LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Hardware > Linux - Embedded & Single-board computer
User Name
Password
Linux - Embedded & Single-board computer This forum is for the discussion of Linux on both embedded devices and single-board computers (such as the Raspberry Pi, BeagleBoard and PandaBoard). Discussions involving Arduino, plug computers and other micro-controller like devices are also welcome.

Notices


Reply
  Search this Thread
Old 11-09-2017, 03:40 PM   #1
jefro
Moderator
 
Registered: Mar 2008
Posts: 18,639

Rep: Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789
CFE question


Has anyone really dug into CFE loaders on routers or other devices? I was thinking of playing with a router just for fun but wanted to know any thoughts on this.

I'd be interested if routers tend to have tftp available usually or even pxe boot ability as typical.

Thanks.

May have to ask on embedded site too I guess.
 
Old 11-11-2017, 11:34 AM   #2
business_kid
LQ Guru
 
Registered: Jan 2006
Location: Ireland
Distribution: Slackware & Android
Posts: 9,566

Rep: Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997
I'm taking it you mean small household router/modems, not Cisco routers, which are different animals altogether.

The old approach to routers and that stuff was to use an eprom; That's read only, re-programmable by 21V applied to a PGM pin and erasable by UV. I think I had one in a 2400 bit modem. There is also PROM, which I'm sure is obsolete, i.e. Programmable Read Only Memory. This was because companies had a bottleneck erasing eproms, and PROMs were cheaper to buy and swap; no return needed.

After paying once when the eprom program was hacked, I'm sure everyone switched to battery backed ram or some such. We had several generations of that. The PC motherboard BIOS update is a fairly good way to go; you can't get in online, but there is one well-hidden-never-documented way in locally, which probably changes with every software version. They're all running some embedded OS now, so storage and capabilities are bigger. And instead of replacing eproms, it's 'download this update.' If I was on a router design team, I'd like to make writes to sensitive parts of the system impossible in hardware without user interfacing of some sort.

Still, if you get your hack right you can breach a router OS from online. Making it stick over a reboot is a much bigger hurdle, as there's (or there should be) write protection on the router OS. But competition is a good thing; if everyone had the same router, hacking routers might be worth doing.

I'd be surprised personally if any designs (even cfe) intentionally leave write access open to online attacks. There's far too much respect for hackers achievements to do that. Local network, maybe. The great security advantage of SoC designs is that you can program in your own thoughts in there, and nobody can read them back.
 
Old 11-11-2017, 03:34 PM   #3
jefro
Moderator
 
Registered: Mar 2008
Posts: 18,639

Original Poster
Rep: Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789
Thanks for the reply.

Yes, home router. Actually an rt68u. I used to see burners for eproms all over town, may be some but basically I wanted to get into the cfe only for learning more. I have an older asus router I thought I'd practice on. Brick is OK.

From the online material I've read it seems that many of these routers can be forced into cfe mode but there the options are not clear. I'm not sure if the writer of each device made choices or if other hardware factors come into this.

Just looking for anyone who has worked with cfe. Might have to get on some embedded site.
 
Old 11-12-2017, 05:17 AM   #4
business_kid
LQ Guru
 
Registered: Jan 2006
Location: Ireland
Distribution: Slackware & Android
Posts: 9,566

Rep: Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997Reputation: 997
You're right, there's a lot of available options to manufacturers. I presume you read the basic stuff
https://wiki.openwrt.org/doc/techref/bootloader/cfe
http://melbourne.wireless.org.au/files/wrt54/cfe.pdf

Another good source of info you mightn't think of would be a datasheet for the particular BCM47XXX chip that's installed. I haven't used CFE, but I have worked extensively with embedded. Apparently most systems using cfe have to use a serial terminal to get in, with Ctrl_C or Escape keys being pressed during power up activate cfe. It sounds like a proper PITA for a one-off. In a factory situation it's fine. Some techie spends a day hacking into his first one, but does 50 the next day.

Here's where the data sheet becomes useful. You can look for various pins of interest, and see where the connections lead. (probably to some on-board socket) Alternatively google a manual for that little box and see what it says. It's a little early to start talking about bricks - we haven't started yet.
 
Old 11-13-2017, 06:40 PM   #5
jefro
Moderator
 
Registered: Mar 2008
Posts: 18,639

Original Poster
Rep: Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789Reputation: 2789
Thanks, maybe I'll wait until I get more info about this.

Yes, did see those. They were a good place to start.

Might break into it just to see where the serial connection may need to be soldered to. Doubt it is there.

Guess I'll mark this solved.

Thanks again.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] GPL question (Version 2, June 1991) - physical media availability question LicenseQuestions Linux - Newbie 1 12-01-2012 07:34 PM
basic html question - download link to files on my webpage question Davno Linux - Server 5 12-25-2009 08:24 AM
linux distro question & mysql install question natalie.aloi Linux - Newbie 5 07-19-2009 09:28 PM
Question, Apples Contribution to Open Source + MacOs file structure question Higgy3k Other *NIX 5 07-25-2005 05:23 AM
Not your regular GRUB question - just a short question for a fried MBR!! ziphem Linux - General 3 01-31-2005 02:51 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Hardware > Linux - Embedded & Single-board computer

All times are GMT -5. The time now is 05:32 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration