As you could have read in my previous post, I have found many vulnerabilities in the Seagate BlackArmor NAS 220 web interface.
The Seagate NAS could already be rooted by uploading a modified firmware, however, that would void the warranty.
This exploit is written in PHP and only attacks the web interface and does not modify the firmware, therefor you will not void your warranty.
The exploit works both locally and remotely – that if the BlackArmor is either connected directly to the internet or all required ports are forwarded to the BlackArmor.
I will not publish the exploit just yet! I would like to give Seagate another chance to release a fixed firmware for all the vulnerabilities. If they still decide not to respond to my e-mail, I will release the exploit to the public by the beginning of next year.
Update: The root exploit has been released and can be found here.