotaftelecom.com.br>
> escreveu:
>
> SSH
>
> touch /etc/persistent/ ct
>
> Só isso ja volta o complience test
>
> Obrigado
> Atenciosamente,
>
> JotaF.Telecom
>
> *Lucas Fernandes*
> Gerente de Redes
>
> *T: *19 3913-9797 *C: *19 9 7163-3676
> www.jotaftelecom.com.br [1]
>
> JotaF.Telecom
>
> Em 16/05/2016 15:52, Alexandre Silva Nano escreveu:
>
> Em 16 de maio de 2016 15:37, Rogerio Alves <
rogerioapedroso em gmail.com
> escreveu:
>
> Venho aqui agradecer ao Alexandre J. Correa, pois graças ao
esforço e
> inteligência dele, estou conseguindo dar uma organizada na bagunça
que
> a UBNT fez e não conseguiu ao menos fazer uma ferramenta que preste!
>
> Show de bola! Gostei também do script! Agora, Alexandre. Quem utiliza Compliance Test, como faz pra
continuar a
> utilizar? Se atualizar para a versão que você colocou no script, o
CT
> será inibido.
>
> _______________________________________________
> caiu mailing list
> caiu em eng.registro.br
> https://eng.registro.br/mailman/listinfo/caiu
>
> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
>
> https://eng.registro.br/mailman/options/caiu
--
<
https://ubnt.zendesk.com/attachments/token/cSQI60Oj1xSqnAmT4s2bmyCXj/?name=Rodrigo+Gregorio+C.+de+Paula+%28Geeek%29.pdf
> [image: IPV6 Ready?] <http://geeekzone.com/>[image: IPV6 Ready?]
> <https://ipv6.he.net/certification/scoresheet.php?pass_name=Geeek>
> _______________________________________________
> caiu mailing list
> caiu em eng.registro.br
> https://eng.registro.br/mailman/listinfo/caiu
>
> --> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
>
> https://eng.registro.br/mailman/options/caiu
_______________________________________________
caiu mailing list
caiu em eng.registro.br
https://eng.registro.br/mailman/listinfo/caiu
--> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
https://eng.registro.br/mailman/options/caiu
--
<
https://ubnt.zendesk.com/attachments/token/cSQI60Oj1xSqnAmT4s2bmyCXj/?name=Rodrigo+Gregorio+C.+de+Paula+%28Geeek%29.pdf
> [image:
IPV6 Ready?] <http://geeekzone.com/>[image: IPV6 Ready?]
<https://ipv6.he.net/certification/scoresheet.php?pass_name=Geeek>
_______________________________________________
caiu mailing list
caiu em eng.registro.br
https://eng.registro.br/mailman/listinfo/caiu
--> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
https://eng.registro.br/mailman/options/caiu
_______________________________________________
caiu mailing list
caiu em eng.registro.br
https://eng.registro.br/mailman/listinfo/caiu
--> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
https://eng.registro.br/mailman/options/caiu
--
Sds.
Alexandre Jeronimo Correa
Onda Internet
Office: +55 34 3351 3077
www.onda.net.br [2]
_______________________________________________
caiu mailing list
caiu em eng.registro.br
https://eng.registro.br/mailman/listinfo/caiu
--> PARA SAIR DA LISTA SIGA AS INSTRUÇÕES em:
https://eng.registro.br/mailman/options/caiu
Links:
------
[1] http://www.jotaftelecom.com.br
[2] http://www.onda.net.br
Mais detalhes sobre a lista de discussão caiu