Comments (4)
petervans2077
commented on June 16, 2024
firmware version is miwifi_r4a_firmware_51508_2.28.38.bin,whose md5 matches the one you show in README.md
from openwrtinvasion.
petervans2077
commented on June 16, 2024
exploit script version is the latest
from openwrtinvasion.
acecilia
commented on June 16, 2024
I do have two xiaomi 4A gigabit routers and I can exploit without any issue. Most probably your network configuration is too complex. Try a simple network configuration or use exploit version 0.0.1. Please read the readme and other issues in this repository to see how other people solved it
from openwrtinvasion.
xvoidnessx
commented on June 16, 2024
Hey primelyw,
I had your issue and managed to solve it.
I am doing this in a vm, and it looked like that I must access the router 192.168.31.1 from within the VM to obtain the correct STOK, it looks like the router is returning a different stok for different client, so if you are not accessing it from where you are flashing you wont have the correct STOK, also dont forget to have internet ON.
You can un-comment 2 lines in the script to get more verbose output status of the codes execution, the script is trying to upload a payload to the router and then execute it to start up the services,
I would highly recommend we turn these on by default, because the script just assume the code always get executed correctly which is not always true.
Remove the # infront of the 2 lines as below to get a more verbose output.
Line 69: print(r1.text)
Line 78: print(r2.text)
Wrong STOK payload didnt get executed hence cant telnet
Router IP address [press enter for using the default 192.168.31.1]: 192.168.31.1
stok: b041deacfad1569c57cab738d27b7135
router_ip_address: 192.168.31.1
stok: b041deacfad1569c57cab738d27b7135
start uploading config file...
{"code":401,"msg":"Invalid token"}
start exec command...
{"code":401,"msg":"Invalid token"}
done! Now you can connect to the router using several options: (user: root, password: root)
- telnet 192.168.31.1
- ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc -o UserKnownHostsFile=/dev/null [email protected]
this one is correct stok, you can see a different message, and the services are open for connections
Router IP address [press enter for using the default 192.168.31.1]: 192.168.31.1
stok: 2068901f541fd8255afabec832ea4d76
router_ip_address: 192.168.31.1
stok: 2068901f541fd8255afabec832ea4d76
start uploading config file...
{"code":1629,"msg":"解压失败,可能文件已经损坏"}
start exec command...
{"download":72.33,"bandwidth":0.57,"code":0}
done! Now you can connect to the router using several options: (user: root, password: root)
- telnet 192.168.31.1
- ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -c 3des-cbc -o UserKnownHostsFile=/dev/null [email protected]
- ftp: using a program like cyberduck
from openwrtinvasion.
Related Issues (20)
- where can i find the indian rom for this router? HOT 8
- Is there a way to downgrade from 2.30.500 rom
- 4C
- The green hand give up. Connection Refused. HOT 1
- Couldn't unzip, the file is corrupt on v3.2.13 - mi router 4c HOT 2
- cannot flash Mi Router 4A (non gigabit) | MiWiFi Release 3.0.10 HOT 2
- Cannot flash OpenWRT on Mi Router 4A 100M (Chinese version) firmware 2.28.62 HOT 1
- Doesn't work on the Mi Router 4A(gigabit) (Chinese version) which is using latest firmware(2.30.28) HOT 1
- MI Router 4A (Gigabytes) Version 2.30.500 is not supported HOT 3
- Xiaomi Router 3 Pro (R3P)
- stock after flash HOT 1
- Feature: Mark {"code":1629,"msg":"Unpacking failed. The file may be damaged"} as expected error HOT 2
- Download instead of clone
- Sharing my experience on success invasion
- Warning: the process has finished, but seems like ssh connection to the router is not working as expected. HOT 6
- Successful invasion on 4c 3.0.45 HOT 2
- ROM file replacement
- Not working with firmware 2.30.500 ( Xiaomi Mi Router 4A Gigabit Edition - chinese version 2023.11 ) HOT 1
- Debricking Xiaomi Mi Router 4A Gigabit Edition
- Xiaomi Router 4A Gigabit Edition fails to SSH HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from openwrtinvasion.