Remote Power off the CH3WNAS

In my previous post, I found out that the CH3WNAS is shutdown by touching a /tmp/shutdown file. It is possible to use the existing web admin pages to trigger a remote shutdown from a script by using 2 wget-commands. One major drawback of this solution is that your admin-password is stored in cleartext in the script.

In this post I show how you can do a remote shutdown via the LAN, without hard coding your admin password. Since this tweak could be misused for a remote DOS attack, make sure you put the CH3WNAS behind a NAT router.

Busybox (activated with the fun_plug script) provides a powerful nc (netcat) command that also has a -l listen mode. This listen-mode is ideal for simple lightweight client/server communication.

Steps for enabling remote shutdown from a script:
  • make sure telnet (through busybox) is enabled: http://www.aroundmyroom.com/2008/01/03/ch3wnas-enabling-telnet/

  • create a shutdown_listener.sh script (e.g. with ftp) on the root of HD_a2 with following contents:
    while true
      /mnt/HD_a2/busybox nc -l -p 1234 | while read line
         if [ "$line" -eq "0" ]
           touch /tmp/shutdown
    This scripts on the NAS listens in a loop on port 1234. When it reads a "0" it puts a /tmp/shutdown file that triggers the immediate poweroff.

  • add the following line to the fun_plug script and restart the CH3WNAS:
    /mnt/HD_a2/shutdown_listener.sh &

  • from the client-side it's enough to create a nc-script that sends a "0" to the NAS.
    on Ubuntu I created a Launcher on my desktop with following command :
    bash -c "echo 0 | nc 1234 -w 1"

    If you're stuck with Windows, look out for a Windows version of netcat (nc) and put similar commands in a shortcut (cmd /c "..."). Or better, upgrade to Ubuntu :-)
I finally have a script that I can put on all my laptops to trigger a remote shutdown of the NAS. Unfortunately, for powering the device back ON again, you still have to push the powerbutton.

1 comment:

Anonymous said...

Not that it matters much here, but note that "-eq" is a numerical (integer) match, while you probably want to do a string match using "=": if [ "$line" = "0" ]

I have an idea that *might* make for a simpler solution (I don't have this device to try it out on): If whatever checks for /tmp/shutdown actually checks if /tmp/shutdown is a file (for instance using test -f), you can create a soft link /tmp/shutdown that points to a non-existing file in a shared folder. test -f will try to follow the link and return "false". Once someone creates the file in the shared folder, -f will return true. So no need for netcat, just create the "magic" file to shut it down.

So in the startup script (fun_plug) add rm /mnt/HDXX/your-shared-folder/shutmedownmagic; ln -s /tmp/shutdown /mnt/HDXX/your-shared-folder/shutmedownmagic

Warning: If the link to a non-existing file still triggers the shutdown, it can be tricky to get rid of that line in fun_plug, so try it out by hand before adding it to fun_plug!

Cheers, Tormod