Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
×
Wireless Networking Software Hardware Linux

Hacking Samsung 4510-Based APs 110

zoobab writes "Some belgian linux hackers met this week-end to hack some wireless access points based on the samsung4510 chip. They have succeeded in compiling and booting a uClinux kernel on a Dlink 614ap+, which is equipped with the infamous acx100 wireless chipset. There's still some work to do, but if you want to help, open your 22mbps AP and try to built your own JTAG adaptator to get access to the flash..."
This discussion has been archived. No new comments can be posted.

Hacking Samsung 4510-Based APs

Comments Filter:
  • Minitar too (Score:5, Interesting)

    by Anonymous Coward on Sunday November 02, 2003 @07:59PM (#7374586)
    The new Minitar (www.minitar.com) access point runs Linux. It uses the Realtek RTL8181 SoC (it's MIPS based) and if you look in the Minitar forum you will find the link for the source code. Unfortunately the good stuff such as the wireless core driver is in binary form only. Hopefully this will change soon.
    • Minitar Have been extremely helpful going to realtek multiple times on behalf of those requesting source..

      For those who are interested here are the vital stats:

      • 200mhz MIPS r3k
      • 2meg of flash rom
      • 8meg of ram
      • 2.4.18
      • Busybox

      Minitar's forums [minitar.com] have a bunch of usefull information. The Melbourne wireless wiki [wireless.org.au] has a bunch of info about it. including boot logs and diagrams for building the serial cable.

  • by savaget ( 26702 ) on Sunday November 02, 2003 @08:02PM (#7374601)
    The Linksys WRT54G runs on Linux. a lot of hacking done on them. some have even boosted its power output by send it command through its ping utility.
  • gotta say (Score:5, Interesting)

    by aminorex ( 141494 ) on Sunday November 02, 2003 @08:05PM (#7374612) Homepage Journal
    THIS is the kind of article that I started
    reading slashdot for, pre-dotcom.

    YuGo, girl.
  • by the man with the pla ( 710711 ) on Sunday November 02, 2003 @08:16PM (#7374663)
    Very quickly I wish to say thank you to these hackers and similar programmers working on extending hardwares beyond original manufacturer intentions. I run a small business in India selling computer components. Many times, I am able to get much more out of inexpensive hardware due to peoples projects. In the developing world we simply cannot afford the high prices manufacturers are charging for certain equipment, but with these projects we are able to succeed. Many thanks. Rushabh.
    • You make no sense. If you can't afford the equipment, how will the programmers' work help you? It sounds as if all they needed was perserverence and intelligence, not any specialized hardware besides the target platform.
  • is the Beowulf cluster due?!?!?! ;)
  • wow (Score:3, Informative)

    by loraksus ( 171574 ) on Sunday November 02, 2003 @08:22PM (#7374698) Homepage
    A 614+ is like $25 AR, the radio and antennas in it sucks but for the money it really can't be beat . . . This is quite cool.
  • by revmoo ( 652952 ) <<slashdot> <at> <meep.ws>> on Sunday November 02, 2003 @08:27PM (#7374718) Homepage Journal
    I've been playing around with the firmware on my (non-linux) Linksys BEFW11S4 Acess point(the WAP/router one), but I've run into an issue where, apparently there is a checksum on the firmware image files, and it cannot thus be changed without also changing the checksum to match your changes.

    Unfortunatly, I'm not leet hax0r, so I have no idea how to find the checksum in a hex editor, anyone have an idea where it would be?(yeah I've checked the first and last bits of the file.)
    • Unfortunatly, I'm not leet hax0r, so I have no idea how to find the checksum in a hex editor, anyone have an idea where it would be?

      I have no idea specifically what's in the befw11s4, but the best place to start reverse engineering any firmware image is to first assume that the uploaded image has some sort of "filesystem" format.

      i.e. there are likely to be a few sections - the main firmware, perhaps another firmware image to be loaded onto the wireless chipset, .gif and .html files for the embedded web s
    • Someone figured out that the firmware for that unit is compressed in ARJ format. That may help.

      Those boxes have an annoying reputation for crashing under heavy load.

  • Why? (Score:2, Insightful)

    by tintruder ( 578375 )
    Though the portability of Linux is cook, one must ask why is there such an effort to install Linux on every possible device?

    Especially since virtually all such efforts result in a device less flexible, less reliable and harder to use than the original. (XBox?)

    Perhaps combining these various pools of skill (which I do not minimalize or trivialize for a moment) and supporting some real helpful and Linux-promoting projects would be a better use of resources?

    For instance, if Linux is to be a real competit

    • by twitter ( 104583 ) on Sunday November 02, 2003 @09:03PM (#7374881) Homepage Journal
      Though the portability of Linux is cook, one must ask why is there such an effort to install Linux on every possible device?

