Differences

This shows you the differences between two versions of the page.

--- 2021:xiaomi_flash [2021/07/31 17:35] – [Flashing the new firmware] admin
+++ 2021:xiaomi_flash [2021/11/03 15:43] (current) – [Flashing the new firmware] admin
@@ Line 11: / Line 11: @@
 ==== Overview ====
   * Its always good to understand actually what is happening when you do something so that when things do go wrong you will have a better ability to do troubleshooting.
-  * With the latest version of OpenWRTInvasion you need will need to
+  * With the latest version of OpenWRTInvasion you need to
         *  Connect the Xiaomi router to the Internet (Using the WAN port)
         * Connect your computer (ours is running Ubuntu 20.04) to the LAN.
@@ Line 23: / Line 23: @@
   * If things go wrong there is an easy way to install the original Xiaomi firmware again onto the device and start from scratch.
   * This makes the devices very robust.
+===== Finding the stok code on the router =====
+  * This section will show a couple of screenshots from the Xiaomi 4C router to get to the **stok** code needed when using **OpenWRTInvasion**.
+  * These routers are easy to source in most countries. I got one from a local online store in South Africa for ~15USD delivered to my door.
+  * I connected the WAN port to my TLE router and connected my laptop to the LAN side of the 4C.
+{{ :2021:xiaomi_w1.png?nolink |}}
+  * The very first screen you are met with can be a bit confusing, since your natural reaction is to hit the **Try it now** button.
+  * You however have to first select the country. So click the **Click to select** link to select the country first.
+{{ :2021:xiaomi_w2.png?nolink |}}
+  * Not all countries are listed in the select, so I choose **United Kingdom**
+{{ :2021:xiaomi_w3.png?nolink |}}
+  * Once it is selected you can hit the **Try it now** button again.
+{{ :2021:xiaomi_w4.png?nolink |}}
+  * On the **Internet guide** screen you can leave the default and click it through
+{{ :2021:xiaomi_w5.png?nolink |}}
+  * Provide a password for the router and Wireless and click next.
+{{ :2021:xiaomi_w6.png?nolink |}}
+  * Setup is now complete and you can log in using the password you just provided.
+{{ :2021:xiaomi_w7.png?nolink |}}
+  * Here we are logged in.
+  * As you can see in the URL Address bar there is a query string with an item called **stok** which you will use with **OpenWRTInvasion**
+  * Note that this value changes with each session so if you rebooted the router or logged out and then log in again the value will be different.
+  * Only the most recent value will work with **OpenWRTInvasion**
 ===== Invading the Router =====
-  * We assume you are on a working installation of Ubuntu 20.04.
+  * We assume you have an installation of Ubuntu 20.04.
   * Make sure python3-pip and git is installed
 <code bash>
@@ Line 37: / Line 75: @@
 git clone https://github.com/acecilia/OpenWRTInvasion.git
 </code>
-  * Install the requirements and run it. You will need Admin rights to run the program else if will not work.
+  * Install the requirements and run it. You will need Admin rights to run the program else it will not work.
 <code bash>
 cd OpenWRTInvasion/
@@ Line 45: / Line 83: @@
 </code>
   * This will start the program and ask two questions for it to complete the invasion
-        * Router IP address. The default as stated and specified will be 192.168.31.1.
+        * **Router IP address**. The default as stated and specified will be 192.168.31.1.
-        * Stok value. This is the value shown after you went through the initial setup wizard of the router.
+        * **Stok value**. This is the value shown after you went through the initial setup wizard of the router.
         * Mine was http://192.168.31.1/cgi-bin/luci/;stok=c047480902024ca71370a39eace78b36/web/home#router.
         * Note that this value is generated on the fly and changes next time the router boots again.
 <code bash>
@@ Line 70: / Line 107: @@
