Want to access to LTE web interface

gandalph · September 3, 2023, 9:35pm

Hello all,
I have a router with a LTE module, and I want to configure its user and password to custom.
I am running openwrt 19.07.8

I lave this nodes

root@router:~# ls -l /dev/cdc* /dev/sd* /dev/ttyUSB*
crw-------    1 root     root      180, 176 Sep  3 20:00 /dev/cdc-wdm0
brw-------    1 root     root        8,   0 Jan  1  1970 /dev/sda
crw-rw----    1 root     dialout   188,   0 Sep  3 20:00 /dev/ttyUSB0
crw-rw----    1 root     dialout   188,   1 Sep  3 20:00 /dev/ttyUSB1
crw-rw----    1 root     dialout   188,   2 Sep  3 21:01 /dev/ttyUSB2
crw-rw----    1 root     dialout   188,   3 Sep  3 20:00 /dev/ttyUSB3

I want to access to the webinterface of the Quectel LTE module.

I have netcat installed, no lsblk,no picocom, no lsusb.
My idea was maybe try to have a netcat listening in a port in the lan, and then try to access it from the browser..
I don't see detailed information on how to access this modules.I think mine is rigged, with virus...I suspect it runs android and I know nothing about adb shell.

Can you guys, help me?
I managed to reinstall the OS after a infection, and I managed to have control over the principal OS, but it doesn't matter, since if I put it up with wireless, or LTE connected, after a 1 hour or less its already infected again, and passwords changed and so on.

[   35.987790] qmi_wwan 1-1.2:1.4: cdc-wdm0: USB WDM device
[   36.051572] qmi_wwan 1-1.2:1.4: QuectelEC25&EC21&EG91&EG95&EG06&EP06&EM06&BG96&AG35 work on RawIP mode
[   36.165622] qmi_wwan 1-1.2:1.4 wwan0: register 'qmi_wwan' at usb-1b000000.usb-1.2, WWAN/QMI device

They have also the possibility to disrupt the web access.So wanted to have control over this device.
I see that those ttyUSB0 are caracter devices, maybe I can route the info from them to a netcat?
Lan 2x ethernet interfaces and WIFI in a brige on 192.168.1.0/24

Many thanks in Advance

AndrewZ · September 3, 2023, 10:00pm

What is your router model and what is the model of your Quectel modem?
Why are you running an old version of OpenWrt? Are you running the official image from openwrt.org?

gandalph · September 3, 2023, 11:21pm

hello, many thanks for your reply,
I have a GL inet router, I don't know the module version, its not the stock version.
The stock version, if I recall, was a CAT4, and I own a CAT6 300mbps.

I am runnign this version, it was released march this year, as stable by the vendor.

I will need to access the web interface to see the model, since uqmi doesn't provide me a way to see it.

This are some relevant logs:

[   35.987790] qmi_wwan 1-1.2:1.4: cdc-wdm0: USB WDM device
[   36.051572] qmi_wwan 1-1.2:1.4: QuectelEC25&EC21&EG91&EG95&EG06&EP06&EM06&BG96&AG35 work on RawIP mode
[   36.165622] qmi_wwan 1-1.2:1.4 wwan0: register 'qmi_wwan' at usb-1b000000.usb-1.2, WWAN/QMI device
[   36.293277] usbcore: registered new interface driver qmi_wwan
[   36.371368] usbcore: registered new interface driver rndis_host
[   36.446235] usbcore: registered new interface driver sierra
[   36.513259] usbserial: USB Serial support registered for Sierra USB modem
[   36.599851] usbcore: registered new interface driver sierra_net
[   37.307552] usbcore: registered new interface driver option
[   37.374513] usbserial: USB Serial support registered for GSM modem (1-port)
[   37.458572] option 1-1.2:1.0: GSM modem (1-port) converter detected
[   37.534065] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB0
[   37.617856] option 1-1.2:1.1: GSM modem (1-port) converter detected
[   37.693391] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB1
[   37.777156] option 1-1.2:1.2: GSM modem (1-port) converter detected
[   37.852679] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB2
[   37.936447] option 1-1.2:1.3: GSM modem (1-port) converter detected
[   38.011990] usb 1-1.2: GSM modem (1-port) converter now attached to ttyUSB3

I just don't know how to access the web interface.

psherman · September 3, 2023, 11:24pm

from an ssh session into your router, what is the output of:

ubus call system board

igel-itzo · September 4, 2023, 12:12am

cdc-wdm0: USB WDM device
QuectelEC25&EC21&EG91&EG95&EG06&EP06&EM06&BG96&AG35 work on RawIP mode
wwan0: register 'qmi_wwan' at usb-1b000000.usb-1.2, WWAN/QMI device

your LTE modem is in CDC mode. There is no web interface for the modem in that mode as far as I know, only in ECM mode. But what are you trying to do, why do you need to access that interface? Which is the exact model of the Quectel LTE module? EC25, EC21, EG91, EG95, EG06, EP06, EM06, BG96, AG35 or another one? You can open your router and see what the model is.

The ttyUSB* devices are serial devices, you can use them to connect to the modem via ppp, or use minicom to pass AT commands. You can always reset the modem via AT commands. And you can see the actual modem model via AT command (ATI). Some firmware versions have no web interface at all.

if I put it up with wireless, or LTE connected, after a 1 hour or less its already infected again, and passwords changed and so on.

What do you mean by "it" here - if you mean the modem interface, then you already have ways to access it, how otherwise would you know that user has changed. If you mean that your router (openwrt os) gets compromised, then you need to firewall the router properly, and it has nothing to do with the modem.

AndrewZ · September 5, 2023, 7:46pm

You need to contact Gl.Inet because you're using their version of OpenWrt.
Alternatively you can switch to official OpenWrt version if it is available for your router model.

gandalph · September 30, 2023, 11:44am

hello,
thanks for your reply.
As you can see the model is a EP06.

How do I switch the mode from CDC to ECM in openwrt?
I want to learn more about adb shell, and its features, also learn mode about this devices.

The corrent problem is that I don't know how to connect to it...
For what I see yeah I am in CDC mode, and if its only possible to connect adb in ECM, I would like to know how can I accomplish that.

many thanks in advance