WNDR3700V1 hacked and installed OpenWrt


#4

I did not try to flash openwrt. Been running the stock netgear firmware for years. I’m ok with trying openwrt if I can regain control and secure my router.


#5

You're not making any sense and truly sound paranoid. Please explain what you mean - how did your router get unsecure and out of your control???

  • Otherwise, I suggest just flashing your router twice with stock, if you desire to run that firmware.
  • If you prefer OpenWrt, flash a known-good firmware from http://downloads.openwrt.org

#6

Cannot access GUI at …

Sorry for my confusing post. I edited the original reflecting cannot.


#7

Could it be that a friend or someone who has access to your Wi-Fi is messing with you?


#8
  • Please use a single post to respond to multiple questions, this will save on the new user posting limit
  • You have not told me if your router was purchased used
  • Did you have guests that could access the Linksys web GUI?

Try http://192.168.99.1 then.


  • Calm down and clearly answer the questions posters will ask in order to assist you.

#9

Tried accessing GUI at 192.168.99.1. Nothing shows up.


#10

Can you ping 192.168.99.1?


#11

Yes I can ping 192.168.99.1


#12

Try a different browser then. or try openwrt.lan from the browser.

And be careful of the new user daily limit here on the forum.


#13

I tried both suggestions. Nothing returns.


#14

It could be that you have OpenWrt without GUI then.

See if you can access the router from SSH. PuTTy or Bitvise SSH client are good tools for SSH access form Windows
https://putty.org/
https://www.bitvise.com/

Download one of them t your PC and use it to access 192.168.99.1 using root as username and empty password. If you have question about how to use an SSH client then check the documents.

If you can't find SSH server at this address, hen you could try an IP scanner http://www.advanced-ip-scanner.com/ to see if you can find the router (not sure how i wouldn't be at that IP though)

If SSH server is there but incorrect password, then your best bet would be to just recover the router.


#15

Interesting:

https://twitter.com/OpenwrtH

Try using the Terminal (on Mac) or PuTTY (on Windows) to try SSHing to 192.168.1.1 and/or 192.168.99.1?.

The WiFi is disabled by default in OpenWrt, this is why I asked if you purchased this router used. If this is the cause, you may have to use fail-safe procedures, as noted in Post No. 3.


#16

Use the well-functioning TFTP recovery flash mode in WNDR3700 and flash the Netgear stock firmware back into the router. You need to use wired LAN for that.

The recovery mode is documented in wiki and works well. I have used it a dozen time with my WNDR3700 v1 (and v2 and WNDR3800)

tmomas already gave a link to the wiki article about the TFTP mode, but I am repeating it here
https://openwrt.org/toh/netgear/wndr3700#recovery_flash_in_failsafe_mode.

That recovery flash routine is based on the u-boot bootloader, so your current OpenWrt has no role in that process. (so, any possible "hacking" has no effect in the outcome)

Ps.

WNDR3700 is a Netgear router and has no dual backup partition, so there is no need to flash twice.


#17

If you are adventurous, you can use the TFTP flash mode to flash the 18.06 version of my WNDR3700 community build (which has been available since 2011).

But I suggest that you return to the Netgear stock firmware that you are familiar with.


#18

First make sure you are connecting to your own router.
Disconnect both WNDR3700 and your travel router power adapters. See if you still can see Openwrt SSID


#19

Possibly local machine compromised with UPnP on the router or Wireless insecure or abused by a user followed by TelnetEnable to view the nvram.

Good explanation of a security flaw on some Netgear routers when having access to the local LAN:

https://openwrt.org/toh/netgear/telnet.console


#20

Problem solved. I was able to tftp the stock firmware and restore my router. Now I can study OpenWrt and decide to install when I’m ready. Than you all that participated in guiding me through this process. It was a lesson learned!


#21

That's good. Though, ideally you should have marked the post by @hnyman as the solution rather than your own, since it was him who suggested TFTP.


#22

Hi glad you got it sorted mate. It was me on twitter. I did not get back to you because I had to take my mum on a 250 mile round trip to get a brane scan. She is OK, just a check. I hope you flash back to openwrt when you are ready!


closed #23

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.