[MLB-WIRELESS] SVEC FD1811 (aka WLAP) Firmware
Dan Flett
conhoolio at hotmail.com
Wed Apr 30 23:34:49 EST 2003
MessageA mate of mine has a super-dooper desoldering tool, but the pins on the flash chip might be a challenge for even that. And how would you go about putting it back on afterwards? Looks like we might have to make a sacrafice at the altar of reverse-engineering. But it may be for the greater good. :)
Tom, I'll keep on trying other methods (including begging the manufacturers) and use your kind offer as a last resort.
BTW I've just done a bit more google research on the WLAP, and man, there's shitloads of rebadged WLAPs out there. Lots of different suppliers, lots of different model numbers. but they all look the same (some are different colours). And they all have exactly the same spec sheet, word for word. Which made them easy to find with google. :) I'll stick a list of all the websites and model numbers on the Wiki entry for the SVEC WLAP when I get a chance. Might help all those people out there with differently badged APs to band together in a reverse-engineering collective.
Dan
----- Original Message -----
From: Tom Parker
To: 'Melbourne Wireless'
Sent: Wednesday, April 30, 2003 7:24 PM
Subject: RE: [MLB-WIRELESS] SVEC FD1811 (aka WLAP) Firmware
Sorry, I looked at the wiki finally. There is an SMD Atmel flash chip in the lower right corner of the image.
I can read this for you, but it will be hard to get off the board (all pins will need to be straight and clean to fit in the programmer).
Cheers,
Tom
----------------------------------
Tom Parker tparker at netspace.net.au
http://www.wiresncode.com/projects
-----Original Message-----
From: owner-melbwireless at wireless.org.au [mailto:owner-melbwireless at wireless.org.au]On Behalf Of Tom Parker
Sent: Wednesday, 30 April 2003 6:51 PM
To: 'Melbourne Wireless'
Subject: RE: [MLB-WIRELESS] SVEC FD1811 (aka WLAP) Firmware
Have you guys opened these up? What kind of chip is the flash chip.
I've got access to gear that can read/write just about any kind of chip/package - but it might in involve some nasty soldering it is SMD.
Cheers,
Tom
----------------------------------
Tom Parker tparker at netspace.net.au
http://www.wiresncode.com/projects
-----Original Message-----
From: owner-melbwireless at wireless.org.au [mailto:owner-melbwireless at wireless.org.au]On Behalf Of Fenn Bailey
Sent: Wednesday, 30 April 2003 12:20 PM
To: 'Melbourne Wireless'
Cc: 'Dan Flett'
Subject: RE: [MLB-WIRELESS] SVEC FD1811 (aka WLAP) Firmware
I had a bit of a play with these (with Jamie's assistance) and basically ran into exactly the same problem.
You can see a bit of a summary here: http://melbourne.wireless.org.au/wiki/?SVECWLAP
By the looks of it, your findings should be added to this.
One of the major issues is that they don't _appear_ to implement standard TFTP - it looks like a slightly whacky variant, which doesn't speak well for it fully implementing TFTP (eg: GET as well as PUT).
The main hurdle is finding a working copy of the firmware. I don't know if you found the same thing, but the ethernet port appears to completely die when you flash them with Linksys firmware, which makes further TFTP flashing somewhat difficult. However, the linksys USB client appears to flash it fine.
The best bet that I can think of is reverse-engineering the USB interface to it (I imagine it would be quite simple) and seeing if you can read the firmware out this way. I have had success doing this sort of thing with DSL modems in the past (albeit via serial ports), but the principle is much the same.
Unfortunately, I don't have the time to fiddle with this at the moment, but if anyone knows of good USB sniffing software, or a good way to do this - it would be most appreciated.
Cheers,
Fenn.
-----Original Message-----
From: owner-melbwireless at wireless.org.au [mailto:owner-melbwireless at wireless.org.au] On Behalf Of Dan Flett
Sent: Wednesday, 30 April 2003 10:52 AM
To: Melbourne Wireless
Subject: [MLB-WIRELESS] SVEC FD1811 (aka WLAP) Firmware
Hi all,
I have a SVEC FD1811 AP which is rather sick since I flashed it with Linksys firmware. So to try to nurse it back to health I've been trying to find any firmware which will make it work again. I've noticed that the SVEC FD1811 has many twin (ie rebadged) brothers sold by different suppliers. But none of them offer a firmware download. The SVEC AP, like many other APs out there (including the Linsys WAP11 v1) uses the Atmel AT76c510 chipset. Today I think I found an important difference between the SVEC and most other 510-based APs.
I found this site:
http://www.toptrend.com.tw/Technical%20support%20for%20WLAN-1.htm
As far as I can tell, Toptrend write the firmware for the Atmel 510-based APs. Most of them have Intersil radio chipsets in them. I guessed this by looking at the firmware version number on the page above. But the SVEC FD1811 (and I assume, all of the rebadged SOHO-WLAPs out there) use RFMD radio chipsets. The version number of the firmware listed on Toptrend's site is the same as what is in my other, still working SVEC AP: V0.0.1.16
So can anyone suggest how I might get a hold of this firmware? It isn't available for download anywhere. SVEC won't send it out. I'm goint to email Toptrend and see if they'll send it to me. Jamie Moir and I have tried to extract the good firmware out of a working SVEC AP using TFTP but with no success. That's not to say it isn't possible though. Is anyone willing to devote a bit of time to tinker with my malfunctioning AP?
Dan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wireless.org.au/pipermail/melbwireless/attachments/20030430/d97a555c/attachment.html>
More information about the Melbwireless
mailing list