just building fresh ones with current master. Will share them later when they are ready.
1 Like
I'm envious of all you guys that have that have the RB01/international version. I have the telnet disabled RB03 version. I really didn't care/pay attention when I ordered back in December, because at the time it was not apparent that RB01 had telnet enabled.
I've been combing through the files looking for obvious exploits, but I think I'll hop back over to some chinese forums to see what I can find.
I have a flasher so could reflash it, but I guess I'm in the mood for doing it the hard way. 
Great work! Managed to flash without issues.
So far so good!
a quick, stupid question. did anyone check pppd for [CVE-2020-8597] exploit? would it be possible to attack the router this way and get a shell? version 2.4.7 is probably buggy?
It looks like that was fixed a couple of years ago in OpenWRT, and since Xiaomi uses a customized version of OpenWRT... It's been fixed.
Fixed long before even the first firmware. I don't think it would work regardless, one of the models had ASLR on. I did have fun writing it up last year though. 
If you're building off master, don't forget to add the switch irq.
As far as I can tell from the stock dts, it should be exactly the same.
silly questionm
I wanted to install sqm but I can see
The installed version of package kernel is not compatible, require 5.10.96-1-a8d91634… while 5.10.96-1-6170da09… is installed.
does it mean I need to build myself everything to be able to install other packages from official repo?
you can't install kernel-modules that way. You need to compile them by yourself/ build your own images.
1 Like
Great!
On which firmware version you were?
Was the telnet enabled?
noob question,
This one :
http://<PLACEHOLDER1><COMMAND>
Works because the telnet is enabled ?
Another Q
Isn't the telnet enabled/disabled relate to the firmware version?
Meaning if I downgrade to 1.0.35 is there a chance that the telnet will be enabled (even if on my 1.0.50 is disabled)?
my version was 1.0.35 and I had telnet enabled. i'm not sure this is FW related.
1 Like
Got an AX3200 from an official reseller in Europe, telnet was enabled by default, the python script worked. I enabled ssh and am proceeding with openwrt installation.
Update: I used @thorsten97 build and I'm happy to report it works. I'll be hanging this boy later during the day and will report once I have more time to play with it.
3 Likes
I believe the telnet enable/disable is related to whether you have the international version (RB01) or the chinese version (RB03).
I have RB03 v1.0.19 with telnet not enabled.
I'm feeling a bit daft as I am under the impression their is an exploit available for the RB03, but after a month+ looking for it, I can't find it.
3 Likes
It appears everything is working in order. I have some issues with 160Hz wide channels but that is per client.
I'm topping 800mbps on iperf (80hz channel), I'd say pretty good!
All I'm missing now is SQM, can't install it since the snapshot is few days old.
Is there a way I could do it without creating an image from scratch?
Or, can @thorsten97 could share the build config?
I will update the build and include sqm.
Give me a few hrs 
1 Like
New build with sqm, wireguard and adguard.
3 Likes
thanks, but why this build is so big comparing to previous one?
AdGuard home is huge ... you can uninstall it if you want.
ok, got it! thanks