Hi all, I have this[¹] old device and I would like to install openwrt on it. The router have a modified stock firmware (samknows). I can ping it on 192.168.1.1, I can run it on debug mode but
# tcpdump -ni enp1s0 arp
return nothing. 
Threre is no way to install openwrt in my TL-WDR3600 using TFTP?
you could always check serial ...
I don't know how to flash it using serial port, on [¹] there are no mention about it; any way if there is no serial port on the device could be a problem?
Piviul
then the day won't be wasted - you'll learn something new ...
if you say so ... https://openwrt.org/toh/tp-link/tl-wdr3600_v1#serie_u-boot
using a non existing serial port is indeed tricky.
Hi frollic, so u-boot means serial port... any way I don't find the serial port on the device can you please tell me something more to install openwrt in my tl-wdr3600 using serial port?
Piviul
no, uboot is the bootloader, but it usually only communicates using serial.
it's not happening, if you don't have one ...
I guess your device doesn't look like this then https://openwrt.org/_detail/media/tplink/tl-wdr3600/tl-wdr3600_board-top-side-cpu.jpg?id=toh%3Atp-link%3Atl-wdr3600_v1 ?
Plese re-read wiki page - there is browser only installation before any tftp
so, the unfindable serial port is actually there ...
There is well camouflaged simple install paragraph:
https://openwrt.org/toh/tp-link/tl-wdr3600_v1#installation
There are approximately three ways to replace the SamKnows firmware with vanilla OpenWrt. Samknows is a modified OpenWrt.
sysupgrade process to flash a sysupgrade image.My router have preinstalled a custom firmware (someone says it's an openwrt) that doesn't permit to access any web interface, was configured as a bridge to collect statistics that are sent to an European project (samknows) to test the internet connection in EU countries. In other word I can't install openwrt via browser.
I think I have to install openwrt via serial port but I don't know how... AFAIK a serial port is a 9pin plug, but seems that in openwrt world it's something more, I'll try to read about...
Piviul
Serial port is 4 pins on mainboard, and at a lower voltage than old 9-pin one
I can ping it on 192.168.1.1 but in failsafe mode but if I try to connect via ssh I receive a [...] port 22: Connection refused.
...I don't know if it works. As I've sed tcpdump -ni enp1s0 arp return nothing
I fear I have only this solution...
Run a portscan, may be alt port or telnet.
If bootloader TFTP recovery has been successfully started, the WPS light will turn on and stay on, and all the other lights (except maybe power) will be out.
# nmap -sT -p- 192.168.1.1
Starting Nmap 7.93 ( https://nmap.org ) at 2024-08-23 08:53 CEST
Nmap scan report for 192.168.1.1
Host is up (0.0032s latency).
Not shown: 65534 closed tcp ports (conn-refused)
PORT STATE SERVICE
23/tcp filtered telnet
MAC Address: 64:66:B3:DE:56:62 (Tp-link Technologies)
Nmap done: 1 IP address (1 host up) scanned in 25.60 seconds
...seems that telnet listen on port 23, isn't it? But if I try to connect:
# telnet 192.168.1.1 23
trying 192.168.1.1...
and nothing more. If I want install openwrt I have to learn how to flash using serial port isn't it?
Piviul
mmhh... are you sure? In these devices is installed a custom openwrt by samknows and I read that in openwrt devices if in failsafe mode the led gear should blink very often (10 per second).
Piviul
u-boot isn't OS though, it's the boot loader, most try not to touch them.
if the boot loader haven't been crippled, everything that doesn't require stock fw access (webUI, ssh, telnet, etc) for flashing, should still work.
TFTP flashing is done though u-boot.
23/tcp filtered telnet
might be accessible for one host in subnet,cant learn that without bruteforce.