the code you got might right.i dont know what's wrong,maybe your firmware was updated and fix this backdoor.try to use older firmware.
the firmware,be careful,i dont know how to
use this url change pwd to 'admin' http://192.168.31.1/cgi-bin/luci/;stok=/api/misystem/set_config_iotdev?bssid=Xiaomi&user_id=longdike&ssid=-h%3B%20echo%20-e%20'admin%5Cnadmin'%20%7C%20passwd%20root%3B
or
sed -i '/flg_ssh.*release/{n;s/return/true/}' /etc/init.d/dropbear
It seems that doesn't work for me. I have tried lots of password.
a. redmi wifi password
b. openwrt router login password
b. Openwrt router wifi password
@robust A bit off-topic, but have you looked at the AX9000 FW for vulnerabilities to get the UART TX working?
Mine finally arrived today so that we can get IPQ8072/4/6/8A support but gotta find a way to enable UART of SSH first.
sorry i don't konw a lot about it, i can't give you an good answer.
i searched ,and i did't find any solution about unlocking ax9000.
you konw ,ax9000 is expensive, less people buy it here,and XiaoMI does't follow GPL-2.0 license.so developer may don't have too much passion to hack it.
As i konw ,about IPQ8072/4/6 Some QSDK openwrt code has released for ax6 ax5.Moreover Pandora Box and uboot is in development.
i dont know a lot about it
some people test and say wifi performance QSDK is better.
i don't test it, i am not sure
Maybe Qualcomm has made some magical optimizations for QSDK.
I'm busy recently, I haven't been focusing on the community for two months.
Thanks for the SSH guide, very nice to have this until an official openwrt version is released.
After I managed to get SSH in the stock firmware.
Is it recommended to debloat some of the running services?
I don't use any special router feature (no QOS, mesh or anything else).
These are the services in /etc/init.d:
#!/bin/sh
/etc/init.d/cron stop
/etc/init.d/statisticsservice stop
/etc/init.d/datacenter stop
/etc/init.d/plugincenter stop
/etc/init.d/cab_meshd stop
/etc/init.d/iweventd stop
/etc/init.d/meshd stop
/etc/init.d/messagingagent.sh stop
# /etc/init.d/miniupnpd stop # needed for DNLA
/etc/init.d/netapi stop
# /etc/init.d/nginx stop # needed for WEB UI
/etc/init.d/rpcd stop
/etc/init.d/smartcontroller stop
/etc/init.d/stat_points stop
/etc/init.d/syslog-ng stop
/etc/init.d/trafficd stop
#kill `pidof fcgi-cgi` # needed for WEB UI
kill `pidof stat_points.cron`
kill `pidof stat_points.helper`
kill `pidof tail`
kill `pidof syslog-ng.helper`
killall sleep
#kill `pidof ubusd` # consider if needed for IPC
#kill `pidof tbusd` # consider if needed for IPC
This is what I use currently (killing/stopping process I don't need).
It is possible to disable the services instead of killing (but I wasn't brave enough)
Interestingly, now, after some time, I do not have access to SSH on AX6 anymore. I tried to repeat the procedure which worked last time, but it does not work now. (fortunately, the changes I made last time staid)
Points 4. and 5. don't work for me anymore.
Point 4. returns this:
No page is registered at '/api/misystem/extendwifi_connect'.
If this url belongs to an extension, make sure it is properly installed.
If the extension was recently installed, try removing the /tmp/luci-indexcache file.
Point 5. (logically) returns this: {"msg":"一键换机过程中发生未知的内部错误","code":1639}
translated as {"msg":"An unknown internal error occurred during the one-key exchange","code":1639}
The current firmware is 1.1.10. I don't know if it has been updated since the last time. I will try it in Safari (Mac OS) - now I am on Firefox (Windows), so I don't know if there might be some problem...
I got a new Redmi AX3000
From the instructions I see that it is necessary to downgrade to FW 1.0.17.
The router, however, does not let me do the downgrade, it fails file verification.