Friday, 10 August 2018

Hacking Cisco Linksys EA2700


Step 1: taking apart
Note there are three screws to take off.




Step 2: Hook up UART Serial debugger







Step 3:
screen /dev/ttyUSB0 115200


ref:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=276769&sid=6a27f6c98e93a870f25587ca2236a2f3
https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=989071&sid=48bddfccb6ab58c28bb44fc91b9b9ca7
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=51486
https://forum.dd-wrt.com/phpBB2/viewtopic.php?p=773996


Wednesday, 8 August 2018

Tinkering OpenWRT (10) : WiFi Configuration Again

I don't know why my AS9331 board couldn't even ping 192.168.1.1 and I'm getting the following error:
        pingsendto:Network is unreachable

Step 1:

Updated my /etc/config/wireless and /etc/config/network as shown below.

/etc/config/wireless
config wifi-device 'radio0'
        option type 'mac80211'
        option hwmode '11g'
        option path 'platform/ar933x_wmac'
        option htmode 'HT40'
        #option disabled '0'   #REMOVE THIS LINE TO ENABLE WIFI:
        option channel '1'
        option txpower '30'
        option country 'US'

config wifi-iface
        option network 'wan0'
        option ssid 'FIDO_NETWORK'
        option encryption 'psk2'
        option device 'radio0'
        option mode 'sta'
        option bssid 'B8:4C:3F:F:62:68'
        option key '12345678'

config wifi-iface
        option  device  radio0
        option  network lan
        option  mode    ap
        option  ssid    OpenWrt
        option  encryption none

###############################################

/etc/config/network
config switch 'eth1'
        option reset '0'
        option enable_vlan '0'

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config interface 'lan'
        option ifname 'eth1'
        option proto 'static'
        option ipaddr '192.168.1.1'           # this has to be your router addr
        option netmask '255.255.255.0'

config interface 'wan0'
        option ifname 'wlan0'
        option proto 'dhcp'
        option macaddr '00:CA:01:07:23:96'  # this is the mac addr of the board (router)
        #if mac address not provided, it will take a loooong time (~10min) to connect to the wifi

config interface 'wan1'
        option ifname 'eth0'
        option proto 'dhcp'
        option ifname eth0
        option proto dhcp


Step 2:
/sbin/wifi up

#######################################################

For some reason the above stopped working anymore. There must be some problems. For example, 192.168.1.1 cannot be in lan configuration because this ipaddr indicates the ip address when this AR9931 device acts as the AP for other clients to connect. It has to be something else.

Here are my new configurations and it works!!!

Step 1: Factory Reset
$ firstboot

Step 2:
/etc/config/network

config switch 'eth1'
        option reset '0'
        option enable_vlan '0'

config interface 'loopback'
        option ifname 'lo'
        option proto 'static'
        option ipaddr '127.0.0.1'
        option netmask '255.0.0.0'

config interface 'lan'
        option ifname 'eth1'
        option proto 'static'
        option ipaddr '192.168.6.1'
        option netmask '255.255.255.0'

config interface 'wan0'
        option ifname 'wlan0'
        option proto 'dhcp'

config interface 'wan1'
        option ifname 'eth0'
        option proto 'dhcp'
    option ifname eth0
    option proto dhcp


Step 3:
/etc/config/dhcp

config dnsmasq
        option domainneeded '1'
        option boguspriv '1'
        option filterwin2k '0'
        option localise_queries '1'
        option rebind_protection '1'
        option rebind_localhost '1'
        option local '/lan/'
        option domain 'lan'
        option expandhosts '1'
        option nonegcache '0'
        option authoritative '1'
        option readethers '1'
        option leasefile '/tmp/dhcp.leases'
        option resolvfile '/tmp/resolv.conf.auto'

config dhcp 'lan'
        option interface 'lan'
        option start '100'
        option limit '150'
        option leasetime '12h'
        option dhcpv6 'server'
        option ra 'server'

config dhcp 'wan0'
        option interface 'wan0'
        option ignore '1'

config dhcp 'wan1'
        option interface 'wan1'
        option ignore '1'

config odhcpd 'odhcpd'
        option maindhcp '0'
        option leasefile '/tmp/hosts/odhcpd'
        option leasetrigger '/usr/sbin/odhcpd-update'

Step 4:
/etc/config/wireless

config wifi-device  radio0
        option type     mac80211
        option channel  8
        option hwmode   11g
        option path     'platform/ar933x_wmac'
        option htmode   HT40

config wifi-iface
        option device   radio0
        option network  lan
        option mode     ap
        option ssid     JoySince
        option encryption none

config wifi-iface
        option device 'radio0'
        option network 'wan0'
        option mode 'sta'
        option ssid 'wifi ssid name'
        option encryption 'psk2'
        option key 'wifi password'

Step 5:
/etc/init.d/network restart


ref:
https://my.oschina.net/lvsin/blog/392817     !!!!!!
https://my.oschina.net/lvsin/blog/384410
https://blog.csdn.net/gaopeiliang/article/details/40430915


Thursday, 2 August 2018

Tinkering OpenWRT (9) : Boot Loop? Don't Connect the Power Line!

I bought a core board of AR9331 running openWRT and trying to set it up. I simply used a cp2102 TTL to USB converter trying to serial monitoring it just like other CPUs: RX->TX, TX->RX, GND->GND and 3v3->3v3.

However, the problem I'm having is that it stuck in a boot loop forever. After I see the root@UserName:/# it would start from the top all over again and keeps looping.

I actually first had this experience with linkit smart 7688. I had to power it via the USB and only uses UART pins for serial communication. And I found the following in the openWRT document:

WARNING!: Some people reported they fried their router connecting the voltage pins spite it isn't neccesary. NEVER connect voltage pins when using USB adapters unless you know what are you doing. Unless you need to power the device, you don't have to connect the voltage pins. And you usually don't need to power it this way - use the router power supply.

OK so basically, an independent power line? Fine, I could provide 3v3 to the module with an Arduino. So I did the following connection:

AR9331       CP2102       Arduino
GND            GND            --
RX               TX               --
TX               RX               --
3V3              --                 3V3

Now I plugged in the CP2102 USB to my computer and open up the serial com and then I plugged in the Arduino cable to power it on. I got it stop looping once or twice. But when I come back a few days later it still loops.

So here is my working wiring:

AR9331       CP2102       Arduino
GND            --     works now            GND
RX               TX               --
TX               RX               --
3V3              --                 3V3

Basically, power the module from Arduino and only uses the TTL converter as UART.

I plugged in the TTL converter first and the Arduino cable. It almost like powering on an router after setting up the serial com. It does no loop anymore. I can start working.

It might still showing the following:

root@UserName:/# [ 4082.090000] wlan0: authenticate with ax:4y:zf:fd:12:
[ 4082.100000] wlan0: send auth to ax:4y:zf:fd:12:34 (try 1/3)
[ 4082.110000] wlan0: authenticated
[ 4082.120000] wlan0: associate with ax:4y:zf:fd:12:34 (try 1/3)
[ 4082.140000] wlan0: RX AssocResp from ax:4y:zf:fd:12:34 (capab=0x431 status=0 aid=5)
[ 4082.150000] wlan0: associated
[ 4086.150000] wlan0: disassociated from ax:4y:zf:fd:12:34 (Reason: 2)

It just means it tried to connect to the Router (Internet) but timed out. Press enter again it will come back to console.


ref:
https://wiki.openwrt.org/doc/hardware/port.serial.cables
https://openwrt.org/docs/techref/hardware/port.serial.cables
https://openwrt.org/docs/techref/hardware/port.serial