Hi. The only method to know the hardware version is viewing the firmware version that the repeater has installed. By example, I have two Comfast CF-WR758AC that apparently they are the same but when you look the firmware version they are not the same. The firmware of the newer version are like this: CF-WR758ACV2-V2.3.0.5. As you can see there is a "V2" after the model's name, the older model is always WR758AC-VXXXXX and apparently they don´t use the same firmware, there is one version of firmware for one and another for the other.
The reaseon of decrypt the password is merely for fun and also not to change the firmware file.
I already knew the method for upload the vendor firmware but i use other that is more prectical for me; through the serial port in the board you can access the boot menu and there is several methods for upload the firmware (i use it to load the openwrt version that i try to build).
We will keep in touch.
Thanks for the info. This means that I have v1 model as I've successfully used CF-WR758AC-V2.3.0.1.bin on it.
Can you log in the repeater and send me the content of the /overlay/upper/etc/wireless folder?
Thanks in advance.
I like only to know the files that are in that folder. Thanks.
Comparing the logs from V1 and V2 version i think that only exist a great difference: the 5ghz wifi chipset. The older use the chip mt7612e and the newer a variant of the mt7663 (i don´t know what is because i don´t open the newer repeater).
I can't attach a file here, right? What's the best way to share?
Sorry, I think that i don´t explined well. I only what to know the files that are in that folder. Only the files name.
Example: mt2345_xjw
Thanks.
Other thing... Can you list the content of the folder /sys/firmware/devicetree/base?
overlay/
overlay/work/
overlay/work/work/
overlay/upper/
overlay/upper/etc/
overlay/upper/etc/firewall.user
overlay/upper/etc/group
overlay/upper/etc/hosts
overlay/upper/etc/nginx/
overlay/upper/etc/nginx/ssl/
overlay/upper/etc/nginx/ssl/cflogin.key
overlay/upper/etc/nginx/ssl/cflogin.pem
overlay/upper/etc/nginx/win-utf
overlay/upper/etc/nginx/nginx.conf.syslog
overlay/upper/etc/nginx/koi-utf
overlay/upper/etc/nginx/koi-win
overlay/upper/etc/nginx/fastcgi_params
overlay/upper/etc/nginx/naxsi_core.rules
overlay/upper/etc/nginx/nginx.conf
overlay/upper/etc/nginx/mime.types
overlay/upper/etc/uci-defaults/
overlay/upper/etc/uci-defaults/ddns
overlay/upper/etc/uci-defaults/11_migrate-sysctl
overlay/upper/etc/uci-defaults/10_migrate-shadow
overlay/upper/etc/uci-defaults/09_fix-seama-header
overlay/upper/etc/uci-defaults/12_network-generate-ula
overlay/upper/etc/dropbear/
overlay/upper/etc/dropbear/dropbear_dss_host_key
overlay/upper/etc/dropbear/authorized_keys
overlay/upper/etc/dropbear/dropbear_rsa_host_key
overlay/upper/etc/previous_mode
overlay/upper/etc/sysctl.conf
overlay/upper/etc/parental_ctl.json
overlay/upper/etc/changeconfig
overlay/upper/etc/inittab
overlay/upper/etc/crontabs/
overlay/upper/etc/crontabs/root
overlay/upper/etc/board.json
overlay/upper/etc/config/
overlay/upper/etc/config/arp
overlay/upper/etc/config/led
overlay/upper/etc/config/ddns
overlay/upper/etc/config/dhcp
overlay/upper/etc/config/mbox
overlay/upper/etc/config/cluster
overlay/upper/etc/config/login
overlay/upper/etc/config/probe
overlay/upper/etc/config/system_ac
overlay/upper/etc/config/system_ap
overlay/upper/etc/config/firewall
overlay/upper/etc/config/dropbear
overlay/upper/etc/config/common_ap
overlay/upper/etc/config/common
overlay/upper/etc/config/network
overlay/upper/etc/config/remote
overlay/upper/etc/config/system
overlay/upper/etc/config/wireless
overlay/upper/etc/ethers
overlay/upper/etc/passwd
overlay/upper/etc/shadow
overlay/upper/etc/shells
overlay/upper/etc/wireless/
overlay/upper/etc/wireless/mt7612e/
overlay/upper/etc/wireless/mt7612e/mt7612e.dat
overlay/upper/etc/wireless/mt7628/
overlay/upper/etc/wireless/mt7628/mt7628.dat
overlay/upper/etc/apclix_enable
overlay/upper/etc/rc.local
overlay/upper/etc/profile
overlay/upper/usr/
overlay/upper/usr/scgi_temp/
overlay/upper/usr/uwsgi_temp/
overlay/upper/root/
overlay/upper/root/gpiodump-mipsel-static
overlay/upper/www-comfast/
overlay/upper/www-comfast/upload
overlay/upper/reboot_time
And
root@COMFAST:~# ls -1r /sys/firmware/devicetree/base
wmac@10300000
usbphy@10120000
sdhci@10130000
rstctrl
pinctrl
pcie@10140000
palmbus@10000000
ohci@101c1000
name
model
gpio-leds
gpio-keys-polled
ethernet@10100000
esw@10110000
ehci@101c0000
cpus
cpuintc@0
compatible
chosen
#size-cells
#address-cells
--
The difference is the 5Ghz wifi chipset, in old is mt7612e and in the new is mt7663e.
