I have this router with some new firmware that cablevision puts on it to let you remotely manage the router only through a cablevision webpage, the orginal stock Netgear firmware is just gone
I tried the pin short method as a desperate last resort to get stock firmware back on so from there I can move onto dd-wrt and I got as far as showing successful flash from tftp2, but then after reboot it still has that locked stock firmware
Reason for not being able to write is one of the following:
a) bad flash chip
b) router id mismatch between firmware and board_data
which only should happen if:
The router is an ISP branded model with ISP unique router id
or
The board_data partition is corrupted in which case it has to be repaired/restored.
The dd-wrt build used does not write to the board_data partition if flashed from dd-wrt or Netgear gui.
A router with a ISP unique router id would not write a dd-wrt firmware or a general Netgear firmware,
it would leave the current firmware on the router intact.
Yea it looks like it's not going to be doable. The ISP provider totally took over this thing with their own firmware and I bet the implied unique router ID is definitely the culprit.
Did you try to install the firmware from the link below?
If you haven't, you should try to telnet that file after a 30/30/30 reset, instead of Netgear original stock firmware.
Joined: 16 May 2010 Posts: 130 Location: San Francisco Bay Area
Posted: Wed Feb 05, 2014 20:16 Post subject:
Sincere thanks to the original poster!
The pin shorting method worked for me too (several times in fact).
I had discovered the hard way that upgrading to 21676 Big bricks the WNDR3400v1.
21676 Mega does work (and is a good build for this router).
UPDATE: 21676 Mega has the dangerous Heartbleed vulnerability and should not be used.
I've updated the WNDR3400 Wiki with this information. _________________ Hope that helps,
John
DD-WRT 21676 K26 Mini, Kong 22000++, Kong 25015-SP1, and 26138
Last edited by JNavas on Wed Mar 11, 2015 16:44; edited 2 times in total
Do I HAVE to use the netgear original firmware? <everytime I d/l the chk file says something like recovered file fragments> don't know if this is a problem?
I have followed this guide and I can get my solid amber power light to turn blinking green with responding ping requests.
After I update the firmware the green power light is still blinking. If I unplug the router and restart it goes back to square 1 (ie: solid amber power and no ping response)
I have tried 30-30-30 as well, but yield no results.
I have been advised to leave the router and it will restart itself when ready, however after 1 hour wait, still blinking green light.
Can anyone offer some insight into this? Thanks so much!
Joined: 16 May 2010 Posts: 130 Location: San Francisco Bay Area
Posted: Mon Feb 17, 2014 3:54 Post subject:
cliffe52003 wrote:
I have some questions...
Do I HAVE to use the netgear original firmware? <everytime I d/l the chk file says something like recovered file fragments> don't know if this is a problem?
I have followed this guide and I can get my solid amber power light to turn blinking green with responding ping requests.
After I update the firmware the green power light is still blinking. If I unplug the router and restart it goes back to square 1 (ie: solid amber power and no ping response)
I have tried 30-30-30 as well, but yield no results.
I have been advised to leave the router and it will restart itself when ready, however after 1 hour wait, still blinking green light.
Can anyone offer some insight into this? Thanks so much!
“Once finished you should see something like flash successfully completed”
If you don’t get a flash successful message, I’m guessing the flash wasn’t successful, and that would
be a problem.
After you tftp the file to the router, wait for the lights to return green and REBOOT, the router, (press and release the reset button,
(the little pin hole just left of the USB port)). DO NOT UNPLUG the router.
And by all means do what JNavas said, "Follow the guide, carefully"
Good luck. _________________ WNDR3400v1 using dd-wrt.v24-24461_NEWD-2_K3.x_mega-nv64k.bin
WNDR4500v1 OEM Firmware Version V1.0.1.40_1.0.68
“Incredibly handsome and master of all villainy!”
“Ow! My giant blue head!”
Brand-new WNDR3400 refurb, flashed the .chk fine and followed what I thought were safe procedures as far as 30/30/30 before upgrading to an OpenVPN version (dd-wrt.v24-23919_NEWD-2_K2.6_mega-nv64k.bin), but ended-up bricking it and had the same issue where when trying to recover easily, I would get one good ping or if I held down reset during power on, would get 3-4 pings shortly after releasing reset. Tried to TFTP upload the stock firmware multiple times but no go either during the 1 or 3-4 pings. Resorted to the pin shorting as described by the thread starter and viola, pings continued past the initial 3-4 after releasing reset, TFTP upload of Netgear .52 firmware worked as well as the .chk upgrade, and now I'm back in search for a good version which isn't from 2012 and isn't vulnerable to the Heartbleed OpenSSL bug.
Thanks for posting this and the router was only $10 so I didn't mind if I killed it.
Posted: Wed Nov 19, 2014 2:10 Post subject: WNDR3400 as a test
I successfully upgraded the router to the dd-wrt.v24-21061_NEWD-2_K2.6_mini-nv64k.bin. After that I decided to go ahead and do the mega and didn't have such luck after that. Got a solid amber light and could not ping or access the router in any way. This router was replaced by a WNDR4300 so I just used it as practice. I used this pin short method to unbrick and tftp was successful and I rebooted the router just like in the instructions in this thread. Thanks for this post and I know that it is still a no-no but, hey if it works it works. I wasn't really worried about this one anyway.
