i moded openwrt default .trx firmware (inserted first few bits before HDR0 from original firm) for trendnet 410apb+ but it gives me --You cannot downgrade the firmware-- message now. if the version number would be changed, would it work then?

here's the stuff:

.K!¥Ç..HDR0. ..2...........Ø....ä...‹........¡VAl.i.þüÏ$qÒ¸L.·¹–ª¹¿¾8V³ YÖ*YÉ.?í®rè!¤=ô...   <-moded firmware
.K!¥Ç..HDR0.P..§.¬ ........èg.......‹..:.«A..piggy.ì|.t.W•æíª–Ô¶•¸ôc»c+q·Uj)®à´A.m¦JKN...  <-trendnet original/works

does it lead somewhere? is it possible to put the version info from original firm to moded one?
sorry for the question if it's stupid.

I used to try something like that with RC3.
I can't remember what i changed inside the firmware headers to make it work but you could try this:
open the webpage http:/<ip of ap>/Debug_command_page.asp

#enable bootwait

nvram set boot_wait=on

#disable firmware header checking

nvram set chk_fw_hdr=Disabled

#save changes

nvram commit

reboot the ap

try to upload via tftp the modded firmware.

there's a tutorial on the wiki page

if firmware header is disabled you should be able to upload the original openwrt trx image also.

please let me know if it worked.

as an alternative you could mangle the headers but it requires some documentation on
the trx firmware headers, but should work.
basically you should change bits that are used for firmware version checking.
be aware of CRC

Cheers,
Jx

thx for the info.

now, when i try to open Debug_command_page.asp i get the blank page!?

and yes, i know there should be changed bits that contain version info. maybe someone has header editing tools installed on linux machine and could maybe try to mod this firmware version bits? there's a tool out there. i red about it.

cheers

(Last edited by clicker on 6 Apr 2007, 12:14)

I'm really sorry for misleading you there, the web link was for another hardware from linksys i think.
In my defense I can only say it was a long time ago when I used the TEW-410 hardware.
I'll get my hands on it in a few days and try to help you out.

In the mean time you can try https://developer.berlios.de/projects/firmwaremodkit/

With a serial console it would be a lot easier to change firmware on the AP.

Cheers,
Jx

There's a version number as part of the trx image header; change it.

(trx util in the openwrt sources)

it was a long time since i posted my first question and the thing is; i don't posses the hardware anymore.

BUT, i'm willing to try this firmwaremodkit tool and if there will be luck we shoud have working firm maybe. soon.

edit: mbm, which trx tool from sources?

(Last edited by clicker on 14 Aug 2007, 12:56)

i'm able to create trx image file HEADER but i need to investigate a little bit more.

how can i determine how long is my trx image file? for ex. so it would bi in 0x5A0000 format?

cheers

edit: for now i managed to put this together. maybe it's working. can anyone test it?

http://files-upload.com/files/434124/op … fs_mod.trx <-- mod 1
http://files-upload.com/files/434132/op … _mod_1.trx <-- mod 2

mod 1 & mod 2 -- difference is only in few last bytes.

(Last edited by clicker on 14 Aug 2007, 15:54)

Hi

I managed to obtain an TEW-410APB+

here's what you got to do:

reset to factory defaults

open http://192.168.1.250/fw-conf.asp

select Disabled for "DownGrade Header" and "Firmware Header" and hit Apply

then you can upload a openwrt image via web-interface

It worked with openwrt-brcm-2.4-squashfs.trx / size 1.548.288 bytes

Cheers,

Jx

i'm glad it happened.

best luck in further researches.

cheers.