Hacking Agestar NCB3AST: Day 2

The first thing that I want to do today is to unbrick my NCB3AST. To unbrick it, I need to have a RS232 TTL converter. After waking up late, and doing some other weekend business, I went to Icon in Chiang Mai. I bought a data cable for Alcatel 511 (actually almost any data cable that isn’t mini USB would be fine, this is the one that I found), and after looking around, I found the schematics for the data cable. It helps me to decide where should I connect each cable guided by the close up photo from Chris.

I still doesn’t understand why my new image won’t boot, it always stops with:

undefined instruction
pc : [<00500004>]    lr : [<0d05ae60>]
sp : 0d05af00  ip : 00500000  fp : 0cf00000
r10: e8bd0070  r9 : 00000000  r8 : 00000108
r7 : 00613226  r6 : 00900000  r5 : 54420005  r4 : 00000004
r3 : 0cf00000  r2 : 0003a530  r1 : 00000001  r0 : 0003a7d4
Flags: nZcv  IRQs off  FIQs off  Mode SVC_32

The default boot command is

cp.l 0x10020000 0xcf00000 0x1f0000;go cf00000

After quite a long time, I realized that if i just type:

go 0x10020000

The kernel will be loaded just fine. I don’t understand why the firmware won’t work when the kernel is copied to cf00000 and then booted. If i have a debugger, then this memory debugging stuff can be much easier to solve.

After the device can be booted, I decided to reflash it with the original firmware. I spent most of the time after that to:

  1. Learn about armboot (I will write about this tomorrow).
  2. Setup tftp server (atftpd, advanced tftpd) on my WRT54GL
  3. Build and compile the Linux kernel from WRVS440N
  4. Learn to load kernel from tftp

The results are:

  1. I understand most of armboot’s command
  2. I have a tftp server up and running
  3. I can configure and compile 2.4.27 kernel
  4. I can boot the kernel for star 9109. Everything seems to be working fine (except the network interface, it was detected, but I can’t connect to anywhere, but I need to check further).

 

I still haven’t been able to create completely new firmware. My next plan is:

  1. To compile a completely new kernel, and merge it with existing initrd
  2. Modify initrd so I can add new stuff

On the next posts I will write more instruction on how to connect to serial port and to use armboot.

Leave a Reply

Your email address will not be published.