Extreme Hack That Got Much Worse After Reflashing

[Tech9]

The most extreme hack in this thread is... the advertisement. It tricked someone claiming years of experience in IT.

 

[Viktor Jaep]

The most extreme hack in this thread is... the advertisement. It tricked someone claiming years of experience in IT.

I can't remember the last time I clicked on an ad... and if I did, it would have been purely accidental. But thanks to all this fancy DNS blocking I've been running for years, seeing ads is a pretty rare thing nowadays.

 

[Davidncali001]

http://

How's that? Bare metal, no usb. No third party asuswrt-Merlin, no entware, just the latest verified asuswrt March release.

--------

History:
ASUS RT-AX88U Pro Firmware version 3.0.0.6.102_33352
Version 3.0.0.6.102_33352
67.93 MB
2025/03/19
SHA-256 ：12073EB924C6034843ADB05BBABF9F20D78A66955CBF62750AD68A8E7536D648
1. Fixed the UI issue in Chrome.
2. Fixed client binding issues in Mesh scenarios.
3. Enhanced input parameter handling techniques to improve data processing stability and system security.
4. Enhance system access control mechanisms.
From <https://www.asus.com/us/networking-iot-servers/wifi-routers/asus-gaming-routers/rt-ax88u-pro/helpdesk_bios/?model2Name=RT-AX88U-Pr

C:\Users\rjduw\Downloads\ASUS\AX88U PRO\Asuswrt>certutil -hashfile "C:\Users\rjduw\Downloads\ASUS\AX88U PRO\Asuswrt\FW_RT_AX88U_PRO_300610233352 (1).zip" sha256
SHA256 hash of C:\Users\rjduw\Downloads\ASUS\AX88U PRO\Asuswrt\FW_RT_AX88U_PRO_300610233352 (1).zip:
12073eb924c6034843adb05bbabf9f20d78a66955cbf62750ad68a8e7536d648
CertUtil: -hashfile command completed successfully.
--------
Let's take another look to troubleshoot. Note that previously configured two SSIDs are still current. What does that tell us? We now know at least and no more that the nrvam (NAND/NOR) rewritable physical memory on the SOS chip has not cleared out properly. We also know that modern routers don't use PROMs and that all "factory resets" are just reboots of what last loaded into the nvram with the latest file or OTA upgrade. All the "hard reset" does is clear out configuration parameters (they are not hard resets at all in the traditional sense) as clearly seen here to be in error. What COULD CREDIBLY explain this: tampering with the nvram interrupt loop, tampering with however that interacts with the kernels innermost scheduler loop, tampering with machine instructions that remap memory and/or modify permission effecting kernel and or userland behavior. Configuration file, syslogs, and like are a thousand miles after that. I ask again if there is a known way to clear the nram completely and reload as "system reset" is just a suggestion to the already massively loaded and possibly tampered machine code. We need to get the boot loader, whatever the equivalent, to step in or just consider the rooter to be bricked.

Just a few months ago I flashed the wrong firmware onto my RT-AX86U Pro. I accidently flashed the RT-AX86U firmware and when I logged into my router I got the same looking screen you did with missing features in the GUI. I realized what I had done when the features didn't return after a reboot. I then flashed the correct firmware and my problem went away.