This utility is intended solely for hobbyists and enthusiasts for learning and personal enjoyment. It is designed to be used on devices that have reached the end of their lifecycle or support cycle. Please use this tool responsibly and in good faith. Any commercial use, misuse, or use on production on active and supported devices is strictly discouraged.
By using this tool, I hope to encourage the reuse of old, discarded hardware, thereby contributing to the reduction of e-waste. The authors takes no responsibility for any consequences arising from improper use of this utility. Thank you for respecting these guidelines.
M270 reached End of Sales (EOS) Date on July 1 of 2023 and quite often you can find them really cheap on some marketplaces. These are still decent machines and can be used in homelab by enthusiast and as learning aid. Inside the case you will find Lanner motherboard NCB-WG2511A with Intel Atom C3558 processor and 4GB of DDR4/2133 RAM stick.
If the previous owner did factory reset of the device then to restore full firewall functionality you will need license for some fancier things like VPN, Network discovery etc. If you was lucky enough to get hands on not resetted box then pull out mSata drive from the appliance and backup the license file from directory /licenses/
on the last (biggest) partition on drive.
Feature key is assigned to machine by its serial number and then signed. When you enter license then its signature is checked against public key stored in /etc/lickey.pem
on third partition:
-----BEGIN PUBLIC KEY-----
MEAwEAYHKoZIzj0CAQYFK4EEAAEDLAAEA8Bzr9a6TxFepuDXXSZW+tiRIWjhACAv
T7+0dndwVGH2mFqj0YdPkYpN
-----END PUBLIC KEY-----
To workaround issue with license we can follow one of (at least) two ways: 1) factorize private key 2) replace public key by our own
for obvious reasons I choose second way.
Generate new keypair using openssl:
openssl ecparam -name sect163k1 -genkey -noout -out private_key.pem
Extract the public key from the private key:
openssl ec -in private_key.pem -pubout -out public_key.pem
lickey.pem
on Firebox filesystemGet mSata drive out of Firebox and connect to linux machine. Assuming that disk was recognized as sda
you can execute following commands:
mkdir /mnt/firebox
mount /dev/sda3 /mnt/firebox
cat public_key.pem > /mnt/firebox/etc/lickey.pem
umount /dev/sda3
public_key.pem
is public key generated in previous paragraph
Edit aftermarket_lic.txt
file, eg. set your serial number and machine name and license items and dates then run python script:
sign_feature_key.py aftermarket_lic.txt private_key.pem
Signature will be updated in place.
You can verify signature using second script:
verify_feature_key.py aftermarket_lic.txt public_key.pem
Success! This is correct feature key
Upload license using "Update Feature Key" option in your appliance.
M270
but it can be safely assumed that it should work also for M370
M470
M570
and M670
.LiveSecurity Service
and therefore upgrade Fireware OS to newer version however you have to repeat procedure of replacing lickey.pem
because our modded key will be replaced to stock one by updater. 12.3
and 12.10.3
of Fireware OS, WatchGuard introduced integrity check of file system and when you replace lickey then kernel will throw following error:
Signature did not verify
Error: integrity check failed
initrd: Failed. Shutting down.
Hard coded bios password for M270
with bios version V2.02 (04022018) is: WatchGuard!
. If you were able to confirm that this password works for other WatchGuard's product let me know by opening new issue or just ping me on my twitter or whatever.