Hi everyone. I'm new here, and this is my first post. Yey!
I have a little special case.
My wifi router is a D-link DWR-956, purchased from Telenor Norway (an isp/phone company).
It's an LTE/4G router, with 802.11ac support.
I couldn't find ANY information on the web about this router. Not from Telenor, and not from D-link.
Nothing at all...
They even encrypted the firmware updates, so analyzing them was impossible.
Well, i've been tinkering with this device for a while now, and I've learnt a greaet deal doing so.
I managed to get a serial-console on the device after locating the UART headers.
U-boot was very limited, So I had to load the mtd partitions, and UBI partitions into memory, then dump the content of the memory to the screen while logging everything.
Afterwards i had to go over all the logfiles to filter out the offsets and the ascii, leaving only the hex.
After some days i had an exact duplicate of the NAND-chip on my hard-drive.
Everything was unencrypted on the device, so i found the keys to decrypt the firmware updates, and the root-password to the device.
The SoC is a Lantiq GRX388
cat /proc/cpuinfo
system type: AR10
processor: 0
cpu model: MIPS 34Kc V5.6
BogoMIPS: 399.76
wait instruction: yes
microsecond timers: yes
tlb_entries: 16
extra interrupt vector: yes
hardware watchpoint: yes, count: 4, address/irw mask: [0x0000, 0x0ff8, 0x0ff8, 0x0ff8]
ASEs implemented: mips16 dsp mt
shadow register sets: 1
core: 0
VCED exceptions: not available
VCEI exceptions: not available
The firmware running is a custom-build of OpenWRT running with kernel 2.6.32.42. (with a few vulnerabilities)
root@telenor-ruter:~# cat /etc/openwrt_release
DISTRIB_ID="OpenWrt"
DISTRIB_RELEASE="10.03.1"
DISTRIB_CODENAME="backfire"
DISTRIB_DESCRIPTION="OpenWrt Backfire 10.03.1"
root@telenor-ruter:~# cat /etc/openwrt_version
10.03.1-RC6
I haven't given up my hopes of getting OpenWRT up and running on this device.
So if there's anything i can do to help out, please let me know.
At the moment i'm trying to emulate the firmware with Firmadyne, and i'm learning lots of new stuff every day.