Hacking TL-MR3020 – Part 2 – Firmware dump over SERIAL
TL-MR3020 Serial Dump over Python Script
This tutorial show, how it is possible to make a firmware dump of the TP-Link TL-MR3020 via a serial connection.
DRAFT!
import serial import time port = serial.Serial("/dev/ttyUSB0", baudrate=115200, timeout=60.0) port.write("\n") time.sleep(1) port.write("root\n") time.sleep(1) port.write("5up\n") time.sleep(1) while True: port.flush() time.sleep(1) f = open("rootfs.img", "w") f.write('') f.close() f = open("rootfs.img", "a") port.write("cat /dev/mtdblock2\n") buffer = '' counter = 0 while True: time.sleep(0.001) bytestoread = port.inWaiting() time.sleep(0.001) counter = counter +1 if bytestoread > 0: counter = 0 print "Bytes to read: " + str(bytestoread), buffer = port.read(bytestoread) print "Read: " + str(buffer) f.write(buffer) time.sleep(0.001) if counter > 1000: if f.tell() > 2000000L: print "Backup finished" while True: pass print "Fatal Error! Size: " + str(f.tell()) + " Bytes" port.write("\x03") time.sleep(1) break
Leave a Reply