Hacked Jetson Xavier NX?

I had a port that forwards to my jetson xavier nx, couple hours after I opened the port, my password doesn’t work anymore; it has been changed.

I tried doing a force recovery but I can’t! In my jetson model, I have 2 buttons, ‘reset’ and ‘power’ which are supposed to be used to recover. The LED doesn’t turn on at all, and I am afraid the hacker might have disabled the LED, rest or the power button. Is this possible? If so, how can I fix this?

Thanks

Jetson is a full computer, just smaller. Hacks are possible. Some of the errors might not be hacks, but it is possible the errors are.

Is this a third party carrier board, or is it a developer kit? The software used to flash will likely differ slightly if it isn’t a developer kit (on the other hand, if a custom carrier board is an exact electrical layout match to the dev kit carrier board, then it might use just dev kit software; the manufacturer would state what to use for their carrier boards). It is important to know if this is the dev kit versus something from a third party.

If the LED does not turn on, then this sounds like a hardware issue. Had the operating system been entirely wiped out, then it is likely the LED would still function.

If a port were opened, but you were behind your own router, then someone getting in is difficult. If you were at something like a dorm router at a university, then lots of people could hit the port and an unsecured system is likely to at least get hack attempts.

Overall, what you need is a serial console boot log. That won’t get far though if the power cannot be turned on. Try to give a good description of what hardware you have.

FYI, if this uses an SD card for the rootfs, then you can easily put it on a Linux system and examine it.

Thank you for this response!

I an using a third party device.

The power is turning on, I just can’t login because I dont know the password.

I used sdkmanager to try to flash using the most recent jetpack, but since its 3rd party, carieer board (A203), do you think this flash would work?

Just for reference, before starting, although this is an Xavier NX, the carrier board is likely different. This implies that the device tree differs (components on a carrier board are not “plug-n-play”, and the device tree firmware basically tells the o/s how to find those components…their connections are routed based on software, so unless software is correct, the components won’t be found). This means that unless the carrier board is an electrical exact match to the dev kit, then you’ll need to use the third party manufacturer’s flash software. If they have an exact match to the carrier board, then they will state this. Most likely the device tree is the only part which differs compared to NVIDIA’s flash software.

Although the location of the micro-OTG connector is likely different from the dev kit, it is highly likely it works exactly the same as the dev kit for serial console. Serial console will provide boot logs even before Linux ever loads (the serial console program runs on a host PC, not the Jetson, and so setting a serial console program to log on the PC is quite powerful and simultaneously simple/convenient). Can you provide a serial console boot log? See this (which is for Nano, but mostly this should be the same for NX…see your 3rd party manufacturer’s instructions if this is not enough):
https://www.jetsonhacks.com/2019/04/19/jetson-nano-serial-console/

Was there a password set? There is a good chance something else went wrong. Is this behind your own router, or do other people share that router? Is the router using Wi-Fi, and if so, does it require authentication? Does the router require a known MAC address (for Wi-Fi case only)?

Note that you can clone the current content before flashing. This means you don’t have lose all of your work. However, if this really was a compromised system, then you might want such a clone copy just to figure out what went wrong even though you might not want to use the clone.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.