Hacking COMPLETED Fusee-LEDE Dongle (6$ payload injector)

[lufeig]

if bootloader is intact, it's relatively easy to unbrick it

if not, get a cheap eeprom reader/writer and you'll be able to read/write a full dump on the eeprom and bring it back to life.

I got a ch341a usb spi programmer and a read/write plier, so all work can be done without soldering/desoldering

 

[FGFlann]

Can you make flash bin for Hame MPR-A2(A100)?
Thank you.

Here is the image for the MPR-A2 as requested. Again, untested.

 

[RazorX2014]

Could you post the output of "ls /bin/mtd*" and "ls /sbin/mtd*" just to make sure it's not there under a slightly different name?

sorry for the delay i was at work, this is what it shows:


Login: admin
Password:


BusyBox v1.12.1 (2014-11-08 19:35:44 HKT) built-in shell (msh)
Enter 'help' for a list of built-in commands.

# help

Built-in commands:
-------------------
. : break cd continue eval exec exit export help login newgrp
read readonly set shift times trap umask wait

# cat /proc/cmdline
console=ttyS1,57600n8 root=/dev/ram0
# ls /bin/mtd
ls: /bin/mtd: No such file or directory
# ls /sbin/mtd
ls: /sbin/mtd: No such file or directory
#

 

[FGFlann]

sorry for the delay i was at work, this is what it shows:


Login: admin
Password:


BusyBox v1.12.1 (2014-11-08 19:35:44 HKT) built-in shell (msh)
Enter 'help' for a list of built-in commands.

# help

Built-in commands:
-------------------
. : break cd continue eval exec exit export help login newgrp
read readonly set shift times trap umask wait

# cat /proc/cmdline
console=ttyS1,57600n8 root=/dev/ram0
# ls /bin/mtd
ls: /bin/mtd: No such file or directory
# ls /sbin/mtd
ls: /sbin/mtd: No such file or directory
#

You forgot the asterisks.

 

[RazorX2014]

You forgot the asterisks.

what do you mean?

 

[FGFlann]

what do you mean?

ls /bin/mtd should be ls /bin/mtd*

 

[RazorX2014]

ls /bin/mtd should be ls /bin/mtd*

Login: admin
Password:


BusyBox v1.12.1 (2014-11-08 19:35:44 HKT) built-in shell (msh)
Enter 'help' for a list of built-in commands.

# ls /bin/mtd*
ls: /bin/mtd*: No such file or directory
#
# ls /sbin/mtd*
ls: /sbin/mtd*: No such file or directory
#


my manual says MIFI 3G/4G Smart Router if that helps

 

[FGFlann]

Login: admin
Password:


BusyBox v1.12.1 (2014-11-08 19:35:44 HKT) built-in shell (msh)
Enter 'help' for a list of built-in commands.

# ls /bin/mtd*
ls: /bin/mtd*: No such file or directory
#
# ls /sbin/mtd*
ls: /sbin/mtd*: No such file or directory
#

So it's a bust after all. Too bad. I guess we should see if we can dig up the mtd-write binary from somewhere.

 

[RazorX2014]

So it's a bust after all. Too bad. I guess we should see if we can dig up the mtd-write binary from somewhere.

i think it may have worked this time xD
i tried the openwrt-15.05-ramips-rt305x-a5-v11-squashfs-factory.bin again and this time it didn't seem to mess up:

Edit:
ok i see this when i log into telnet:

=== IMPORTANT ============================
Use 'passwd' to set your login password
this will disable telnet and enable SSH
------------------------------------------


BusyBox v1.23.2 (2015-07-25 04:17:43 CEST) built-in shell (ash)

_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
CHAOS CALMER (15.05, r46767)
-----------------------------------------------------
* 1 1/2 oz Gin Shake with a glassful
* 1/4 oz Triple Sec of broken ice and pour
* 3/4 oz Lime Juice unstrained into a goblet.
* 1 1/2 oz Orange Juice
* 1 tsp. Grenadine Syrup
-----------------------------------------------------
root@OpenWrt:/#


now what would you suggest? it says something on the OP about a newer version that includes usb key payload update?

