Linux - Embedded & Single-board computerThis forum is for the discussion of Linux on both embedded devices and single-board computers (such as the Raspberry Pi, BeagleBoard and PandaBoard). Discussions involving Arduino, plug computers and other micro-controller like devices are also welcome.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Has anyone really dug into CFE loaders on routers or other devices? I was thinking of playing with a router just for fun but wanted to know any thoughts on this.
I'd be interested if routers tend to have tftp available usually or even pxe boot ability as typical.
I'm taking it you mean small household router/modems, not Cisco routers, which are different animals altogether.
The old approach to routers and that stuff was to use an eprom; That's read only, re-programmable by 21V applied to a PGM pin and erasable by UV. I think I had one in a 2400 bit modem. There is also PROM, which I'm sure is obsolete, i.e. Programmable Read Only Memory. This was because companies had a bottleneck erasing eproms, and PROMs were cheaper to buy and swap; no return needed.
After paying once when the eprom program was hacked, I'm sure everyone switched to battery backed ram or some such. We had several generations of that. The PC motherboard BIOS update is a fairly good way to go; you can't get in online, but there is one well-hidden-never-documented way in locally, which probably changes with every software version. They're all running some embedded OS now, so storage and capabilities are bigger. And instead of replacing eproms, it's 'download this update.' If I was on a router design team, I'd like to make writes to sensitive parts of the system impossible in hardware without user interfacing of some sort.
Still, if you get your hack right you can breach a router OS from online. Making it stick over a reboot is a much bigger hurdle, as there's (or there should be) write protection on the router OS. But competition is a good thing; if everyone had the same router, hacking routers might be worth doing.
I'd be surprised personally if any designs (even cfe) intentionally leave write access open to online attacks. There's far too much respect for hackers achievements to do that. Local network, maybe. The great security advantage of SoC designs is that you can program in your own thoughts in there, and nobody can read them back.
Yes, home router. Actually an rt68u. I used to see burners for eproms all over town, may be some but basically I wanted to get into the cfe only for learning more. I have an older asus router I thought I'd practice on. Brick is OK.
From the online material I've read it seems that many of these routers can be forced into cfe mode but there the options are not clear. I'm not sure if the writer of each device made choices or if other hardware factors come into this.
Just looking for anyone who has worked with cfe. Might have to get on some embedded site.
Another good source of info you mightn't think of would be a datasheet for the particular BCM47XXX chip that's installed. I haven't used CFE, but I have worked extensively with embedded. Apparently most systems using cfe have to use a serial terminal to get in, with Ctrl_C or Escape keys being pressed during power up activate cfe. It sounds like a proper PITA for a one-off. In a factory situation it's fine. Some techie spends a day hacking into his first one, but does 50 the next day.
Here's where the data sheet becomes useful. You can look for various pins of interest, and see where the connections lead. (probably to some on-board socket) Alternatively google a manual for that little box and see what it says. It's a little early to start talking about bricks - we haven't started yet.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.