Browser Access Unavailable

I have a NETGEAR WND3800. It was loaded with OpenWRT by an unauthorized and unknown person. I do not have the security credentials to manage it properly and safely. I am not sure which version, but am guessing v18 or v19 since it was done in the past 2-3 months.

The router is giving DHCP addresses: 192.168.99.1/24 The router has IP address 192.168.99.1

Entering http://192.168.99.1 or https://192.168.99.1 returns the famous "NOT Found" message in the browser.

I have tried using TFPT and tftpd64 to reload the Netgear factory image but it either hangs or fails after trying the specified number of times.

Any ideas for reloading the Netgear factory image or the OpenWRT image with known security and credentials?

try to reset it with push botton, also try if ssh is working

I have powered it on and off numerous times. I have powered it off and held the "reset" button to reload "factory firmware". I have tried ssh from Powershell … but am starting to get over my head at this suggestion. All of these attempts I have tried two (2) ways … using the "power button" on the router and unplugging and plugin back into the wall outlet.

Correction: It is a Netgear WNDR3800 not WND3800

turn on the router and hold the reset button for 18 seconds
the router need be on to do reset

I powered it off with the power button; pushed in the "reset" pin; powered it on with the power button and held the "reset" pin in for 20-seconds. It came up as 192.168.99.1 and will not respond to my browser - Microsoft Edge under the most recent version of Windows 10.

I powered it off by unplugging; pushed in the "reset" pin; powered it on by plugging in and holding the "reset" pin in for 20-seconds. It came up as 192.168.99.1 and will not respond to my browser.

In both cases ssh root@192.168.99.1 returns "connection refused". It will respond to ping at 192.168.99.1.

Have you tried using the failsafe? Specific instructions for that unit within the device info page.

Power on with the reset button held down. Keep holding the button until the power LED continually flashes orange. Static IP your PC at 192.168.1.2. The router is 192.168.1.1. Use a TFTP client to put firmware to it.

How do you know openwrt is installed?

2 Likes

That's actually a good point -- if you cannot ssh into the unit and you cannot reach the web interface, how do you know? I just did an nmap scan of my OpenWrt router and it came back with a TCP/IP fingerprint but did not have a match for an OS type/version.

Also, obviously you've got an issue here about not being able to administer the router in general (which poses problems and potential security vulnerabilities if you don't know what services might be running on the device), but it is worth noting that OpenWrt is almost certainly more secure than the Netgear factory firmware. The factory firmware versions from almost all vendors tends to be updated only for a short time after the product is released, after which the device may become vulnerable to unpatched security flaws and other bugs, among other things. So if you do succeed in reseting/re-flashing the router, it would probably be wise to put OpenWrt back onto the router and to make sure that it is properly secured.

Well, if you are seeking help from the kind guys here, world you be so kind as to explain the situation a bit? Is that router at home or at work? And how did an "unauthorised" person got to it?

Please take no offence if you are the genuine owner or administrator of this router, but it can be suspected that you are trying to get into somebody's else router.

1 Like

No offense taken … it is 2020 and there are many bad actors out there.

This router is used to provide a WiFi access point for the staff and parents at my church's pre-school. It has been in use for a couple years. I am the IT support "staff" for my church. I had configured this router myself and openly advertise the SSID and connection password to those people. The admin id and password were changed by me and I am the only person with that information. The router sits in a locked closet. To my knowledge given these facts, the only way to alter the firmware would be to touch it using the "reset pin". At this point I can only guess who changed it or how.

I am planning to install straight access point hardware later this year, but have not kicked off the project. So I wish to stick with this solution for now. I am loathe to buy another router to provide service is this now weak area of the building (I had removed the device from the church and it is sitting in my shop - unplugged and disconnected except when I am working on restoring its functionality and allows me to control it.)

I may have to push the above mentioned project timeline up, but frankly I shouldn't have to do that. If I can get any firmware loaded which affords me control over the router, I will be happy.

I can tell it is OpenWRT by using NetAnalyzer - an iPhone app. Further it show up as a choice for WiFi connection on all my Apple devices with SSID "OpenWRT" and assigns IP addresses in the 192.168.99/24 range.

Today, I will take another shot at "failsafe" load … I did notice I could ping and get a response from 192.168.1.1 for a brief period of time after power up so I hope the "failsafe" load will do the trick.