Hacking into Conceptronic C54BRS4A router

Conceptronic is selling the C54BRS4A (Atheros Based Wireless Router) for a couple of month’s now. That device should be fully GNU/GPL compliant and therefor Conceptronic has released the SoureCode including Toolchain.

Using alternative configurations / images / firmware with the Conceptronic C54BRS4A should be possible as it is running Linux

Me as nono on Linux took the challenge to see if it was / is possible to create a custome made ‘AroundMyRoom’ firmware version

The steps I followed were:

1. Downloaded the NetInst of Debian (debian-40r1-i386-netinst). Debian is necessary to be able to compile sources. I burned the ISO to a CD-ROM and took an old notebook

2. Intalled Debian on it and installed some additional packages afterwards like MC, some GCC tools, other libs and stuff I saw were necessary to use, the NetInst is simple as it is downloading the content directly from the Internet so no hassle with many CD’s ..

3. after Installation I wgetted the SourceFile from the ftp of Conceptronic. Right now they supply two sourcefiles. I needed both files! especially as 1 file (called: ‘RGDB’) was generating an error and a working was was available in the older sourcefile (sigh.. )

4. After the Tar -xvzf [sourcefile] I read the included readme document and followed the guidelines. (C54BRS4A.GPL.readme.txt)

5. The process is clean and simple and if found any error (I found 2) it could be easily fixed

start with:
1. Building the toolchain
 ~# ./build_tool_chain.sh
Select: Generic (MIPS I) (CONFIG_MIPS_ISA_1) and keep the rest default

check the output and if found any error it must be your system missing some special tools (Bison etc.. )

2. Building the image
 ~# source ./setupenv
 ~# make
 ~# make
 ~# make
  You are going to build the f/w images.
  Both the release and tftp images will be generated.
  Do you want to rebuild the linux kernel ? (yes/no) : yes
Issues I found:

in folder: c54brs4a/tools/../rgdb the rgdb file creates a segmentation fault when called through the make process. If you download the first gnu/gpl and take the same file the size is different and replacing the exiting rgdb executable for the other one it works ..

in folder: c54brs4a/templates/../c54br4s4a/ the file gendef.sh was creating a make error due to a missing DDNS statement, when commenting out: issue solved. It seems not to affect the creation of the firmware ..
And finally your system will create the firmware files.. Upgrade through the webinterface and you can have your modified firmware .. Hey .. that is what geeks want .. !

If I have some time left tomorrow I will make some internal images ;-)

13 thoughts on “Hacking into Conceptronic C54BRS4A router

  1. nunzi00 says:

    Hi, I have read your article. But I would like to known, what are the firmware avalaibles for this router.

    A lot of thanks, and excuse me by my english.

  2. nunzi00 says:

    In the article said :
    Using alternative configurations / images / firmware with the Conceptronic C54BRS4A should be possible as it is running Linux

    I was to knwn what are those images / configurations / firmware?

    Thanks a lot.

  3. what they are is just the Linux stuff I refer to and if you have the toolchain, the sourcecode, you can modify stuff you want and create your own firmware file

  4. hongo says:

    Hi there,

    Do you think if would be possible make a firmware with openVPN server included?
    I dont know if can be performance issues…

    Thkx in advance!

  5. hongo says:

    Hello again!

    Well, before try ( im building the chain with default source and without problem ) something i think important… hehe if i build a bad custom firmware ( im trying to explain you with this damn english, sorry :P ), Is there anyway to restore original firmware? Or it will be a 50€ brick?

    Next ( abusing? ), once built chain, if i put openssh source inside c54brs4a_v1.01/progs.gpl, it “auto compile” inside firmware when make?
    And how will run service in next reboot (there is not web interface for management! )??

    Thanks a lot. XD

  6. hongo, there is a kind of tftp fix option when making a wrong firmware, but to be honest, I only created and uploaded a default one ..

    Good luck !

  7. This router is so tricky!

    I’d like too to rebuild the firmware but I’m facing some trouble/doubts:

    -To be honest, I’m scared of spoiling it

    -I got the Live-CD… 501-i386 Not the version you used, I guess it will work fine.. or not?

    -Logging is buggy. Could it be related with the amount of RAM? Could I improve it by making a smaller kernel?

    -They are not provding the latets sources (as for now, version 2.02). I’d like to try using them, not the ancient sources that they provide.

    -First thing (actually the only one) I’d like to change is the default user “admin”. Do you think I could edit somehow a compiled firmware with no need to buil it from sources?

    Thank you in advance, even more if you are willing to answer to all my dumb questions :)

    Hongo: ¿¿¿lo has conseguido??? Si es así cuéntame por correo, por favor.

  8. Thank you for your response.

    Mine is version 1 but I’m not that sure that the sources are updated for this model. Anyway, I think I will not try as for now. Too risky, maybe it is a one-time shot and if something goes wong…

    What I found is a workaround for the logging issue: somehow, this router seems to fail when there is traffic in excess. I’ve turned off Bittorrent and Ares while still running Frostwire and e/aMule (with conexions limited to 200) and now false positives reported as attacks have dissapeared.

    For the only-admin user issue I’m afraid I still would need to build the firmware from sources (am I wrong?). What I’ve done is trying to fool attackers by spanning “fake login pages” through some other open ports. If anyone interested, please contact me by email (DO NOT try to download it by yourself or I’ll log and report your IP as a dangerous one).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.