Posted: Thu Aug 11, 2022 0:55 Post subject: How to remove dd-wrt
A very non-tech person here looking for advice.
Long story, but I ended up with an Asus RT-AC5300 router with dd-wrt firmware (v3.0-r49418 std (07/04/22)). I had never used dd-wrt before, I relied on what the vendor advised me so I agreed to that. But having fought with this router now for the past six weeks I have to concede the options are far too much for me to manage and way over my head. I have never been able to get the router to work reliably. So, I thought, I need to replace the dd-wrt firmware with something else more at my level, I’d like to move to the Asus firmware for this router.
I've read through all the documentation on this forum that I *THINK* applies - but because I don't understand all this I'm not sure what search terms or titles I should be focusing on. I also got the feeling that in several cases what I was reading is old and perhaps out of date????
My question: What are the steps I must follow to replace the dd-wrt firmware with the latest Asus firmware for this router? Or, where will I find up-to-date steps to do that?
Asus Firmware Restoration Utility(click link) or Asus Mini CFE webserver recovery (which is basically putting it in recovery mode and navigating to a specific IP address in your browser instead of using the Restoration Utility - which this may not be available on the 5300)
Asus Firmware Restoration Utility(click link) or Asus Mini CFE webserver recovery (which is basically putting it in recovery mode and navigating to a specific IP address in your browser instead of using the Restoration Utility - which this may not be available on the 5300)
Sadly, I don't have access to a Windows computer, which according to the Asus sites seems to be an absolute requirement for the firmware restoration utility.
If you put the router in restoration mode, though, you should be able to navigate to the default IP address (which should be 192.168.1.1) with a web browser and upload stock firmware that way. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
If you put the router in restoration mode, though, you should be able to navigate to the default IP address (which should be 192.168.1.1) with a web browser and upload stock firmware that way.
Are "restoration mode", "recovery mode", and "rescue mode" different terms for the same thing? I ask because I'm seeing all three tossed around in my searches, but I'm not finding anything that explains whether or not they mean the same thing.
Yes. Sorry if my wording was confusing. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Joined: 31 Jul 2021 Posts: 2146 Location: All over YOUR webs
Posted: Thu Aug 11, 2022 16:40 Post subject:
Would have been easier to ask for the help you need setting up, sure it could take a little longer but stock firmware while maybe not so overwhelming, it is also using EOL kernels/components/libraries which invariably contain unpatched known security exploits.
The firmware tool works fine on Mac, last I checked. This is how I had to install DD the first time on my AC-5300.
Additionally, I don’t think the firmware tool checks what you are installing, it’s really just handling the TFTP for you, so it should be possible to use it again to re-install third-party firmware even when on the latest versions of the vendor firmware. Obviously, that conclusion may change in the future if the utility starts verifying uploads.
Would have been easier to ask for the help you need setting up, sure it could take a little longer but stock firmware while maybe not so overwhelming, it is also using EOL kernels/components/libraries which invariably contain unpatched known security exploits.
But your choice as long as you know current stock firmware will block you from upgrading later to a 3rd party firmware.
Thanks, I'm intrigued by what you wrote, but a little confused.
What did you mean when you wrote ".... it is also using EOL kernels/components/libraries which invariably contain unpatched known security exploits." Does the "it" refer to "stock firmware"? And, am I understanding you correctly: Stock firmware uses EOL - as in, out of date - kernels and components and libraries?
(P.S.: I did ask for help, spent A LOT of time with the vendor, you guys here wouldn't have known that.)
The firmware tool works fine on Mac, last I checked. This is how I had to install DD the first time on my AC-5300.
Additionally, I don’t think the firmware tool checks what you are installing, it’s really just handling the TFTP for you, so it should be possible to use it again to re-install third-party firmware even when on the latest versions of the vendor firmware. Obviously, that conclusion may change in the future if the utility starts verifying uploads.
Well.... I don't have access to a Windows computer. Or a Mac. Ubuntu only in my house.
