Xiaomi Mi Router 4A Gigabit Edition (R4AG/R4A Gigabit) -- fully supported and flashable with OpenWRTInvasion

hernan · 2020-05-14T00:25:14.517Z

Hi guys!

Just posting to say that I'm using the 19.07.2 build that @Zorro uploaded (the one of the #2 link) and it's working great on my Mi 4 Gigabit Edition, way better than the old snapshots from when I first modded my router to install OpenWRT. It's fast, with flow offloading my 300/15 connection works without any issue at full speed and so far very stable. Totally recommended.

darfir · 2020-05-14T08:22:49.388Z

Hello, if you find any bug, I appreciate that you can report it here. I would like to flash my router

tmomas · 2020-05-14T08:43:35.538Z

@rogerpueyo Nitpick regarding the topic title: The correct spelling is OpenWrt.

rogerpueyo · 2020-05-14T09:31:02.453Z

I am fully aware of it but the tool is indeed named OpenWRTInvasion

makku71 · 2020-05-14T14:25:10.750Z

You can flash it. One of my two Devices runs this image for a couple of days now in daily use without any trouble. You will do fine until there is a fully supported Version 20 of OpenWRT for this device.
Follow the excellent descriptions and enjoy !

hoddy · 2020-05-14T18:12:32.823Z

I've just made a video showing the complete install method and debrick method if needed. Hopefully its helpfull!

maxencep02 · 2020-05-15T13:48:20.451Z

Hello,
Thank you for you works and also for the video.
I am stuck and need your help.

I was able to run OpenWRTInvasion but I cannot connect to telnet. I don't know how to solve that. I am now running on firmware 2.28.62. Initialy my router was with chinese firmware.

pi@raspberrypi:~/OpenWRTInvasion $ python3 remote_command_execution_vulnerability.py
Router IP address: 192.168.1.66
stok: c8f27652af5b21d497cc68e9e9d453ea
****************
router_ip_address: 192.168.1.66
stok: c8f27652af5b21d497cc68e9e9d453ea
****************
start uploading config file...
start exec command...
done! Now you can connect to the router using telnet (user: root, password: none)
In MacOS, execute in the terminal:
telnet 192.168.1.66
pi@raspberrypi:~/OpenWRTInvasion $ telnet 192.168.1.66
Trying 192.168.1.66...
telnet: Unable to connect to remote host: Connection refused

Thank you for your help
Maxence

fluffymadness · 2020-05-15T13:56:21.704Z

after you've set the password in the stock firmware webinterface, do a reboot and try to connect to it again. I needed a reboot to be able to connect.

maxencep02 · 2020-05-15T14:19:35.054Z

I tried a reboot, confirmed by the change of stok but same result.
I plug the router on the lan 2.
And I am doing the hack from my remote rpi3B trough SSH (my computer is under windows and the script of Zoro don't want to work Rrrr).

I configured the router as an access point to be able to reach it though my normal network.

I don't know if one of these elements can explain my problem.

emer62304 · 2020-05-15T17:02:50.290Z

i am new and unfamiliar with linux .
i have mi4a gigabit router and also a ch341 programmer
i have problem with stock firmware related to vpn because when i input my pptp account parameters in router and want to access filtered websites in my cellphone like youtube , it doesn't work and websites remain filtered but my ip and geo location changes so i decided to flash a new firmware that solves my vpn problem .
my question is : is there a dd-wrt firmware or edited dump with vpn funtionality like asuswrt for pptp and l2tp and openvpn client tested and functional that i flash it with programmer on my router?

hoddy · 2020-05-15T22:07:50.041Z

Normally I've found a reboot cures it when I've had issues. Out if curiosity, the IP you're using is not default did you change it?

hoddy · 2020-05-15T22:15:54.568Z

I think the OpenWrtInvasion method is preferred over the CH341, If you need help check my video above. It show me doing it on Linux but you can achieve the same on Windows or Mac. I think you're asking if their is an OpenWrt image that has VPN functionality and the answer is yes, off the top of my head I think Zorro's second image has it but it's definitely a possibility (although because we are mostly using snapshots it can be difficult to install additional packages)

Zorro · 2020-05-15T22:43:30.675Z

As @hoddy said you don't need a programmer anymore use OpenWrtInvasion method instead .you can install ubuntu on VMware then try to flash openwrt firmware.below image has both openvpn and wireguard :

https://anonfile.com/16y6d6x7of/openwrt-ramips-mt7621-xiaomi_mir3g-v2-squashfs-sysupgrade_zip

emer62304 · 2020-05-16T05:26:24.740Z

thanks for the reply
is pptp and l2tp included in vpn client list
are they really functional and tested
can you upload some image from pptp and l2tp and ovpn setting
i appreciate it

emer62304 · 2020-05-16T05:35:29.897Z

thanks for your helpful video but as i told i'm not familiar with linux
can you upload a video doing that in windows it would be helpful for those like me
i really appreciate your effort

hoddy · 2020-05-16T08:36:34.289Z

Sorry @emer62304 I'm probably not going to get a chance to do that for a while, however I'd really tat this opportunity to learn a little Linux, what you learn will definitely help you in the future when you're running OpenWrt. Download Virtual Box and grab a Ubuntu image and give it a go. As for your ovpn question, I think you should find the information you need here: https://openwrt.org/docs/guide-user/services/vpn/openvpn/client-luci

woody4165 · 2020-05-16T09:11:23.838Z

Hi all

Is the Xiaomi Mi 4A (R4AC) non Gigabit flashable with OpenWrt?

Is this the correct firmware ?

Thanks!

maxencep02 · 2020-05-16T09:55:53.148Z

@hoddy
I had switch the mode of the router to Access point.
Now I have resetted it to factory and I just done the basic installation.
The exploit "works" on 192.168.31.1 but it is refusing the telnet connection.
I tried to change the DNS, same result.
Any idea?

About Zorro's scripts, on my windows 10 64Bit, there is an error about UTF-8 (french version). No idea how to improve or solve that.

morhimi · 2020-05-16T13:11:54.446Z

Yes,
I have 2 of these devices (100m) and installed them using the OpenWrtInvasion exploit using the link you shared as the openwrt image

image989×690 47.9 KB

hoddy · 2020-05-16T13:29:06.090Z

Not exactly sure what to suggest, might be worth using the debrick method (at the end of my video) to make sure you're on a firmware we know is exploitable. Also, check you dont have any firewall rules on your pi stopping telnet (or anything else needed for the exploit (probably ftp)), could also try telneting from your window PC in command line the comand is the same "telnet 192.168.31.1"