This is for educational purposes only.
Getting root access
This guide explains how to get root access on JioFiber ONT.
Before this, we can run the keyguesser.py script with our ONT’s details:
Filesystem
The ONT mainly has two permanent partitions: /flash
and /flash2
, anything we add to these partitions will persist across reboots.
A top level view of the filesystem:
flowchart LR
A{/}
A ==>|ubi0:config_data| B(/flash)
A ==>|ubi1:config_data2| C(/flash2)
A ==>|/dev/mtdblock11| D(/usr/config/WLan/MAP)
A ==> E{/dev/sda1}
E ==> F(/tmp/mnt/vfs/guest/AP)
E ==> G(/tmp/mnt/vfs/admin)
E ==> H(/tmp/mnt/vfs/admin/AP)
E ==> I(/tmp/mnt/vfs/meshadmin/AP)
Some other important files to note:
/pfrm2.0/bin/appVersion.lua
/pfrm2.0/etc/platformInit
/pfrm2.0/etc/pfrm2.0/etc/platformInit2
/pfrm2.0/etc/pfrm2.0/etc/platformInit3
Custom init scripts
Usually telnet and other settings get reset when the ONT is rebooted. So, we can add our custom commands to this script to run them at boot.
Note
Make it executable by running
chmod +x /flash2/pfrm2.0/etc/customInit
Below is an example script that I use to enable telnet:
Serial Number and Password
The GPON SN is the serial number of the ONT. It’s usually at the back of the ONT, but Reliance being Reliance, they’ve hidden it and can only be accessed via telnet1.
This should give us the following output: