It is possible to gain root access on this router.
You need to follow the telnetEnable procedure on the web, using the username/password Gearguy/Geardog as for the previous routers.
Then, you telnet to port 23 and will get a “login:” prompt. At that prompt you can log in with “root” and “5up”.
Once at the Linux shell, the following commands are available:
There’s also a command “cli” with username “ambit” and password “ambitdebug” for configuring NAT and the Firewall.
You can download some useful utilities that I compiled for the MIPS processor on this box from
http://users.fmrib.ox.ac.uk/~crodgers/netgear/
and others from
http://rodgers.org.uk/netgear/
These include “busybox” with many commands and “dropbear” which provides
an SSH server and client.
Netgear have changed the software running on this router considerably since v3, so you have to figure things out yourself and cannot rely on old step-by-step instructions on the web.
There is a command “cli” which gets you into an interface similar to that for the old v3 routers. That command will prompt for an additional username “ambit” and password “ambitdebug”. Run it by typing “cli” and pressing enter at the root prompt.
Photographs of the inside of this router are available here.
If anyone discovers how to flash this router with OpenWRT or if they manage to open arbitrary ports to the WAN port in the firewall, please do let me know.
oh crap only just noticed this post via beatjunkies site ignore the previous posts tho wth are those security pins for /me shrugs
You asked for input as to what needs to be done next. I think access to Redboot would be a step forward so we have access without soldering a jtag/serial connection.
So i think that Redboot needs its config altering to include an IP address so connection over telnet is possible.
http://blog.coldtobi.de/1_coldtobis_blog/archive/157_la_fonera_a_better_way_to_enable_redboot_via_telnet__ethernet_safely_howto.html
I don’t think this helps specifically but i think it at the very least points in the right direction
I discovered Netgear has a tool chain for working with the router & Source code is available for those who wish to tinker with it. I think the tool chain works best with Fedora. Here is a few links that might be useful.
Look at page 89 of the second page it says port 80 http is left open by default on the router so there may be a way to flash over http.
Since you are able to open both port 23 & port 22 you could also flash over those ports. I am going to work on flashing the router with new firmware to see how it all works out.
The second web page has source code downloads & a tool chain for working with the WGT624 v4. Anyone wishing to check it out can
[URL]http://tinyurl.com/dd6q8o
[URL]http://www.tinyurl.com/czjg6j
** Note their Source is under GPL or LGPL licensing **
** so they will release source if asked for it. **
if you could create a modified version of the stock firmware that opens up Redboot over Ethernet or leads to this(see above link). I think thats a big step to openwrt/dd-wrt on this router.