      A cook is nice. Cookbooks are better.

      People make free drivers because the stupid devices are everwhere but limited by software. It takes lots of capital to make semiconductor devices, so there are only a few companies that do. Because of this, almost all hardware uses one of a dozen chipsets made for that kind of device. This is why Knoppix fits on a single CD and recognizes thousands of devices. Once you get a free driver, many devices can be used and you don't have to go out and buy a new one because the vendor does not make a non-free driver for the next eXPensive OS from M$. There are enough people interested in free drivers to get them. The pace is picking up and the quality is very impressive. Device drivers are a showcase of the effieciency of free software development. Everyone wins when a device driver comes out.

      Especially since virtually all such efforts result in a device less flexible, less reliable and harder to use than the original. (XBox?)

      Now you are a real troll. Obviously an Xbox that both runs M$'s games AND free software is more felxible than an Xbox that only plays M$ games.

      Usability based on installability is the achilles heel of Linux for the masses.

      So is the ignorance you display, except it's much easier to hit than a tendon.

      installing Linux by destroying a perfectly good AP is no more useful than installing it on a stapler.

      A stapler does not do iptables, run configuration utilities over a web server or act as a meshpoint. More importantly, your stapler won't tell other people about your bank account, herpese medication and other stuff most people would like to keep to themselves.

      Right now, a typical PC user without Linux is like an Astronaut without an accordian.

      A typical comercial software user is much like a typical free software user, except they are $400 poorer, have no privacy, suffer frequent crashes, and have to buy all new hardware every three years. Oh wait, that's nothing like the typical Linux user.

      t intruder, you don't get paid enough to write such drivel but you are not worth what you are paid.

      • Now you are a real troll. Obviously an Xbox that both runs M$'s games AND free software is more felxible than an Xbox that only plays M$ games.

        Except they don't. You either do the software mod, and fool around with finding the appropriate cables, a copy of Mechassault, etc etc, put the modifications together, and then you can't access the XBox live settings pane anymore ( oops! ).

        Or, you modchip the console, and unless you buy a fancy-pants switching one, you can't use access the XBox live service anymor

        • then you can't access the XBox live settings pane anymore ( oops! ).

          Free software won't keep you from Xbox Live, Microsoft will. They will kick you off Microsoft live if they detect mods of any type. Non free software is like that, oops. Go buy a Play Station instead of a M$ gimped, 700MHz PeeeCeeee if you really want to play games. Sony does a better job at Linux too, Go figure.

          • Free software won't keep you from Xbox Live, Microsoft will. They will kick you off Microsoft live if they detect mods of any type. Non free software is like that, oops. Go buy a Play Station instead of a M$ gimped, 700MHz PeeeCeeee if you really want to play games. Sony does a better job at Linux too, Go figure.

            I detect something of a double standard here. Sony are also not enamoured of people modifying their consoles, and like to sue people who get involved with such things. Microsoft makes a passable

        • I doubt you can get a modchip today which doesn't have an on/off switch. And even if it doesn't have that you can always install one yourself.

          And for me a modded XBox is a lot more useful than an unmodded one. Being able to stream video and audio to it is a feature I use a lot. More than playing games even.
      • Go back to Redmond, troll

        The man was talking about how we can make Linux more accessible to people who don't know much about how a pc works. He seems to be someone who likes the Open-Source Project as much as me, or you, or the next guy.
        I don't fully agree with him either. Hey, if you like the idea of running Linux on everything around you, nothing stops you from trying it, right? (except for that evil DMCA mb) However, because you seem to see everything black-white ('us' vs. 'them'), you wrongfully cla
        • This is very true, the more hardware is supported by Linux the better.

          An unfortunate problem with this sometimes is striking a balance between the communities desire for freedom and legal compliance. Nowhere is this more apparent than when dealing with wifi cards.

          Laws about permissable signal strength and which wavelengths are unregulated vary quite a bit from country to country ( for example, if memory serves correctly, Japan has 802.11b bands up to 13, while Australia only goes up to 10 ).

          Making diffe

          • (great-great-grandparent poster:)

            Perhaps combining these various pools of skill (which I do not minimalize or trivialize for a moment) and supporting some real helpful and Linux-promoting projects would be a better use of resources?

            For instance, if Linux is to be a real competitor to Windows, how about using these skills to build simple distros and simple methods of installing and uninstalling apps on them that do not require arcane command line utilities and other tasks. Just insert the CD or click

    • Installing Linux on your iPod might result in a crippled showthing but broadband routers is another thing.

