|
|
本帖最后由 soulshop 于 2023-11-9 22:32 编辑
1.从这下载小米路由器修复工具和cr8806固件https://www.right.com.cn/forum/thread-8292516-1-1.html
https://cdn.cnbj1.fds.api.mi-img.com/xiaoqiang/tools/MIWIFIRepairTool.x86.zip
https://cdn.cnbj1.fds.api.mi-img.com/xiaoqiang/rom/cr8806/miwifi_cr8806_firmware_4622b_6.2.33.bin
2.恢复完成后,连接ttl,不停按回车键进入uboot
输入- setenv boot_wait on
- setenv uart_en 1
- saveenv
维持uboot中断。
1.2步骤可以参考https://www.bilibili.com/read/cv27155910/
3.设置本机ip为192.168.31.100
配置好tftp软件
4.ttl窗口输入
查看分区
以下是我的分区信息
0 SBL1 0x0000ffff 0x0 0x80000
1 MIBIB 0x0000ffff 0x80000 0x80000
2 BOOTCONFIG 0x0000ffff 0x100000 0x40000
3 BOOTCONFIG1 0x0000ffff 0x140000 0x40000
4 QSEE 0x0000ffff 0x180000 0x100000
5 QSEE_1 0x0000ffff 0x280000 0x100000
6 DEVCFG 0x0000ffff 0x380000 0x40000
7 DEVCFG_1 0x0000ffff 0x3c0000 0x40000
8 CDT 0x0000ffff 0x400000 0x40000
9 CDT_1 0x0000ffff 0x440000 0x40000
10 APPSBLENV 0x0000ffff 0x480000 0x80000
11 APPSBL 0x0000ffff 0x500000 0x140000
12 APPSBL_1 0x0000ffff 0x640000 0x140000
13 ART 0x0000ffff 0x780000 0x100000
14 TRAINING 0x0000ffff 0x880000 0x80000
15 bdata 0x0000ffff 0x900000 0x80000
16 crash 0x0000ffff 0x980000 0x80000
17 crash_log 0x0000ffff 0xa00000 0x80000
18 rootfs 0x0000ffff 0xa80000 0x2400000
19 rootfs_1 0x0000ffff 0x2e80000 0x2400000
20 overlay 0x0000ffff 0x5280000 0x1f00000
21 data 0x0000ffff 0x7180000 0xd80000
5.如果你的分区和我的一致,可以用这些组合好的代码备份分区
nand read 0x44000000 0x0 0x80000;tftpput 0x44000000 0x80000 0SBL1.bin
nand read 0x44000000 0x80000 0x80000;tftpput 0x44000000 0x80000 1MIBIB.bin
nand read 0x44000000 0x100000 0x40000;tftpput 0x44000000 0x40000 2BOOTCONFIG.bin
nand read 0x44000000 0x140000 0x40000;tftpput 0x44000000 0x40000 3BOOTCONFIG1.bin
nand read 0x44000000 0x180000 0x100000;tftpput 0x44000000 0x100000 4QSEE.bin
nand read 0x44000000 0x280000 0x100000;tftpput 0x44000000 0x100000 5QSEE_1.bin
nand read 0x44000000 0x380000 0x40000;tftpput 0x44000000 0x40000 6DEVCFG.bin
nand read 0x44000000 0x3c0000 0x40000;tftpput 0x44000000 0x40000 7DEVCFG_1.bin
nand read 0x44000000 0x400000 0x40000;tftpput 0x44000000 0x40000 8CDT.bin
nand read 0x44000000 0x440000 0x40000;tftpput 0x44000000 0x40000 9CDT_1.bin
nand read 0x44000000 0x480000 0x80000;tftpput 0x44000000 0x80000 10APPSBLENV.bin
nand read 0x44000000 0x500000 0x140000;tftpput 0x44000000 0x140000 11APPSBL.bin
nand read 0x44000000 0x640000 0x140000;tftpput 0x44000000 0x140000 12APPSBL_1.bin
nand read 0x44000000 0x780000 0x100000;tftpput 0x44000000 0x100000 13ART.bin
nand read 0x44000000 0x880000 0x80000;tftpput 0x44000000 0x80000 14TRAINING.bin
nand read 0x44000000 0x900000 0x80000;tftpput 0x44000000 0x80000 15bdata.bin
nand read 0x44000000 0x980000 0x80000;tftpput 0x44000000 0x80000 16crash.bin
nand read 0x44000000 0xa00000 0x80000;tftpput 0x44000000 0x80000 17crash_log.bin
nand read 0x44000000 0xa80000 0x2400000;tftpput 0x44000000 0x2400000 18rootfs.bin
nand read 0x44000000 0x2e80000 0x2400000;tftpput 0x44000000 0x2400000 19rootfs_1.bin
nand read 0x44000000 0x5280000 0x1f00000;tftpput 0x44000000 0x1f00000 20overlay.bin
nand read 0x44000000 0x7180000 0xd80000;tftpput 0x44000000 0xd80000 21data.bin
一次输入一行,不知道cr8809和8808的分区一不一样,8809和8808一定不能盲目照抄,一定核对分区信息再输代码,免得备份无效数据出来。
reset重启到系统,看看ttl能不能进控制台,然后给我个反馈,谢谢!类似这样
如果可以,在控制台运行
- sed -i 's/channel=.*/channel="debug"/g' /etc/init.d/dropbear
- /etc/init.d/dropbear restart
然后
更改root密码
就可以ssh登录了(也许)
重启不会丢ssh,升级没试过,重置会丢ssh。
这个理论上cr880x和ax3000都可以
再配合上论坛免拆ttl的方法,绝了!!!
oi-io!!!还有个问题请教论坛各位大佬,我拿到ssh后有什么方法能切换到luci原生界面呢?
end
|
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?立即注册
×
|
简体中文
繁體中文
English
日本語
Deutsch
한국 사람
بالعربية
TÜRKÇE
português
คนไทย
IP卡
狗仔卡
置顶卡
沉默卡
喧嚣卡
顶贴卡
显身卡