First of all, I would like to give a BIG THANK YOU to the original poster. Saved from bad flash of 2200+ DLNA (big?) (wiki says it's recommended.. heh, not so http://www.dd-wrt.com/wiki/index.php/Netgear_WNDR3400 filename: usb-ftp-samba3-dlna-nv64k-broadcom.bin )
Now with THAT out of the way, I will tell you this is just preposterous how difficult it was. The guide is by no means complete (I will attempt to clear things up, but I might even fail). Maybe this will save someone else 2 hours of fiddling...
Here is how I did it:
(First the symptoms: solid power light of unknown color since I'm color blind, flashing LAN light when connected. NOTHING else)
Crack it open (duh).
Connect to LAN port (not the yellow)
Set PC to 192.168.1.10 and gateway/dns to 192.168.1.1
ping 192.168.1.1 -t (absolutely useless for now, but later it's helpful)
open tftp2 and select the .chk file mentioned in first post.
get your metal tool ready to short the pins in the pic (at the bottom if you can't read it as it's faint... look hard).
plug it in and as SOON as you see the blue wifi light come up, hold the tool against the pins (about 10 seconds or so to be sure).
The power light should start flashing and your cmd/ping window should start showing steady TTL=100's (if it's not obvious, you can stop shorting the pins now)
If the power light does not start flashing, push the power button in (toggle off) then press it again (toggle on) and try again (vary your timing... I got it to work numerous times after the blue wifi light went off as well).
Also, don't short the pins too fast or before powering on or it will hang with all the LAN lights lit up (you will need to power cycle it again).
The cmd/ping thing is useless at this stage (besides when you enter the flash mode successfully, but you can see the power light flashing anyways) as you are likely going to get a 10s delayed "ping timeout" (you might can set the timeout to 2ms or something, but not much point). So, waiting for a successful ping is timing/luck and too cumbersome.
As soon as the power light is flashing, you can stop shorting the pins and hit the "upgrade" button in tftp2 and it should fill the progress bar and say success (hopefully).
DO NOT REBOOT THE ROUTER!
Watch your cmd/ping window. Eventually those TTL=100's should turn into ping timeouts.
WAIT
WAIT
Seriously.... wait. (roughly 80s, according to my 8 ping timeouts)
cmd/ping should eventually come back with 1-2 TTL=100's (if you are lucky, as mentioned).
Then more ping timeouts
WAIT AGAIN (roughly 40s according to my 4 ping timeouts)
You should start getting TTL=64's and wifi should come back up (according to light) and you can confirm by going to http://192.168.1.1
Summary:
You have a VERY small window to short the pins. It's EXACTLY when those ping responses come up. Seriously, it's much easier to just GUESS and short them shortly after the wifi LED shows up and just hold it there a few seconds. If you fail, just try try again.
Another thing is the guide says to just reboot. I flashed my router about 10 times successfully and it never came back up if I rebooted it manually afterwards. The flash may say success, but I firmly believe it is NOT done and you have to WAIT for it to reboot itself!
I'm a newb and maybe I am wrong, but this is how I got it to work and it was the ONLY way I got it to work. Maybe someone else will need this info or try something similar if my method doesn't work for them, nor the first post.
Edit:
Here is an observation after even more fiddling (can't get enough):
192.168.1.1 is the default recovery IP it tries to listen on. It becomes active every boot whether bricked or not and pings return TTL=100's. In order to boot into recovery via the pin shorting method, you seem to have to be making contact at the END of when it's responding. In essence, keep contacting the pins until it stops responding. If it doesn't enter recovery/flash mode, you weren't making good contact or did it too late.
Another strange anomaly is now after successfully recovering and then (semi-)purposely bricking, it now responds to pings for a good 10 seconds or so (20 something ping responses?). It's extremely easy now to recover. My original problem (and the reason for this post) was because I was getting an EXTREMELY short window in order to short the pins (the ping timeouts made it seem like it wasn't even listening!). Literally less than 1s (approximately). For whatever reason, it no longer does that even though I bricked it the same way (AFAIK) several times.
Edit2:
Sidenote:
I successfully upgraded to dd-wrt.v24-21061_NEWD-2_K2.6_mega-nv64k.bin
Don't use the Wiki. Use the router database http://www.dd-wrt.com/site/support/router-database
Using anything not in the database at your own risk, lest you enjoy cracking this case open with a rare bit and shorting pins.
Also, I had a strange issue where I could not login to the factory firmware after one recovery. admin/password was not accepted even after a forced recovery of oldest AND latest. Required 30/30/30 reset (or simply hold it in while powered until the power light shuts off or flashes depending on current firmware). Wait for it to power cycle (LAN lights will all light up and pings turn to TTL=64's) and you should be able to use the default login correctly.
Last edited by dubbat on Sun Jan 25, 2015 4:17; edited 12 times in total
Excellent write up dubbat , your additional information will be very helpful towards a successful Pin-Short.
Thanks for the info. _________________ WNDR3400v1 using dd-wrt.v24-24461_NEWD-2_K3.x_mega-nv64k.bin
WNDR4500v1 OEM Firmware Version V1.0.1.40_1.0.68
“Incredibly handsome and master of all villainy!”
“Ow! My giant blue head!”
, your additional information will be very helpful towards a successful Pin-Short.