hello guys this is my first post so thanks in advance for the support!
im trying to restore the malware page on my Qnap (TS563, fw 5.0.0.1986), i've tried v3 and v4 script with no results (index.html page was not created)
the qnap script gives me that output (malware removal disabled):
sh extract_deadbolt_v4.sh
[O] Found malware executable 18818 30073 and restored it to /mnt/HDA_ROOT/
[X] Couldn't find malware index.html
[O] Found malware pkg and used it to generate index.html under /home/httpd/
but:
http://NASIP:8080/index.cgi gives not found error
http://NASIP:8080/index.html takes me to the nas standard homepage
http://NASIP:8080/cgi.bin/index.html takes me to white page
http://NASIP:8080/cgi.bin/index.html takes me to the nas standard homepage
the SDDPd.bin file is missing, i trird to recover the file but i don't find it in the quarantine files (i've opened them all, finded the malware executables but nothing else. folder was finded via the grep method)
if i restart the nas i found this index.html in /home/httpd
-rw-r--r-- 1 admin administrators 580 2022-03-23 22:34 index.html
any help or hint would be great thanks!!
script v3 output:
sh extract_deadbolt_v3.sh
BusyBox v1.24.1 (2022-03-24 03:12:29 CST) multi-call binary.
Usage: basename FILE [SUFFIX]
Strip directory path and .SUFFIX from FILE
359685+0 records in
359685+0 records out
3596850 bytes (3.4MB) copied, 0.537559 seconds, 6.4MB/s
cp: cannot stat `30073': No such file or directory
chmod: 30073: No such file or directory
Found /mnt/HDA_ROOT/18818
30073