Support for Mikrotik wAP 60G

gef3233 · January 23, 2020, 3:06pm

6.41.1, I am not sure why the other is not working, it should since we are reflashing the firmware. Is the TFTBOOT procedure different?

PolynomialDivision · January 23, 2020, 3:09pm

Nope? It is the same. But we extract the firmware from 6.43 ... I have no idea what is wrong.

gef3233 · January 23, 2020, 3:21pm

Did you used the image from the link I sent you? That one has a custom firmware that "should" work. What we extracted from 6.43.X is the brd file (which is basically the antenna configuration) so that should not be an issue. Try this file: https://github.com/IMDEANetworksWNG/Mikrotik-researcher-tools/blob/master/files/lib/firmware/wil6210.fw

PolynomialDivision · January 23, 2020, 3:24pm

I checked out your repository and compiled it. So I'm already using the firmware that is in this link?

PolynomialDivision · January 23, 2020, 3:32pm

The boardlayout between 6.41 and 6.44 has definitely changed! o.O

gef3233 · January 23, 2020, 3:52pm

Oh that is bad news! We need this research tool to work on the newer models as well. So the image loads correctly but you cannot start a hostapd on the newer versions? What does dmesg | tail output when you do ifconfig wlan0 up?

PolynomialDivision · January 23, 2020, 6:57pm

I will get a bootlog from those devices and see if there is something different.

Would be nice to have the seed from those ROS version to decrypt the boardfile.

gef3233 · January 23, 2020, 7:08pm

Great, that would be amazing.

klukonin · January 31, 2020, 10:24am

Hello, colleagues.

I made some reverse independently and didn't know about your discussion.

Here is my result.
Cuold you please check if it works?

klukonin · January 31, 2020, 10:29am

Sorry, I forgot to attach a link.

https://drive.google.com/file/d/1SrCffExhh1wpUbloNazNWtCukhrm9X6V/view?usp=drivesdk

klukonin · January 31, 2020, 11:42am

Also I have some more board files here.

https://drive.google.com/drive/folders/1P7KW7csyD283Tt7ZspXufZ4IAKnDFAqw

PolynomialDivision · January 31, 2020, 12:53pm

Thanks!

From which ROS version? Did u test them yourself? For me the one you linked is missing a header.

klukonin · January 31, 2020, 12:59pm

These files are from latest 6.47beta19.
But hash sums are identical for previous releases.

klukonin · January 31, 2020, 1:01pm

I plan to test it later, but looks like files are normal.

Also I noticed that mikrotik wireless driver patch some board files on-the-fly.
So we should (probably) take a closer look.

PolynomialDivision · January 31, 2020, 1:03pm

How are u debugging that?

klukonin · January 31, 2020, 1:11pm

With Ghidra =)

PolynomialDivision · January 31, 2020, 1:18pm

You mean, the firmware of the chip is patching the boardfile, or? Not the driver running in kernel space?

klukonin · January 31, 2020, 1:33pm

I mean a "wireless" driver which mikrotik provide inside their firmware.

PolynomialDivision · January 31, 2020, 1:40pm

You mean you look at the kernel module wil6210.ko? Then I will start looking at this too.

klukonin · January 31, 2020, 2:25pm

No, I mean /lib/modules/3.3.5/misc/wlan.ko