 ===== Flashing the new firmware =====
-  * Please note that the router is fairly robust and things have to go South very badly for the router to be hard bricked.
+  * As you can see from the snippet above there are a couple ways of reaching the invaded router.
-  * So don't be to nervous when flashing the router as you always restore it again.
+  * Please note that the router is fairly robust making it almost impossible hard brick the router.
+  * //Don't be to nervous when flashing the router as you always restore it again.//
   * We will
-        * Telnet into the router
+        * SCP the firmware image onto the router
-        * Download the firmware image we want to install
+        * SSH into the router
-        * write it to the OS1 flash partition.
+        * Write the firmware to the OS1 flash partition using the **mtd** program.
-  * To download the firmware image we use **wget**.
+  * Copy the firmware file to the router.
-  * Unfortunately this version of wget can not download from HTTPS websites.
-  * For this reason we also installed **NGINX** on the Ubuntu machine where we installed OpenWRTInvasion. (Not in these instructions, but easy to get elsewhere)
-  * We will then copy the firmware files to the webroot directory where **NGINX** serves its content from to fetch it locally.
+<wrap em>**!! Please change the name of the firmware file to match yours !!**</wrap>
 <code bash>
-system@one:~/Documents/xiaomi_flash/OpenWRTInvasion$ telnet 192.168.31.1
+scp -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc -o UserKnownHostsFile=/dev/null openwrt-ramips-mt7621-xiaomi_mi-router-4a-gigabit-squashfs-sysupgrade.bin  root@192.168.31.1:/tmp
-Trying 192.168.31.1...
+</code>
-Connected to 192.168.31.1.
+  * SSH into the device
-Escape character is '^]'.
-XiaoQiang login: root
+<wrap em>**!! Here also change the name of the firmware file to match yours !!**</wrap>
-Password:
+<code bash>
+ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc -o UserKnownHostsFile=/dev/null root@192.168.31.1
 BusyBox v1.19.4 (2019-06-28 10:13:42 UTC) built-in shell (ash)
@@ Line 107: / Line 146: @@
 root@XiaoQiang:~# cd /tmp
-root@XiaoQiang:/tmp# wget http://192.168.31.152/openwrt-ramips-mt7621-xiaomi_mi-router-4a-gigabit-squashfs-sysupgrade.bin
-Connecting to 192.168.31.152 (192.168.31.152:80)
-openwrt-ramips-mt762 100% |*********************************************************************************************************************************************************************************|  7425k  0:00:00 ETA
 root@XiaoQiang:/tmp# mv openwrt-ramips-mt7621-xiaomi_mi-router-4a-gigabit-squashfs-sysupgrade.bin openwrt.bin
 root@XiaoQiang:/tmp# mtd -e OS1 -r write openwrt.bin OS1
@@ Line 116: / Line 152: @@
 </code>
   * If all goes well the device will reboot.
-  * Keep an eye on the orange LED if it flashes you're in since it is related to OpenWRT.
+  * Keep an eye on the orange LED if it flashes you're in business since it is related to OpenWRT.
-  * While it flashes it meand OpenWRT is busy creating its working filesystem on the flash chip. Remember that devices with 128M flash will take longer to settle down eventually.
+  * While it flashes it means OpenWRT is busy creating its working filesystem on the flash chip.
+  * Remember that devices with 128M flash will take longer to settle down eventually.
   * Once everything settles down you should have two blue LEDs.
   * Now you can try out your new firmware.
   * If things however did now work according to plan the next section is for you.
+===== De-Bricking The Xiaomi Router =====
+  * There is an awesome write-up with some YouTube videos on how to de-brick and restore the router's original firmware.
+  * https://hoddysguides.com/xiaomi-debrick-tools-all/
+  * One point if interest is if you run a Linux environment you can simply install **Wine** and run the **pxesrv.exe** program as root.
+<code bash>
+sudo wine pxesrv.exe
+</code>

RADIUSdesk

Page Tools

Site Tools

User Tools

Differences