I wanted to export a config file of my router but I get an error saying I don’t have enough permission. I’m logged as Admin.
Just to che I went to the users sections and I noticed there is also another user called System that has a full access.
So now I have two questions:
I’m sorry to say but … it may be required to netinstall that device.
It is probably compromised by someone else.
What device is it ?
What ROS version ?
You have no earlier exports from config available for reference ?
I just bought it from a small company that changed all their network devices.
Before installing it I did a reset so there wasn’t any old configuration.
It’s a hex s with firmware 6.43.12
It’s not “probably”, it is definitely compromised. This is now a common botnet thing, which creates System user and partially restricts you. It occurs almost instant via api on unportected device
Reset your device or do netinstall, take care of default security measures before throwing it to internet.
Is it possible they told me a router already compromised?
Will a normal reset solve the problem? I mean by turning on the router while pressing the reset button
Normal reset will not solve this problem.
Latest ROS version (6 or 7, doesn’t matter) and default firewall is already sufficient.
Netinstall it is then, if you want to be 100% sure.
And keep WAN port disconnected from your ISP modem until you’re sure the device has been configured properly.
Could be but unlikely.
Could be you changed config in such a way anyone could get in and then it’s game over.
I guess you’re right about the router being compromised.
I tried a config reset but system user doesn’t disappear.
Now I tried netinstall but I get a permission denied
The error is:
Could not bind BOOTP socket: permission denied.
Isn’t there a way to reinstall the firmware bypassing any control?
Contact the person you bought it from and have them disable “protected-routerboot & Co.” .
They probably also installed a custom script with the branding package that sets users when you reset the device.
There is a good chance that the device is not compromised, but is behaving exactly as the ISP programmed the device to.
You need to run netinstall with sudo or with root user.
I’ve run into similar issues with my router before, and it can be super frustrating. It’s weird that the Admin account can’t export the config; sometimes, certain functions have extra permissions tied to them. As for accessing the System account, those passwords are usually set by the manufacturer, so you might find it in the manual or on their website. If you’re feeling adventurous, a factory reset could work, but just be cautious—I’ve learned the hard way that it wipes everything!
This smells like bull shit, possibly invented by some AI.
There is no such thing as System account as factory default on ROS. ROS default account with full permissions is “admin”. Any deviation from this is result of changed setup, either by device admin or (in case by @OP) more likely a remote exploit.