Netgear WNR854T crash course
Initial status:
[Router: OK] [Internet: OK] [Wireless: OK] [Fear: None]
Download a copy of your exactly original firmware version number. If not available, upgrade to latest, reset to factory defaults and reconfigure.
Backup original settings http://192.168.1.1/BAK_backup.htm - Save a Copy of Current Settings - [Backup]
Get serial access:
[Router: Open] [Internet: No] [Wireless: No] [Fear: Some]
Copy & Paste the output of: Marvell>> printenv
To continue booting: Marvell>> run standalone
[Router: OK] [Internet: OK] [Wireless: OK] [Fear: None]
Pick your image download:
openvpn: includes openvpn
extra: includes qos-scripts, ntpclient, bandwidthd, miniupnpd, updatedd
Flash image via http://192.168.1.1/UPG_upgrade.htm
[Router: Bricked] [Internet: No] [Wireless: No] [Fear: Full]
Wait until there is a timeout error, and wait a bit more. Wanna check for something in the fridge?
Is about 4 minutes also a 404 Not Found The requested URL was not found is a good indication.
[Router: ON] [Internet: No] [Wireless: Lost] [Fear: Some]
Gain access to http://192.168.1.1 you should be at a change password prompt.
Now use root and password from previous prompt to enter Webif.
Configure Network - WAN - Apply - Apply changes.
If you need account(s) password(S) there are in plain text on netgear.cfg file you backup before, also MAC address(es) to replace the ugly ones.
MAC address is also in a sticker in your router.
CAUTION. Changing LAN MAC address require arp -d 192.168.1.1 on your PC to access your router again. Even this don't work for me and need to access via serial console to revert:
ifconfig br-lan hw ether 00:00:00:00:51:81
[Router: OK] [Internet: OK] [Wireless: Lost] [Fear: None]
Play around. That's all.
Now the ugly part:
No wireless support. Buy a supported Mini PCI wireless card. Use the salvaged card in your notebook. Buy a Mini PCI to PCI adapter and use the salvaged card in your PC.
Do something stupid and you get a bricked router. To recover from brick, you will need serial access and multiple tools, better download beforehand when you still have Internet:
wget, putty, puttygen, tftpsrv, WinSCP, serial to USB cable driver, original firmware.
Stale repository. Maybe tomorrow, files in the repository get overwritten with newer ones incompatible with your revision, and you don't really want to be in the bleeding edge flashing your router so often.
Then a local repository works even if no wan connectivity exist and will not stale.
Download and install Apache server noSSL, default installation is fine.
Make a working directory for you repository:
%programfiles%\Apache Software Foundation\Apache2.2\htdocs\xwrt\orion\r17427\
Download http://downloads.x-wrt.org/.../packages/Packages.gz to
Download or extract from above http://downloads.x-wrt.org/.../packages/Packages
Is a plain text file with individual package descriptions, 1792 files for r17427. All these should be downloaded.
Search in the file for the package base-files-orion, it will get you a clue of revision number.
If it's fine for you to do 1792 clicks, sort the repository by date and download the first 1792 files, note they are the same date.
So, a dumb robot may do it better, need a list of files, we have Packages file and dumb wget (be nice with the server):
wget -t 2 --waitretry=48 --wait=33 --random-wait --user-agent="" -e robots=off -o ./packages.log -P./packages -i ./packages.wget
Still need the packages.wget list... Fashion Window$ way, one download more: notepad++
Open Packages file with notepad++
Ctrl-F (Search)
Filename:\s.*\.ipk
[x]Bookmark line
Search mode: (x)Regular expression
[Search all]
1792 marked occurrences [Ok]
[Close]
Search menu - Copy bookmarked lines
File menu - new
Ctrl-V (Paste)
Ctrl-H (Search and replace)
Filename:\s
http://downloads.x-wrt.org/xwrt/kamikaze/snapshots/orion/packages/
Search mode: (x)Regular expression
[Replace all]
1792 occurrences were replaced [OK]
[Close]
Ctrl-S (Save) (that's all)
packages.wget [OK] (or whatever name you like)
The add/remove repository on Webif hang the router (try and power cycle)
So there is File Editor
Insert at top where XXX is your local PC connected to the router:
src/gz Local http://192.168.1.XXX/xwrt/orion/r17427
Remove or comment (with # at start) similar lines.
Apply changes
More fun to try:
ssh login without password
touch /etc/dropbear/authorized_keys
chmod 0600 /etc/dropbear/authorized_keys
echo ssh-rsa OneLinerLongRSAkey= rsa-key-20090825 >> /etc/dropbear/authorized_keys
Last line could also be done by Webif editor
Both approaches breaks forward secrecy if you care about it.
Access To Modem Configuration
Do:
ifconfig wan:1 192.168.0.5 netmask 255.255.255.0 broadcast 192.168.0.255
iptables -I forwarding_rule -d 192.168.0.2 -j ACCEPT
iptables -t nat -I POSTROUTING -d 192.168.0.2 -j MASQUERADE
Undo:
iptables -t nat -D POSTROUTING 1
iptables -D forwarding_rule 1
ifconfig wan:1 down
Still not crashed? No crash, no fun :-) So keep tunned to this guide, more updates to come.
TODO: Add all required tools links.
(Last edited by Nilfred on 8 Sep 2009, 05:56)