Can you extract the folder /sys/firmware/devicetree/base to your pc? I will think how you can send me.
Thanks.
Ok. Thanks. I will investigate the file. Now i must work.
We will keep in touch.
I have the latest firmware from the vendor (JW-WR758AC-V1.4(Firmware upgrade).bin)
If you want that as well. Here's the link: https://www.justbeamit.com/xs6gv
Good morning.
Sorry for the delay. I have some problems in the work.
Can you send me the output of "cat /proc/mtd"?
Thank you.
sure. here it is:
root@COMFAST:~# cat /proc/mtd
dev: size erasesize name
mtd0: 00030000 00010000 "u-boot"
mtd1: 00010000 00010000 "u-boot-env"
mtd2: 00010000 00010000 "factory"
mtd3: 00760000 00010000 "firmware"
mtd4: 0011a127 00010000 "kernel"
mtd5: 00645ed9 00010000 "rootfs"
mtd6: 00100000 00010000 "rootfs_data"
mtd7: 00040000 00010000 "configs"
Hello.
This device's (V1 at least) boot loader is not very secure, since even if you don't press its button when starting, it will always try to contact a machine with IP address 192.168.1.10 via ethernet and ask via tftp for a file named firmware_auto.bin (it also asks for a file named comfast_bootloader.bin but I did not try messing with that).
I added support for this device (I have 2 units, both are V1 with MT7612 as 5GHz AC chip, so this only supports that version) in my github repo, link to the tree:
My build is in the following location, based on the v21.02.0 tag and buildbot configuration so that opkg works with official repos:
(EDIT: see below posts for newer openwrt v21.02.1 builds, where I've added support for v1 and v2 variants of this device)
I've uploaded everything (including image builder if you want to customize your image more easily), but for starters you only need the openwrt-21.02.0-ramips-mt76x8-joowin_jw-wr758ac-squashfs-sysupgrade.bin file. Or if you are a more advanced user, you can clone the repo https://github.com/araujorm/openwrt/ and checkout the joowin-wr758ac-v21.02.0 tag.
Here's how to install it (again, V1 only... please ensure you have this version before attempting anything):
- Setup a tftp server (easy to do with dnsmasq in Linux, please search other threads or watch some how to's, I won't dwelve on how to do that but there's plenty information out there even for Windows and Mac)
- Give your host the IP address 192.168.1.10/24 and ensure the firewall is off, or at least the tftp udp port is open for the respective network
- Place the
openwrt-21.02.0-ramips-mt76x8-joowin_jw-wr758ac-squashfs-sysupgrade.binon the tftp server root and rename it tofirmware_auto.bin - Connect the AP to the same network via ethernet, turn it off, wait some seconds, then turn it on again. No need to press any button, the firmware should be uploaded and flashed and the device should reboot with IP 192.168.1.1 (the usual default for openwrt), you can then access it via web browser and see LuCI web interface.
If you want to revert to the vendor firmware (tested with JW-WR754AC-V1.0.0.2 available on vendor website) just rename their bin file to firmware_auto.bin and place it on the tftp server root, repeating the steps above.
If other people report success, I might make a pull request on OpenWRT git to see if they want to add it as official.
As for V2, I don't have that device but if what you guys say about the only difference being the 5GHz chip is correct, it shouldn't be too hard to port it based on my repo above. If you find that can always revert to the vendor firmware by using a tftp server, you are safe to make experiments, like I did with my devices. Assuming that you're safe with it, I would advise anyone willing to try by starting with duplicating the changes in my commit, adding a V2 DEVICE_VARIANT or something like that, and instead of adding kmod-mt76x2, try with the corresponding kmods (I don't know what they would be but I'd guess something like kmod-mt7615e kmod-mt7663-firmware-ap kmod-mt7663-firmware-sta maybe? Also you should ensure that the new V2 is mt76x8 based, and not some other variant... try doing a dmesg if you gain SSH access and try to figure it out, because if the base chip is different then it must be added in the corresponding chip files on the OpenWRT source). Have fun!
Thank you. This is great news! I will give it a try and provide feedback. Thank you for describing the upgrade question. Can we use this firmware to update using the existing browser based update page? Or does it have to be done using tftp only?
Hi to everybody. Great news.
I think that the most secure method is using the UART port located in the board.
In the boot menu there is a option to load and execute one version of firmware whitout need to flash it.
When you build the openwrt firmware really you build at least two versions (normally), one sysupgrade and other initramfs+kernel, the second is the version can you try without flash it.
When i can have some time i triy it.
By the way, araujorm... speak you spanish?
I did not see tftp request at boot on my device, however, I was able to upload using the recovery mode. Device is up and accessible and I'm trying to configure it. First time using openwrt so trying to understand the options. I have wifi working but need to configure wan port for dhcp.
Thanks again!