@Zorro Your patch use close source ? why you not release it on github or etc.
like https://github.com/Byte-bite/OpenWRT-19.07.3-Stable-MI4A-Gigabit
.
as i test @Zorro build wifi performance speed better than @Byte (Byte-bite) build
( 300Mbps vs 200Mbps DL )
2 Likes
When im trying to execute 0.start_main it says:
Traceback (most recent call last):
File "main.py", line 10, in <module>
line4 = subprocess.check_output(["cmd","/c","chcp","437","&","tracert","-d","-h","1","1.1.1.1"]).decode().split("\r\n")[4].strip().split(" ")
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xa0 in position 1: invalid start byte
1 Like
Your patch use close source ? why you not release it on github or etc.
Good question. @Zorro, can you do that?
2 Likes
Maybe this can help you ...
1 Like
i flashed zorros firmware.everything so far ok.but i cannot log in with root and no password. can i reset it ? I flashed firmware again, but same problem.
openwrt installation guide for windows :
1)pip3 install -r requirements.txt
2)python remote_command_execution_vulnerability.py
3)cd /tmp
4)./busybox sha256sum openwrt-19.07.3-ramips-mt7621-xiaomi_mir3g-v2-squashfs-sysupgrade.bin
5)mtd -e OS1 -r write openwrt-19.07.3-ramips-mt7621-xiaomi_mir3g-v2-squashfs-sysupgrade.bin OS1
https://anonfiles.com/R8yee651o9/windows_openwrt_installation_guide_mp4
1 Like
Hi guys and girls 
Any idea why the router did not get stable support when OpenWrt 19.07.03 was released?
Also, I updated the readme of the OpenWRTInvasion repo with a new openWrt prebuilt image
7 Likes
Support for your device was merged to master at the end of october 2019
while openwrt-19.07 branched off master in the middle of may 2019, almost half a year before your device had been added.
openwrt-19.07 is a stable maintenance branch, it gets bugfixes, but not new features/ device additions, you'll have to wait until the release of 20.x.0 for that.
4 Likes
http://cdn.cnbj1.fds.api.mi-img.com
http://bigota.miwifi.com/xiaoqiang/rom/r4ac/miwifi_r4ac_firmware_e9eec_2.18.58.bin
new link to download :
http://cdn.cnbj1.fds.api.mi-img.com/xiaoqiang/rom/r4ac/miwifi_r4ac_firmware_e9eec_2.18.58.bin
1 Like
Try pressing Ctrl+F5 or opening in a private browsing tab.
1 Like
Suddenly it worked. I tried several times to log in with root and no pwd. Now I'm logged in. Is it possible to switch to another luci theme? How I do it? Luci is with release 19.07.3 in my Opinion slower than the old theme.
1 Like
Here is the iperf test of Zoros Build (OpenWrt SNAPSHOT r12138-1e3bfbafd3 / LuCI Master git-20.064.26720-acef567).
iperf Server is Hosted on Router and tested with a 5Ghz NIC on Laptop
2 Likes
Yes, you can download more by seaching in software for theme's then swap the theme here:
Just a note, this is probably not a queston for this device specific forum.
2 Likes
Greetings,
been a happy owner of the 100M version, I bought the Gigabit version. I'm using the build from @Zorro (thank you for your build ) , however I'm noticing that the range from the 5G wireless is too weak. Everything else is ok and stable. Anybody with the same issue?
Thank you
1 Like
The proprietory drivers in the stock firmware are a bit more polished I think. It's worth checking you have the transmit power as high as you can for your region and it may help to change your channel and width I found. Also setting the Distance Optimization may help.
But yeah I've found the wirless range to be slightly less.
Installed the last snapshot (r13527-61307544d1) and now I got 200mb on ethernet cable instead of 1GB 
The link is established as 1Gbps
But why is it still in chinese?
The latest versions are unstable currently, I can't tell you exactly what versions are good and bad for now but I'm running r11063-85e04e9f46 by Zorro that works well, otherwise you can compile your own version from:
I am trying to use OpenWRTInvasion with my Xiaomi Mi Router 4A Gigabit Edition with - what it seems to be - a global English firmware 2.28.132. It is set as wired repeater with an cable inserted into one of the LAN ports. The router is getting an IP from a DHCP server. The exploit does not work and - after adding some debugging lines - I am getting the following response text:
{"code":401,"msg":"Invalid token"}
The full output with headers, urls, etc. is below:
gleber@ubuntu-vm:~/code/OpenWRTInvasion$ python3 remote_command_execution_vulnerability.py
Router IP address: 192.168.1.168
stok: 0150712eac08a29b11fe4dd8c591c335
****************
router_ip_address: 192.168.1.168
stok: 0150712eac08a29b11fe4dd8c591c335
****************
start uploading config file...
http://192.168.1.168/cgi-bin/luci/;stok=0150712eac08a29b11fe4dd8c591c335/api/misystem/c_upload
<Response [200]>
{"code":401,"msg":"Invalid token"}
start exec command...
{"code":401,"msg":"Invalid token"}
done! Now you can connect to the router using telnet (user: root, password: none)
In MacOS, execute in the terminal:
telnet 192.168.1.168
gleber@ubuntu-vm:~/code/OpenWRTInvasion$ less remote_command_execution_vulnerability.py
gleber@ubuntu-vm:~/code/OpenWRTInvasion$ python3 remote_command_execution_vulnerability.py^C
gleber@ubuntu-vm:~/code/OpenWRTInvasion$ zile remote_command_execution_vulnerability.py
gleber@ubuntu-vm:~/code/OpenWRTInvasion$ python3 remote_command_execution_vulnerability.py
Router IP address: 192.168.1.168
stok: 0150712eac08a29b11fe4dd8c591c335
****************
router_ip_address: 192.168.1.168
stok: 0150712eac08a29b11fe4dd8c591c335
****************
start uploading config file...
http://192.168.1.168/cgi-bin/luci/;stok=0150712eac08a29b11fe4dd8c591c335/api/misystem/c_upload
<Response [200]>
http://192.168.1.168/cgi-bin/luci/;stok=0150712eac08a29b11fe4dd8c591c335/api/misystem/c_upload
200
{'Server': 'nginx', 'Date': 'Thu, 11 Jun 2020 10:02:04 GMT', 'Content-Type': 'text/html; charset=utf-8', 'Transfer-Encoding': 'chunked', 'Connection': 'close', 'Cache-Control': 'no-cache', 'Expires': 'Thu, 01 Jan 1970 00:00:01 GMT', 'MiCGI-Switch': '1 1', 'MiCGI-Client-Ip': '192.168.1.170', 'MiCGI-Host': '192.168.1.168', 'MiCGI-Http-Host': '192.168.1.168', 'MiCGI-Server-Ip': '192.168.1.168', 'MiCGI-Server-Port': '80', 'MiCGI-Status': 'CGI', 'MiCGI-Preload': 'no'}
[]
{"code":401,"msg":"Invalid token"}
start exec command...
{"code":401,"msg":"Invalid token"}
done! Now you can connect to the router using telnet (user: root, password: none)
In MacOS, execute in the terminal:
telnet 192.168.1.168
The telnet port is closed after attempting the exploit.
Is this the right place to ask for help? Any ideas what else I could try?