This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
2021:xiaomi_flash [2021/10/20 09:58] admin [Flashing the new firmware] |
2021:xiaomi_flash [2021/11/03 15:43] (current) admin [Flashing the new firmware] |
||
---|---|---|---|
Line 40: | Line 40: | ||
{{ :2021:xiaomi_w3.png?nolink |}} | {{ :2021:xiaomi_w3.png?nolink |}} | ||
- | * Once it is selected you can hit the **Try in now** button again. | + | * Once it is selected you can hit the **Try it now** button again. |
{{ :2021:xiaomi_w4.png?nolink |}} | {{ :2021:xiaomi_w4.png?nolink |}} | ||
Line 56: | Line 56: | ||
{{ :2021:xiaomi_w7.png?nolink |}} | {{ :2021:xiaomi_w7.png?nolink |}} | ||
- | * Here we are logged in. As you can see in the URL Address bar the query string has an item called **stok** which you will use with **OpenWRTInvasion** | + | * Here we are logged in. |
- | * Note that this value changes with each session so if you rebooted the router or logged out and then log in agin the value will be different. | + | * As you can see in the URL Address bar there is a query string with an item called **stok** which you will use with **OpenWRTInvasion** |
+ | * Note that this value changes with each session so if you rebooted the router or logged out and then log in again the value will be different. | ||
* Only the most recent value will work with **OpenWRTInvasion** | * Only the most recent value will work with **OpenWRTInvasion** | ||
Line 63: | Line 64: | ||
===== Invading the Router ===== | ===== Invading the Router ===== | ||
- | * We assume you are on a working installation of Ubuntu 20.04. | + | * We assume you have an installation of Ubuntu 20.04. |
* Make sure python3-pip and git is installed | * Make sure python3-pip and git is installed | ||
<code bash> | <code bash> | ||
Line 74: | Line 75: | ||
git clone https://github.com/acecilia/OpenWRTInvasion.git | git clone https://github.com/acecilia/OpenWRTInvasion.git | ||
</code> | </code> | ||
- | * Install the requirements and run it. You will need Admin rights to run the program else if will not work. | + | * Install the requirements and run it. You will need Admin rights to run the program else it will not work. |
<code bash> | <code bash> | ||
cd OpenWRTInvasion/ | cd OpenWRTInvasion/ | ||
Line 82: | Line 83: | ||
</code> | </code> | ||
* This will start the program and ask two questions for it to complete the invasion | * This will start the program and ask two questions for it to complete the invasion | ||
- | * Router IP address. The default as stated and specified will be 192.168.31.1. | + | * **Router IP address**. The default as stated and specified will be 192.168.31.1. |
- | * Stok value. This is the value shown after you went through the initial setup wizard of the router. | + | * **Stok value**. This is the value shown after you went through the initial setup wizard of the router. |
* Mine was http://192.168.31.1/cgi-bin/luci/;stok=c047480902024ca71370a39eace78b36/web/home#router. | * Mine was http://192.168.31.1/cgi-bin/luci/;stok=c047480902024ca71370a39eace78b36/web/home#router. | ||
* Note that this value is generated on the fly and changes next time the router boots again. | * Note that this value is generated on the fly and changes next time the router boots again. | ||
- | |||
<code bash> | <code bash> | ||
Line 108: | Line 108: | ||
* As you can see from the snippet above there are a couple ways of reaching the invaded router. | * As you can see from the snippet above there are a couple ways of reaching the invaded router. | ||
- | * Please note that the router is fairly robust and things have to go South very badly for the router to be hard bricked. | + | * Please note that the router is fairly robust making it almost impossible hard brick the router. |
- | * //So don't be to nervous when flashing the router as you always restore it again.// | + | * //Don't be to nervous when flashing the router as you always restore it again.// |
* We will | * We will | ||
* SCP the firmware image onto the router | * SCP the firmware image onto the router | ||
* SSH into the router | * SSH into the router | ||
- | * write it to the OS1 flash partition. | + | * Write the firmware to the OS1 flash partition using the **mtd** program. |
- | * Copy the firmware file to the router. Please change the name of the firmware file to match yours. | + | * Copy the firmware file to the router. |
+ | |||
+ | |||
+ | <wrap em>**!! Please change the name of the firmware file to match yours !!**</wrap> | ||
<code bash> | <code bash> | ||
scp -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc -o UserKnownHostsFile=/dev/null openwrt-ramips-mt7621-xiaomi_mi-router-4a-gigabit-squashfs-sysupgrade.bin root@192.168.31.1:/tmp | scp -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc -o UserKnownHostsFile=/dev/null openwrt-ramips-mt7621-xiaomi_mi-router-4a-gigabit-squashfs-sysupgrade.bin root@192.168.31.1:/tmp | ||
</code> | </code> | ||
* SSH into the device | * SSH into the device | ||
+ | |||
+ | <wrap em>**!! Here also change the name of the firmware file to match yours !!**</wrap> | ||
+ | |||
<code bash> | <code bash> | ||
- | system@one:~/Documents/xiaomi_flash/OpenWRTInvasion$ ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc -o UserKnownHostsFile=/dev/null root@192.168.31.1 | + | ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc -o UserKnownHostsFile=/dev/null root@192.168.31.1 |
BusyBox v1.19.4 (2019-06-28 10:13:42 UTC) built-in shell (ash) | BusyBox v1.19.4 (2019-06-28 10:13:42 UTC) built-in shell (ash) | ||
Line 151: | Line 158: | ||
* Now you can try out your new firmware. | * Now you can try out your new firmware. | ||
* If things however did now work according to plan the next section is for you. | * If things however did now work according to plan the next section is for you. | ||
+ | |||
+ | ===== De-Bricking The Xiaomi Router ===== | ||
+ | * There is an awesome write-up with some YouTube videos on how to de-brick and restore the router's original firmware. | ||
+ | * https://hoddysguides.com/xiaomi-debrick-tools-all/ | ||
+ | * One point if interest is if you run a Linux environment you can simply install **Wine** and run the **pxesrv.exe** program as root. | ||
+ | <code bash> | ||
+ | sudo wine pxesrv.exe | ||
+ | </code> | ||
+ | |||