Thursday, December 05, 2013

Unbricking DD/OpenWRT routers

The recent news about a new Linux worm that attacks routers made me download and flash the latest version of dd-wrt with the hope that it will have newer versions of the binaries and thus ensure better protection.

Unfortunately after update and following restart the router was rendered useless. Obviously the downloaded firmware was damaged. I had a brick, while only a moment ago this was my home router - the ageing Linksys WRT160NL.

I had to search some sites on my mobile only to find out that in order to unbrick it I may:
  • do factory reset
  • use JTAG and serial cable (or on new machines USB-to-serial cable)
The factory reset did not work. Although the router happily flashed its LAN, WAN and power lights it did not establish connection with my Windows 7 machine, nor had its wireless SSID broadcast. 

So I started investigating the other alternative - uploading new firmware via the serial communication header in the router. The sites mentioned TFTP and then it hit me. I managed to flash Buffalo router a while ago, just by using the built-in boot-loader and TFTP PUT request. It should be possible to do the same since the router seemed to have its lights functioning and therefore at least part of the boot-loader working.

I asked Google and found out in OpenWRT wiki that this should be fairly easy to do. The wiki commanded:
1. Turn off the power to the router and leave it off until the final step.
2. Make sure your computer has a static IP address from 192.168.1.x (eg. 192.168.1.4)
3. Make sure the ethernet cable is plugged into one of router's LAN ports and the other end into computer's ethernet port
3. cd to the folder where you have the image
4. change the name of the new firmware to code.bin , then type :
5. echo -e "binary\nrexmt 1\ntimeout 60\ntrace\nput code.bin\n" | tftp 192.168.1.1
6. plug the power into the router, it should flash.
Well needless to say this didn't worked - I was on Windows. I had the Microsoft TFTP client, that established connection instantly and never looked back to retry. 

Fortunately I had Cygwin installed as well. So I just had to download and install the tftp package. Without router and therefore an internet connection.

I've found the OpenWRT wiki on my iPad using internet via WiFi tethering. So I enabled the USB tethering this time, and used it to update Cygwin and add proper TFTP client to my Windows system. I also downloaded older version of the firmware.

It took me a matter of minutes to try the steps above and to restore my router's firmware.

I even flashed the (hopefully) latest and greatest version of the dd-wrt firmware for 160NL.
Re-downloaded of course.

id_rsa.pub: invalid format, error in libcrypto

After I upgraded my Linux and got Python 3.10 by default, it turned out that Ansible 2.9 will no longer run and is unsupported together with...