forked from fabianhu/WT3020-16MB
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathwt3020 upgrade to 16M and LEDE.txt
110 lines (81 loc) · 3.55 KB
/
wt3020 upgrade to 16M and LEDE.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
Prerequisites:
* Linux PC (tested with Ubuntu 16.04)
* soldering iron
* W25Q128FVSSIG (16MB Flash Chip)
* CH341 based SPI to USB flash programmer
* some thin wire or a SO-8 adapter
* one nexx WT3020 router
1. Unsolder the 8MB Flash chip (SO-8)
2. Read flash chip with ch341prog (https://github.com/danielkucera/ch341prog)
$ sudo ./ch341prog -r nexx.bin
3. Write flash chip to new W25Q128FVSSIG (16MB Flash)
$ sudo ./ch341prog -w nexx.bin
(takes quite a while and will automatically verify)
4. Re-solder the new flash chip to the router
maybe on top of pre-soldered pads to ease later unsoldering in case things go wrong
5. Boot up router with stock firmware on new chip
6. Install new Bootloader
Downloading .bin directly to wt3020 will not work, therefore we download it on PC and http-transfer it to the router.
On PC ($)
get the breed bootloader:
$ wget --no-check-certificate https://breed.hackpascal.net/breed-mt7620-reset1.bin
serve actual directory over http:
$ python -m SimpleHTTPServer 8000
The file is also provided in this repository for your convenience
Thanks to hackpascal for providing this on his website.
Now connect to your router:
$ telnet 192.168.8.1
login: nexxadmin
Password: y1n2inc.com0755
this is the backdoor built into the original firmware
transfer data to /tmp on the router:
# cd /tmp
# wget http://<your PC name or IP>:8000/breed-mt7620-reset1.bin
check if stuff arrived
# ls -l
now we are ready to flash the bootloader:
# mtd_write unlock mtd0
power falure before completing the next two steps: brick - soldering - repeat
# mtd_write erase mtd0
# mtd_write -r write breed-mt7620-reset1.bin mtd0
The last step takes a quite short amount of time, but freezes your telnet session which makes it seem to take forever.
If you do this over serial console, you will see it rebooting shortly after issuing the write command.
6. Building LEDE
Choose a nice place for you build directory, needs ~14 GB - this is a full Linux build.
See instructions here:
https://lede-project.org/docs/guide-developer/quickstart-build-images
Short instructions:
$ sudo apt-get install subversion g++ zlib1g-dev build-essential git python
$ sudo apt-get install libncurses5-dev gawk gettext unzip file libssl-dev wget
Get the LEDE source code:
$ git clone https://git.lede-project.org/source.git lede
$ cd lede
apply patch for the 16MB version (0001-WT3020-Add-support-for-16M-flash.patch) from this repo
$ patch -p1 < file.patch
or three way
$ git am -3 < file.patch
$ ./scripts/feeds update -a
$ ./scripts/feeds install -a
$ make defconfig
$ make menuconfig
choose
Target System (MediaTek Ralink MIPS)
Subtarget (MT7620 based boards)
Target Profile (Nexx WT3020 (16MB))
$ make
takes aeons to build. (went away during buid, future builds will much faster)
7. Install new FW to router
login into web interface 192.168.8.1
admin - admin
go to: Advanced - System Settings - Upgrade firmware
select:
<LEDE buid dir>/bin/targets/ramips/mt7620/lede-ramips-mt7620-wt3020-16M-squashfs-factory.bin
- say goodbuye to the nexx-firmware.
- Upgrade
- after reboot the wt3020 is accessible via 192.168.1.1
- maybe you have to change you ip manually or reboot
8. Using breed
If you do not understand Chinese (the breed has a very nice (Chinese) web interface served on 192.168.1.1 if reboot got interrupted by serial console. or things went wrong)
Install Chrome / Chromium and a translation plugin:
https://github.com/szsoftware/breed-translator
Still hoping for hackpascal to release the source ;)