Posted: Tue Feb 05, 2019 1:24 Post subject: Netgear R7000 not flashable?
I just bought this R7000 after reading that dd-wrt supports it. I tried to flash thru the UI like the directions said with the chk file and I get error:
(firmware is not compatiable with your router. error code -2.)
There have been a few threads recently about this. Apparently the newer Netgear images have checks built in to stop people from flashing non-Netgear images.
One workaround is to flash an older Netgear firmware that doesn't have these checks, then flash DD-WRT.
Posted: Fri Feb 22, 2019 4:33 Post subject: Solved with a hex edit
Hi!
I had this same problem on a brand-new R7000. After trying everything but opening up the case, I thought about why the Netgear firmware might be rejecting the .chk of DD-WRT. It seemed plausible that there is a version check going on. I opened up the HxD hex editor, dropped in Netgear's latest firmware (at the time, R7000-V1.0.9.64_10.2.64.chk), and looked around.
I discovered that the version number is stored in bytes 09-0F. After changing these to higher numbers (e.g., 01 00 0A 63 63 63 63) in Kong's latest .chk for the R7000, I got the router to take DD-WRT. I used nmrpflash to do this, but I would bet the Netgear Web UI would have accepted the file after this modification.
Posted: Thu Feb 28, 2019 9:05 Post subject: Re: Solved with a hex edit
Andrew
Do you have any info on how you changed the version number?
cheers
swiss6th wrote:
Hi!
I had this same problem on a brand-new R7000. After trying everything but opening up the case, I thought about why the Netgear firmware might be rejecting the .chk of DD-WRT. It seemed plausible that there is a version check going on. I opened up the HxD hex editor, dropped in Netgear's latest firmware (at the time, R7000-V1.0.9.64_10.2.64.chk), and looked around.
I discovered that the version number is stored in bytes 09-0F. After changing these to higher numbers (e.g., 01 00 0A 63 63 63 63) in Kong's latest .chk for the R7000, I got the router to take DD-WRT. I used nmrpflash to do this, but I would bet the Netgear Web UI would have accepted the file after this modification.
Just use NMRPflash to flash the .chk file without altering it first and see if this works.
This.
Unfortunately for me, I tried NMRPflash first, but the router was still rejecting it. It would receive the file, timeout, receive the file again, timeout, etc. I figure it was still doing a version check. That's why the hex edit was necessary in my case. I used NMRPflash to upload the modified file, and the router accepted it.
But egc is right: Don't modify your .chk unless the usual methods have failed.
Posted: Mon Mar 04, 2019 6:17 Post subject: Flashing v 1.0.3.56 firmware into Netgear R7000
Hi guys, I looked at many places to find a way to downgrade Netgear R7000 firmware, Finally I found a way to downgrade Netgear R7000 firmware. Here are the steps to achieve that:
Board Details: NETGEAR Nighthawk AC1900 Dual Band WiFi Gigabit Router (R7000) with Open Source Support | Circle with Disney Smart Parental Controls | Compatible with Amazon Echo/Alexa (Indian Adpater)
-> Remove the top layer, so that we can able to connect serial cable.
->Connect serial 4pin cable to host system using USB to TTL cable.
->Now turn on router and press 'ctrl+c' continuously.
->It should stop at the CFE> prompt.
CFE>^c
->Now run tftpd server.
CFE> tftpd
Start TFTP Server
Reading ::
->Now on host system use the following command(Router default address is 192.168.1.1).
$tftp 192.168.1.1
> binary
> put R7000-V1.0.3.56.chk
->In this way you can able to flash any firmware you need even dd-wrt image.
egc wrote an extensive guide on how to flash this router with photos and everything.
I didn't know this guide existed when I had to do a client's R7000 refurbished router with that software lock on it so like another member posted, I did a rough step by step
If you use the utility then I would read both egc's guide and then my guide on how to time it just right to capture the point where you need to execute the utility using CLI. Update us if you get it to work
Just use NMRPflash to flash the .chk file without altering it first and see if this works.
