Hail habrchane!I have a few old
D-Link DI-524UP H / W Ver .: A1 routers in my workplace, which were produced in
2005-2006 and inherited from the past admin. It is clear that these devices have served their purpose, are outdated both morally and physically and have long been on the shelf, but I was bribed by the fact that this model has a
USB port, and the
Linux operating system is the basis for the firmware.
Unfortunately, the developers of the stock firmware have quite limited the possibilities for working with a
USB port:
DI-524UP does not work with USB modems, flash drives and external HDD drives . Alternative, more functional and modern firmware, such as
OpenWRT or
DD-WRT exist for devices on the same processor as the
DI-524UP - Realtek RTL8650B , but do not support the chip responsible for the operation of
Wi-Fi RTL8185L . The prospect of abandoning the wireless Internet does not suit me, but to deal with the addition of support for
RTL8185L and the complete compilation of
DD-WRT or
OpenWRT for my hardware seemed quite a challenge.
I thought it would be nice to try reworking the stock firmware a bit - add functionality, compile and install separate software packages, how much memory is enough in the device, rebuild the kernel and enable the necessary support for hardware for the
USB port.
')
At the end of
2013 , a
security vulnerability was discovered in some models of D-link routers
- a software tab that allows attackers to gain control of the device. Details
were discussed earlier on Habré. Naturally, in the earlier version v.1.05 of the
firmware from
11/15/2007 and its source
codes from
03/25/2008 and earlier this tab is present.
After the raised noise at the end of
2013 ,
D-Link released firmware updates for
DI-524UP Ax version
v1.08b1 and
v1.08b2 in which it closed the vulnerability. The source code of these firmware manufacturer did not lay out in open access.
Since Since the device kernel includes the
Linux kernel and free software, then under the terms of the
GPL license , the developer must provide their source code at the request of others. I
requested the source code of the firmware
v1.08 on the manufacturer's forum. After some time, there were links to the source
code of the firmware v1.08b2.
After downloading and unpacking the archives, I decided to compare the source codes of versions
v1.05 and
v.1.08 by file . The result I was somewhat puzzled. The differences found are shown below under the spoiler:
Differences in the contents of the archives of the source codes of firmware versions v1.05 and v1.08b2diff -r ./1.05/GPL_Di524up/ ./1.08/GPL_Di524up/
./1.08/GPL_Di524up/: D-Link
./1.08/GPL_Di524up/: GPL
./1.08/GPL_Di524up/: Offer
./1.08/GPL_Di524up/user/goahead-2.1.4: original
diff -r ./1.05/GPL_Di524up/vendors/Realtek/Di524up/Product.mk ./1.08/GPL_Di524up/vendors/Realtek/Di524up/Product.mk
1,2c1,2
< VERSIONPKG = v1.01
< ALPHA_VERSION = v4.0.0b10
---
> VERSIONPKG = v1.08
> ALPHA_VERSION = v5.0.1b02
./1.08/GPL_Di524up/: Written
mips-toolchain:/opt/_compare# ls -la ./1.08/GPL_Di524up/D-Link ./1.08/GPL_Di524up/GPL ./1.08/GPL_Di524up/Offer ./1.08/GPL_Di524up/user/goahead-2.1.4/original ./1.08/GPL_Di524up/Written
-rw-r--r-- 1 root root 0 2014-08-07 12:11 ./1.08/GPL_Di524up/D-Link
-rw-r--r-- 1 root root 0 2014-08-07 12:11 ./1.08/GPL_Di524up/GPL
-rw-r--r-- 1 root root 0 2014-08-07 12:11 ./1.08/GPL_Di524up/Offer
-rw-r--r-- 1 root root 0 2014-08-07 12:11 ./1.08/GPL_Di524up/user/goahead-2.1.4/original
-rw-r--r-- 1 root root 0 2014-08-07 12:11 ./1.08/GPL_Di524up/Written
Thus, the companions developers "cheated" and simply
rewrote in the source code of the firmware the version number from v1.05 (? 1.01) to v.1.08b2 and try to pass them off as the latest version. About these "manipulations" I
asked a question about the technical support of the company D-link.
UPD (12/27/2014) “Source codes of version v1.05” are removed from the
site , submitted a request to restore the source code to the public access of this particular version - v1.05.
UPD2 (01/19/2014) It looks like v1.05 was posted v1.01, so it was removed from the site, moreover, if you look under the spoiler above:
< VERSIONPKG = v1.01
< ALPHA_VERSION = v4.0.0b10
In the code version does not match the stated.
To be continued...