Jump to content
XPEnology Community

Freshly installed DSM got hacked?


edmondhk

Recommended Posts

I just update from DSM5.0 to DSM5.1 5022-U3 which run on N54L

After everything is settle down, I tried the new security adviser. And it found my DSM have following files got edited.

/usr/syno/synoman/webman/usersettings.cgi

 

-rwxr-xr-x 1 root root 65000 Jan 16 00:31 usersettings.cgi

 

I installed optware before but I have uninstall it by instruction from following webpage.

http://blog.bangbits.com/2011/05/optwareipkg-on-synology-ds211.html

 

What is usersettings.cgi does and how I can restore it?

Link to comment
Share on other sites

  • 2 weeks later...
usersettings.cgi is a part / container of synology dsm protection so it was dynamically patched to keep dsm work on any hw.

Don't worry. It's ok.

 

Hi Vortex,

 

Great thanks for your working on xpenoboot.

 

I don't know which method synology used to protect DSM, but I like your patch for the protected files

(especially the "PWNED BY VTX" part ...LOL).

Now I'm wondering if we could pass the protection in another way, which don't patch the protect

files but simulate a genius synology environment(by kernel modules? or qemu emulation?), do you thinks

this is possible?

Link to comment
Share on other sites

×
×
  • Create New...