Do you know if after installing dd-wrt, is it then possible to revert back to an earlier version of stock netgear firmware than was originally installed? My wonder is if Netgear has implemented a hardware or a software block to go backwards in firmware? If you happen to know I would be SUPER appreciative!
Joined: 08 May 2018 Posts: 14125 Location: Texas, USA
Posted: Fri Oct 25, 2019 4:39 Post subject:
mjones1175 wrote:
egc wrote:
Just use NMRPflash to flash the .chk file without altering it first and see if this works.
Do you know if after installing dd-wrt, is it then possible to revert back to an earlier version of stock netgear firmware than was originally installed? My wonder is if Netgear has implemented a hardware or a software block to go backwards in firmware? If you happen to know I would be SUPER appreciative!
Only way I am for sure that works to do that is with nmrpflash.
Last edited by kernel-panic69 on Mon Apr 27, 2020 18:23; edited 1 time in total
Just use NMRPflash to flash the .chk file without altering it first and see if this works.
Do you know if after installing dd-wrt, is it then possible to revert back to an earlier version of stock netgear firmware than was originally installed? My wonder is if Netgear has implemented a hardware or a software block to go backwards in firmware? If you happen to know I would be SUPER appreciative!
Only way I am for sure that works to do that is with nmrpflash.
Ok Thanks! I just purchased a new R7000 and I still haven't opened it yet. Prior to installing any 3rd party firmware you are recommending nmrpflash? I am still learning and am more than happy to do my due diligence in reading up on this but don't want to brick this as well! My ultimate goal is to install dd-wrt and if it doesn't work out, install stock earlier than pre-installed. Thanks for answering my previous post!
Joined: 18 Mar 2014 Posts: 12837 Location: Netherlands
Posted: Fri Oct 25, 2019 6:55 Post subject:
I might be wrong, but if I remember correctly Netgear added this restriction because they started to use a newer flash RAM and the older Netgear versions could not cope with that.
So although you might be able to flash older versions with some trickery it might brick your router.
Not sure if this is true or just FUD from Netgear
DDWRT always could cope with different flash RAM's
You might not need any special tools as BS has modified the header of the factory-to-ddwrt.chk file
(There must be a commit in the repository will see if I can find it later)
So with any luck do the following:
1. Reset router to defaults
2. Upload the factory-to-ddwrt.chk via the GUI, I think version 41328 is worth a try
3. After uploading telnet to your router and do:
I have put together a guide for the R6400v2 and although the R7000 is slightly different the general workout is the same so do not follow this guide literally but it will give you some idea.
The guide and als the unbricking guide can be found with the link in my signature (at the bottom of this post)
4. In the supported devices wiki you can see what architecture your router has and if you are lucky also an install guide/wiki.
5. Post in the right forum, from the former step you can see if your router is Broadcom, Qualcomm/Atheros, Marvell or other, use that forum to post router specific questions, for Networking questions post in the Advanced Networking forum and for other things in the General Questions forum.
6. When posting always state router model, build number and when applicable the Kernel version.
8. Before uploading a new build research the build by looking in the build threads this is an example of a build thread for build 41328 for Broadcom routers:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=321699&highlight=41328
Search build threads with the search function and search on build number.
9. Use the build threads frorm the former step to report success or problems.
If you have experienced the power of DDWRT you will never want to go back to stock but you will have to put in (some )effort to learn its quirks.
Joined: 08 May 2018 Posts: 14125 Location: Texas, USA
Posted: Fri Oct 25, 2019 12:19 Post subject:
^ What he said. But I never needed to do any nvram reset on my R7000P after flashing <Kong> 40270M kongac. I don't know if BS builds are as easy and forgiving to flash on Netgear. Also, my new-to-me-for-free-except-for-ordering-new-power-supply-adapter-cost R7000 will likely never see DD-WRT since it's a development guinea for FreshTomato. Yes, I said that out loud.