LaCie has a wonderful little NAS box called the “Ethernet Big Disk” that comes in a 1TB size, supports USB and gigabyte ethernet, and is reasonably priced. The NAS part supports smb, afs, ftp, and http, which makes it pretty darned useful out of the box.
Even better, it sports a version of embedded Linux on an ARM CPU:
Linux version 2.6.12.6-arm1-lacie5a (root@lacie) (gcc version 3.4.4 (release) (CodeSourcery ARM 2005q3-2)) #1 Tue Oct 31 11:26:21 CET 2006CPU: ARM926EJ-Sid(wb) [41069260] revision 0 (ARMv5TEJ)
Naturally, it’s a prime target for hacking in some useful things. This can be accomplished in several easy steps:
- Open it up and pull out the drives
- Mount the SATA drives on another Linux box
- Add an exploit to the web server (which runs as root, making the rest easy)
- Put it back together
- Make yourself a root account
- Cross compile some binaries and copy them useful places
- Give yourself a command line
Okay, so up until step 5, it’s pretty straightforward, and documented here and here. Actually, even making a root account is pretty straightforward; using the web exploit, you can copy passwd and shadow to the NAS share, edit them, and copy them back. I chose to add an account called “myroot” and leave the default root account’s password alone, just in case it’s needed for … something.
Building a cross-compiler is, frankly, a major pain. However, once I got it built properly (in my case, using a handy port for the MacIntosh) it was fairly straightforward to cross-compile utelnetd and rsync. utelnetd can actually be launched from the web exploit, and it’s possible then to log in directly as root.
For those who appreciate a kick start, here are the compiled binaries that run on the LaCie. (Naturally, these are without any warranty of any kind, and whatever happens to your NAS is your own fault, etc.)
I can’t think of much more one could want than telnet, rsync, and nfs. Well, maybe ssh, but it’s been done, and I don’t really need it.
