Additional Device Support Request: CradlePoint CTR35

[GoogleCodeExporter]

I recently acquired a cradle point CTR35 router. 

I was wondering if you had any recommendations on how to extract/modify the 
firmware image
http://cradlepoint.com/support/ctr35#

I would among other thing like to recompile the kernel and get USB mass storage 
support as well as SMB support. That being said, the device appears to not have 
a terminal by default and I am certainty not skilled enough to dissect the 
binary file myself.

There is some source available for the device, however it is clearly not all 
the code on the device as the uncompiled source is 1.5bm and the firmware image 
is 6+mb. Yes I know things grow when compiled, but there is no web server or 
python code there, so I am pretty sure the web interface (which allows for easy 
Wifi as Wan) in the code.

If you have recommendations please let me know.

Thanks

Ben

Product Info
Kernel based on NetBSD
CPU: Ralink SOC
Presume at least 8mb flash since the flash image > 6mb

Original issue reported on code.google.com by b...@gaide.net on 21 Sep 2011 at 2:24

[GoogleCodeExporter]

I took a look at the latest firmware image for this device. Although the GPL 
code includes UBoot, there is no uImage header in the firmware, nor any 
identifiable strings. This leads me to believe that the firmware is either 
using a custom compression or it's encrypted.

I found a tear down of the device here: http://fahmu.net/tech/?p=130. If you 
look at the first image, there is a small 10 pin header on the left side of the 
board that is most likely JTAG. Immediately next to it is a 4-pin header that 
looks like a serial port. This is probably the best way to get more info about 
the device/firmware.

Without more information about the firmware we probably won't be able to 
support this device. I might be able to get a hold of one though, I'll keep you 
posted.

Original comment by heffne...@gmail.com on 22 Sep 2011 at 12:19

[GoogleCodeExporter]

Looks like I can't get a hold of one of these devices; without further info we 
probably won't be able to add support for this device.

Will mark this issue as accepted and leave it open in case someone can provide 
more details...

Original comment by heffne...@gmail.com on 9 Oct 2011 at 2:52

• Changed state: Accepted

[GoogleCodeExporter]

Do you need access to the device or a file dump?

Original comment by b...@gaide.net on 10 Oct 2011 at 3:08

[GoogleCodeExporter]

He needs the whole device

Original comment by jeremy.collake@gmail.com on 10 Oct 2011 at 7:45

[GoogleCodeExporter]

If you know how to connect to the serial port on the device it will probably 
give you a root shell and you could get some info for us that way. But 
otherwise, yes, I'd need the device to do this myself.

Original comment by heffne...@gmail.com on 10 Oct 2011 at 8:27

[GoogleCodeExporter]

I will try to get to the serial port this weekend. One thing I have never known 
is how to figure out the Serial port baud rate. Is there some trick besides 
having the documentation or guessing to getting the right baud rate?

Original comment by b...@gaide.net on 10 Oct 2011 at 9:19

[GoogleCodeExporter]

baud rate: I always guessed, faster to do that even if there were some way to 
determine it before-hand

Original comment by jeremy.collake@gmail.com on 10 Oct 2011 at 9:43

[GoogleCodeExporter]

Yes, trial and error is the easiest/fastest/cheapest way to figure out the 
serial port settings. If you happen to have an oscilloscope you can figure it 
out that way too, but it requires math. :P  Most serial ports use 115200, but 
not always.

One thing that did get annoying for me was that most terminal emulation 
programs (hyperterminal, minicom, etc) required me to go through several menus 
or disconnect/reconnect in order to change the baud rate. So I wrote baudrate 
(http://baudrate.googlecode.com) which is a tool that just prints serial port 
data to the screen and lets you change the baud rate using the up/down arrow 
keys, then saves the final setting to a minicom-compatible config file. But if 
you aren't doing this stuff a lot, just guessing the baud rate in 
hyperterminal/minicom is OK.

Original comment by heffne...@gmail.com on 10 Oct 2011 at 10:17

[GoogleCodeExporter]

Original comment by jeremy.collake@gmail.com on 11 Jun 2013 at 8:13

• Changed state: WontFix