      Cheap hardware - even if you get network card, a bootdisk and an old 486 in a dumpster it's going to be a pretty clumsy server...

      Manufacturer independence - an independent firmware might protect us from sofware dowgrading [embedded.com] and value-added upgrades to a more expensive router with the same hardware.

      Useful purposes - two ethernet ports and a soldered on a serial port and some i/o would for example enable
  • Thank you teh h2k3rs (Score:1, Interesting)

    by Anonymous Coward
    Very quickly I wish to say thank you to these hackers and similar programmers working on extending hardwares beyond original manufacturer intentions. I run a small business in India selling computer components. Many times, I am able to get much more out of inexpensive hardware due to peoples projects. In the developing world we simply cannot afford the high prices manufacturers are charging for certain equipment, but with these projects we are able to succeed. Many thanks. Rushabh.
  • by Anonymous Coward on Sunday November 02, 2003 @08:49PM (#7374820)

    JTAG adaptator

    Is that like Tator Tots? Say, I'm hungry.

    /me heads to kitchen for some overprocessed potato goodness.

  • For the uninformed (Score:4, Interesting)

    by Clockwurk ( 577966 ) on Sunday November 02, 2003 @08:59PM (#7374866) Homepage
    Dlink 614ap+, which is equipped with the infamous acx100 wireless chipset.

    I have this router (and I have been nothing but pleased with it), and would like to know why the acx100 chipset is considered infamous. It seems to function correctly and the 22Mbps is a nice bonus when used with the compliant cards. Where (or rather what)'s the beef?
    • by Anonymous Coward
      Lack of Linux support from TI.

      Not to mention, that seems like even the drivers for my XP machine, are crap. BSOD and other weird behaviour. Speed is good, when you can actually get it to work.

      I'd love it if it was opened up, then maybe some real programmers could make it work better. As it stands now, I get rid of my 650+ and go back to reliable old Orinoco card.
    • by Anonymous Coward on Sunday November 02, 2003 @09:30PM (#7375000)
      the acx100 chipset is considered infamous because of texas instruments' refusal to provide documentation for open source drivers (remember that this chipset is used both in APs/Routers and NICs).......anyway despite their refusal to cooperate the people over at acx100.sf.net have manage to create drivers anyway

      btw...i have to mention that i love the acx100 with its support for 256bit encryption and 802.11b+ (@ 22 mbps).........i think that there is also a low power version of the chipset in development..........

      heres hoping that this project can give me a little more flexibility for my D-link 650+ (unfortunately using the 256bit encryption breaks compatibility with anything but acx100 equiped computers)
    • Other posters have touched upon this, but let me state this in another fashion:

      Try explaining to your friends how great Linux is to run, when you have to boot into Windows just to use your wireless card.

      Then perhaps you'll understand why it's "infamous".

      All my Windows-loving friends still laugh at me because I can't yet convert my laptop to 100% Linux. Sure, I could buy new hardware, but that's missing the point.
  • by Anonymous Coward
    I am reading this through one of these, and as soon as I started clicking on the assosciated links, my connection dropped out.


    It must be able to read html and determine I want to give it a brain transplant.

  • by Jim Buzbee ( 517 ) on Sunday November 02, 2003 @09:36PM (#7375034) Homepage
    In a related note, Linksys/Broadcom have released source code and the toolchain used in the wrt54g access point. They even have instructions on how to build your own firmware.

    Everything you need to build your own firmware is available in version 1.42.2 [linksys.com]

    Note that my wrt54g linux distribution [batbox.org] won't work with version 1.42.2 unless your modify the firmware to re-enable the wrt54g "ping hack"
  • Sigh (Score:2, Funny)

    This is one of those articles on slashdot that I wish I knew what it was talking about. I only understood "wireless" and "the" in the description. I'll keep reading.
    • Re:Sigh (Score:4, Informative)

      by doug363 ( 256267 ) on Monday November 03, 2003 @12:55AM (#7375770)
      Translation:

      Some Belgian Linux programmers ("hackers" because they have worked out how to get hardware to do things other than what it was intended to) met this week-end to get Linux running on DLink 614ap+ wireless networking access points (the little receivers that act like hubs or swtiches for wireless networks). (DLink is the brand, and 614ap+ is the model.) These access points have CPUs in them to handle configuration tasks and whatnot. The CPU in these particular access points was the Samsung 4510 chip. They have compiled and run a specialized, stripped down version of Linux called "uClinux" (the uC is an abbreviation of "microcontroller"; the micro symbol looks like a "u") on the microcontroller in the access point.