Everything I read in my searches said that to do the recovery/rescue/reset/whatever-you-want-to-call-it process requires that you first need to put the RT-AC5300 modem into rescue mode. The Asus site said to do that by holding in the reset button and then plugging in the power cord and keep holding the reset button in until the power light changed from solid on to slowly flashing. Well, it never went into rescue mode for me, it remained as a solid light even after several minutes and an aching finger keeping that reset button depressed.
Did you try the WPS button? I think the WPS and reset buttons get used interchangeably and confusingly enough that the documentation may be flawed - Asus Support should've known to tell you this. If you put it into recovery mode, if it is like any of the older routers, you should be able to point a browser (Firefox ESR on your Ubuntu, for example) to the default IP of 192.168.1.1 and it should pull up a web recovery firmware upload page. To answer your question about EOL .... yes, it is meant that stock firmware generally uses older, not very well-maintained or patched Linux kernels, packages, and associated libraries. Vendors don't always put hardening and security as a top priority, they're in it for the money and to make sales, not protect their userbase from nefarious miscreants hell-bent on cracking into people's home networks. _________________ "The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost
"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio
Joined: 31 Jul 2021 Posts: 2146 Location: All over YOUR webs
Posted: Thu Aug 11, 2022 20:53 Post subject:
dln949 wrote:
Does the "it" refer to "stock firmware"? And, am I understanding you correctly: Stock firmware uses EOL - as in, out of date - kernels and components and libraries?
Yes, its a well known fact. Stock Asus firmware is based on 2.x.x Kernels and their openssl is so old and so filled with holes, its not even funny, not to mention the rest.
dln949 wrote:
(P.S.: I did ask for help, spent A LOT of time with the vendor, you guys here wouldn't have known that.)
Vendors, you mean soulless corporations invested in making profit and offering you what seems like convenience in short term so that when they determine your router is no longer viable lead you to buy their next iteration of the same? They wont support 3rd party and wont acknowledge their own failures (cyclops blinks and many others) so of course they want you on their FW offering.
They lock you into their offerings in a vicious circle that will keep you buying the next shiny thing. If you're OK with that its your choice.
You should research planned obsolesce and make up your own mind.
As for what @Hapi12021 said, take it with a pinch of salt, you will need to flash via recovery a stock firmware via recovery tools and with older recovery tools in order to get to a state where you can do a straight forward stock (vendor) to any other 3rd party.
Just to play Devil's advocate here, yes, the stock ASUS firmware uses older kernels, but
IS kept up to date for current CVE's... much more so than other vendors.
I've had ASUS routers for years, and to get the router into recovery mode, you need to do the WPS reset first (hold down WPS while powering up) until the power light flashes rapidly, then let go of the button and power off the unit. Then hold reset, and power on until the power light flashes slowly. Then your router should be in recovery mode.
You should be able to restore the factory firmware at that point through the CFE web page
Code:
http://192.168.1.1
or with the ASUS recovery software. _________________ ASUS RT-AC3100 AP Merlin 386.12_4
ASUS RT-AC68U Media Bridge/Merlin 386.12_4 (x2)
ASUS RT-AC68U AP r54604
ASUS RT-AC68U Gateway/AP r54604
Edgerouter-4, v2.0.9-hotfix7
As for what @Hapi12021 said, take it with a pinch of salt, you will need to flash via recovery a stock firmware via recovery tools and with older recovery tools in order to get to a state where you can do a straight forward stock (vendor) to any other 3rd party.
But sure, you go trust corporations, good luck with that.
I guess that would really depend on the flash layout that each firmware sets up. I don’t remember how the Asus flash partitioning looked before wiping it for DD. The TFTP method only overwrites the “Linux” partition, but firmware generally treats that as exclusive and further breaks it out into NVRAM, statistics storage, jffs, secondary image backup, etc. Or, maybe I’m confusing the Asus layout with the Netgear.
Back to the point, yes, you may have to make a detour through the stock firmware when changing from DD to Tomato or Merlin, so the flash can be reorganized and initial setup won’t fail on the different third-party firmwares.