Chaos Calmer 15.05.1 Factory Reset

Hi guys, I just flashed my first openwrt ChaosCalmer 15.05.1 firmware onto a TP-link Tl-wr841n and I had some questions. I work for a service provider at multiple retirement 'resorts' and want to change the default factory reset settings of the modem so that if it does get hard reset it will reboot with our PPPoe and radius user settings intact(default details).The issue at the moment is that we have residents who reset their modems and we're no longer able to remote in thus they can't connect to our network. My knowledge of firmware is relativity new, what i'm wondering is what files would I need to modify to be able to change the factory default settings and after doing so would I need to compile a new image and flash that onto the modem?

This firmware is known to be vulnerable.

OLD PEOPLE (apologies for the political incorrectness) + VULNERABLE FIRMWARE =

Not for long...

I beg you to consider upgrading...is it a old (or proprietary) driver issue???

To your question...Do you mean get into the router without the password?

If you mean a firmware with custom default configs, please consider version 17.04.5 or 18.06.0.

EDIT:

See:

Also, there are issues building old firmware on newer systems:

Awesome, thank you man.
The residents do not have access to the modem settings.
The password isn't an issue it resets to admin. The problem is that when a resident resets a modem (for whatever reason) we lose our PPPoe credentials and aren't able to remote in.
I'm using 15.05.1 because i'm working with old equipment in the field and these modems (tl-wr841n) are all hardware version 10 and 15.05.1 is whats recommended by openwrt.
What issues would arise if I updated to version 17/18?

OK, with the caveat that I completely agree with lleachi's statement that you should be working with the current version of OpenWRT (18.06) and not one that is several years old and unmaintained, so that it has since-revealed security flaws that are likely being exploited "in the wild", let's look at this one step at a time.

OpenWRT's firmware is in two levels, a ROM and a writable "overlay" file system. Typically a power-cycle reset preserves the contents of the overlay. Typically, pressing the reset button at the right moment in the boot cycle will get you into a state where the overlay isn't mounted and "root" access is available over the LAN via ssh without a password ("failsafe mode"). I may be wrong on this, and you should check, but I don't think there's a button-push that will erase the overlay system completely (though there may be in the "LuCI" GUI).

My suggestion would be to plan to build your own ROM image that has the common settings that you need in it (from current source). You can also add the packages that you need, as well as disabling features in the GUI that you may not want to let your subscribers changing. Since you have RADIUS authentication, you would also have a secure way to set and change remote-access credentials, perhaps through ssh.

The basics of image building can be found at https://openwrt.org/docs/guide-developer/build-system/start

You can add your own files to the image if you add them to the source tree at ./files/ -- for example, ./files/etc/config/network would put that into the ROM at /etc/config/network. There are also "first-run" scripts to do initial setup, but I haven't looked at them in much detail myself.

Edit: Looks like there are 13 or so versions of that device from https://openwrt.org/toh/views/toh_extended_all?dataflt[Model*~]=tl-wr841n with v13 using very different hardware than the others. Even with the same CPU, there are appear to be different wireless chips and different switch capabilities. You'd need to make sure that you're flashing the right CPU architecture. At least within the same CPU family, you probably could have a common set of drivers to handle multiple versions.

1 Like