      The access points also contain a Texas Instruments ACX100 wireless chipset, which does the signal processing necessary for the 802.11b protocol that the device supports. The ACX100 also allows devices to communicate at 22mbps with other wireless network cards or access points that use the ACX100, using a proprietary method. This chipset has caused headaches for Linux users (PC Linux users) who own wireless networking cards that use this chipset, because Texas Instruments haven't released documentation on how the chipset works. This makes writing a device driver difficult, and so Linux users can't use wireless networking if they own a wireless network card based on these chipsets.

      There's still some work to do. (I think they mean that they haven't worked out how to use the ACX100 from the microcontroller.) If you want to help, and you've got one of these access points (i.e. it says it supports 22mbps and 802.11b), open up your access point. Once it is open, build a JTAG adaptor (JTAG is a protocol that is used to communicate with embedded microcontrollers and programmable hardware). Get your JTAG adaptor to plug into your PC (probably via a serial or parallel port) and read or re-write the flash memory (i.e. the memory where the program code that runs on the microcontroller is stored). If you can read the memory, sending the memory contents to these people might help them understand how the ACX100 works in more detail. I doubt you'd want to re-write the memory unless you're testing code with them and you're willing to end up with a useless brick instead of a wireless access point. From their screenshots, they have written a bootloader that they write to the access point's flash memory. The bootloader downloads uCLinux from one of the computers plugged into it (i.e. normal wired ethernet), and runs it.

  • A similar article is in 2600 as well. :)
  • Er, but why am I doing this again?

    I understand it's good for other people to do this since it'd help them learn more about the chipset and make drivers, but can anyone tell me if there's a reason for me, Joe-User, to want to do this today?

    I tried browsing the site/forums to see what advantages might be there, but I couldn't seem to get to any of them.

    So, does anyone know what advantages I can gain with what's been done today by having some fun with another 614+? (not trolling here, I like it when there
  • OpenAP - http://opensource.instant802.com/ is another Open Source Access Point project

    Also, Intersil Prism2 PCI (not PCMCIA) cards allow the host to act as an access point.

    See http://www.hpl.hp.com/personal/Jean_Tourrilhes/Lin ux/Linux.Wireless.drivers.802.11b.html#Prism2-host AP
  • I know that such projects are quite good if you really want to understand hardware and maybe write drivers for such devices to work on you favorite Operating systems, but I am an embedded developer myself and he point is that in case you need to do something like this, as in you can't make it work with you r computer without reverse engineering the device, such projects make a lot of sense. Otherwise it is fairly simple for a device manufacturer to simply burn the JTAG pins. Only thing they need to do is to
    • Maybe you can answer a question, since you work in "the industry".

      Why are hardware manufacturers so protective of their firmware and so often against hackers and projects like these? Why burn your chips so they can't be reprogrammed by outside parties?

      Here's why I'm puzzled about this. Hardware manufacturers make money by selling their hardware. The software is pretty much just overhead, something they're required to make, but it's not what they actually sell. If your product gets a reputation for being e
      • Lol, well mostly they are stupid :-) But many times we develop some inhouse hardware, especially in the area of RF chips. The hardware could be really stupid but the point is that at the time it is developed, the competitors haven't thought about it as yet. And RF chips are relatively easy to reverse engineer (hardware design vise) once you know the instruction set. That is one of the biggest reasons of this secrecy. Mostly you can get away with getting the patents for such a thing but sometimes it is not
  • by Anonymous Coward
    Boy, am I happy to see that these guys are worried about current! The use of 1/2 watt resistors and 14 gauge wire should make their JTAG "adaptator" much much safer!

    [sarcasm off]
    • Hey !! I did build those JTAG adaptators you see on the pictures: the 0.75 mm wires were all i had at the time of building those things. :-)

      Concerning the 1/2 watt resistors, i didn't buy the parts. I knew that even 1/8 watt would have been fine.
  • Interesting...

    The JTAG (IEEE1149.1) standard was designed for on board and in-circuit testability. As such, there is the ability to access internal registers on and IC equiped with a 4 wire JTAG tap port (TDI/TDO/TCK/TMS).

    If there is documentation available, the JTAG port is a terrific way to access internal registers on an IC. If there is no documentation then it is a tremendious reverse engineering effort, but with a PC, and lots of time, one could couple a 4 wire JTAG port, write data to regi

  • We didn' reflash those routers with Linux just for fun, we have a clear goal: having a cheap and reliable wireless node for use within a mesh network , a footprint small enough so you can easily put it on a building roof and hardware that does not consume a lot of power so you can power it from small batteries or solar cells. Good luck doing the same thing with classical desktop hardware !!

    We also want to use a dynamic routing protocol such as AODV [aodv.org] or ZRP [boun.edu.tr] and make those things IPv6 ready.

    If you can fi

Hackers are just a migratory lifeform with a tropism for computers.

Working...