 

[FGFlann]

i think it may have worked this time xD
i tried the openwrt-15.05-ramips-rt305x-a5-v11-squashfs-factory.bin again and this time it didn't seem to mess up:

Edit:
ok i see this when i log into telnet:

=== IMPORTANT ============================
Use 'passwd' to set your login password
this will disable telnet and enable SSH
------------------------------------------


BusyBox v1.23.2 (2015-07-25 04:17:43 CEST) built-in shell (ash)

_______ ________ __
| |.-----.-----.-----.| | | |.----.| |_
| - || _ | -__| || | | || _|| _|
|_______|| __|_____|__|__||________||__| |____|
|__| W I R E L E S S F R E E D O M
-----------------------------------------------------
CHAOS CALMER (15.05, r46767)
-----------------------------------------------------
* 1 1/2 oz Gin Shake with a glassful
* 1/4 oz Triple Sec of broken ice and pour
* 3/4 oz Lime Juice unstrained into a goblet.
* 1 1/2 oz Orange Juice
* 1 tsp. Grenadine Syrup
-----------------------------------------------------
root@OpenWrt:/#


now what would you suggest?

Now that you have openwrt you can do a sysupgrade to one of the prebuilt images or build one yourself from source.

 

[RazorX2014]

Now that you have openwrt you can do a sysupgrade to one of the prebuilt images or build one yourself from source.

ok i will try that now, is there anything i need to do first? like settings wise

 

[FGFlann]

ok i will try that now, is there anything i need to do first? like settings wise

I'm not 100% on the procedure from this point since I used the flash uboot and sysupgrade image. But I believe you just need to get the sysupgrade firmware.bin into your /tmp directory on the dongle then flash it with the command sysupgrade -v /tmp/firmware.bin

 

[RazorX2014]

I'm not 100% on the procedure from this point since I used the flash uboot and sysupgrade image. But I believe you just need to get the sysupgrade firmware.bin into your /tmp directory on the dongle then flash it with the command sysupgrade -v /tmp/firmware.bin

i did it xD
thank you for your help

 

[FGFlann]

i did it xD
thank you for your help

Excellent. Glad it all worked out.

 

[theinstagator]

Are these SX OS Joycon Jig RCM Recovery Mode Shorter & Injector Kit für Nintendo Switch NS the same thing?

https://www.ebay.co.uk/itm/SX-OS-Jo...efLoc=2&_sacat=0&_nkw=rcm+jig&_from=R40&rt=nc

Also can anyone tell what unit is being used?

 

[RazorX2014]

Are these SX OS Joycon Jig RCM Recovery Mode Shorter & Injector Kit für Nintendo Switch NS the same thing?

https://www.ebay.co.uk/itm/SX-OS-Joycon-Jig-RCM-Recovery-Mode-Shorter-Injector-Kit-fur-Nintendo-Switch-NS/223067460926?hash=item33efdb553e:g:EPMAAOSw8tZbUFeF&LH_PrefLoc=2&_sacat=0&_nkw=rcm+jig&_from=R40&rt=nc

Also can anyone tell what unit is being used?

yes it's the same thing just using the sx os payload, it's just someone trying to make money but if you're here then you know you can make your own but to be fair to the seller that is a good price for what you get but that device he's using is a little on the large size but i would also like to know what that is xD

 

[kruy]

Here is the image for the MPR-A2 as requested. Again, untested.

Thank you very much～～
Great!

 

[blk_2sday]

yes it's the same thing just using the sx os payload, it's just someone trying to make money but if you're here then you know you can make your own but to be fair to the seller that is a good price for what you get but that device he's using is a little on the large size but i would also like to know what that is xD

I wanna buy it to open it up.

$15 for what could be a trinket or whatever kind of injector, a battery, case for board, USB cable and a jig? why not.

 

[RazorX2014]

I wanna buy it to open it up.

$15 for what could be a trinket or whatever kind of injector, a battery, case for board, USB cable and a jig? why not.

yeah i was curious to see what extra features you could possibly have with it, given it's size it could have extra usb ports or something else but i don't know it could end up being even shitter than what we already use.

it does say the battery isn't included though, which is stupid.

 

[blk_2sday]

yeah i was curious to see what extra features you could possibly have with it, given it's size it could have extra usb ports or something else but i don't know it could end up being even shitter than what we already use.

it does say the battery isn't included though, which is stupid.

I see.

Sent from my portable computing device from a underdeveloped country.