[root@rhce-ryanrudolf]# rm -rf / 2> /dev/null

things I break/fix for fun and learning

Jun 1, 2018 - 2 minute read - Comments

Modifying Bootloader of WDR3600

I recently acquired a TP LINK WDR3600. It’s a dual band router with gigabit ethernet ports and 2 USB ports. It is also fully supported by OpenWRT / LEDE, which is one of my favorite open source projects. I want to modify the bootloader (u-boot) because I need a quick and easy way to recover from bricks without using special tools. One of the benefits of using a modified bootloader is an embedded web server that can be used to (re)flash the firmware. I want to build and customize my own firmware for this router, and even though I have done this before without bricking, having a failsafe method gives more peace of mind.

Steps to install u-boot mod (credits to pepe2k)

1 - Download the archive located in https://github.com/pepe2k/u-boot_mod/releases/tag/2014-11-19

2 - Extract the archive using tar. Navigate and look for the OpenWRT prebuilt images. Make sure the router model is listed. If it is not listed, do not proceed.

3 - Login to the GUI of the router (usually 192.168.1.1) and flash the appropriate prebuilt image. Once completed, the router will reboot automatically.

4 - Telnet to the router.

5 - Execute the command u-boot-upgrade. READ and follow the prompts carefully. Once completed, reboot the router.

6 - Set a static IP 192.168.1.2 on the computer.

7 - To access the embedded web server - Turn off the router. While OFF, hold the RESET button and press the power button. LEDS will flash, release the RESET button after 3 secs or after the LEDS has flashed for 3x. This is tricky and needs practice!

8 - Once properly completed, the embedded web server will be available at 192.168.1.1.

9 - The prebuilt image is outdated and old, we can now flash a new firmware image.

10 - Once fimrware update is complete, the normal GUI of the router will be available at 192.168.1.1.

And since the embedded web server is part of the bootloader, we can easily access it by doing the POWER / RESET button combination. Even if the normal GUI of the router is not working, we can fallback to the embedded web server and reflash the appropriate firmware. This will be very useful when testing firmwares or building firmware from source. No more need for JTAGS to recover from bricks.

Like this page? Share it!