SU_WAP>set rf switch on > ERROR::Command is not existed

[pmgcosta]

Hello after dump, mod, write firmware on my HG8012H, i cant enable RF, can someone help me ?

[logon84]

Hi. If you already have a full backup of the flash, then maybe try putting /console/mnt/jffs2/equipment.tar.gz file in your jffs2 partition (Afile_system) and then rebooting the device. Long ago, I barely understood from a translated chinese site that this could update the SU_WAP available commands.

[pmgcosta]

I don't understand how,

That way? i tried and don't work

upgrade_clean.zip

That's my image, with mod but with rf command is not existed

[logon84]

Did the file equipment.tar.gz dissapeared after a reboot? If not, the file hasn't been loaded. Try loading the file adding it to the fw update file, using this tool: https://github.com/LeeXiaolan/hwfw-tool

Edit: I see now the mistake in your picture. You have to put the file just with reconvername and the rest. Not inside folders..../mnt/jffs2 is the relative path during runtime to /jffs2-root/fs_1

[pmgcosta]

Same thing

I will try the hwfw-tool method

[pmgcosta]

No joy :(

root@vdf:/apps# python hwfw.py unpack -v -r fw/ HG8012HV300R015C10SPC150_common_all.bin
saving   /var/UpgradeCheck.xml(2215)...
saving   /var/upgradematch(10651)...
saving   flash/flash_config(739)...
saving   /var/hw_flashcfg1.xml(847)...
saving   flash/uboot(130276)...
saving   /var/u-boot1.bin(312424)...
saving   flash/kernel(720008)...
saving   flash/rootfs(3805332)...
saving   /mnt/jffs2/Updateflag(2)...
saving x /var/setequiptestmodeoff(554)...
saving   /var/efs(68)...

root@vdf:/apps# root@vdf:/apps# cd fw/mnt/jffs2/

root@vdf:/apps/fw/mnt/jffs2# wget https://github.com/logon84/Hacking_Huawei_HG8012H_ONT/blob/master/console/mnt/jffs2/equipment.tar.gz --2021-02-01 12:45:05-- https://github.com/logon84/Hacking_Huawei_HG8012H_ONT/blob/master/console/mnt/jffs2/equipment.tar.gz Resolving github.com (github.com)... 140.82.121.3 Connecting to github.com (github.com)|140.82.121.3|:443... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [text/html] Saving to: ‘equipment.tar.gz’

equipment.tar.gz [ <=> ] 86.95K --.-KB/s in 0.1s

2021-02-01 12:45:06 (859 KB/s) - ‘equipment.tar.gz’ saved [89041]

root@vdf:/apps/fw/mnt/jffs2# ls equipment.tar.gz Updateflag

root@vdf:/apps/fw/mnt/jffs2# cd /apps root@vdf:/apps# python hwfw.py pack -v -r fw/ HG8012HV300R015C10SPC150_common_all_mod.bin reading /var/UpgradeCheck.xml... reading /var/upgradematch... reading flash/flash_config... reading /var/hw_flashcfg1.xml... reading flash/uboot... reading /var/u-boot1.bin... reading flash/kernel... reading flash/rootfs... reading /mnt/jffs2/Updateflag... reading /var/setequiptestmodeoff... reading /var/efs...

[pmgcosta]

python hwfw.py unpack -v -r fw/ HG8012HV300R015C10SPC150_common_all.bin

saving   /var/UpgradeCheck.xml(2215)...
saving   /var/upgradematch(10651)...
saving   flash/flash_config(739)...
saving   /var/hw_flashcfg1.xml(847)...
saving   flash/uboot(130276)...
saving   /var/u-boot1.bin(312424)...
saving   flash/kernel(720008)...
saving   flash/rootfs(3805332)...
saving   /mnt/jffs2/Updateflag(2)...
saving x /var/setequiptestmodeoff(554)...
saving   /var/efs(68)...

cd fw/mnt/jffs2/
wget https://github.com/logon84/Hacking_Huawei_HG8012H_ONT/blob/master/console/mnt/jffs2/equipment.tar.gz

HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘equipment.tar.gz’ done

ls
equipment.tar.gz
Updateflag

cd /apps
python hwfw.py pack -v -r fw/ HG8012HV300R015C10SPC150_common_all_mod.bin
reading /var/UpgradeCheck.xml...
reading /var/upgradematch...
reading flash/flash_config...
reading /var/hw_flashcfg1.xml...
reading flash/uboot...
reading /var/u-boot1.bin...
reading flash/kernel...
reading flash/rootfs...
reading /mnt/jffs2/Updateflag...
reading /var/setequiptestmodeoff...
reading /var/efs...

[logon84]

i thin link for wget is wrong. That links goes to the gihub web to download the file. Direct link is https://github.com/logon84/Hacking_Huawei_HG8012H_ONT/raw/master/console/mnt/jffs2/equipment.tar.gz

[pmgcosta]

You are right let me try

-rw-r--r-- 1 root root 92K Feb  1 13:02 equipment.tar.gz_notOK
-rw-r--r-- 1 root root 83K Feb  1 13:01 equipment.tar.gz_OK
-rw-r--r-- 1 root root   2 Feb  1 12:43 Updateflag

[pmgcosta]

Same issue,

Welcome Visiting Huawei Home Gateway
Copyright by Huawei Technologies Co., Ltd.

Login:root
Password:
Password is default value, please modify it!
WAP>su
success!
SU_WAP>set rf switch on
ERROR::Command is not existed

SU_WAP>

[pmgcosta]

The same using flash method with right file :(

[logon84]

The same using flash method with right file :(

Try this: https://mega.nz/file/HpYixJaa#87800ZrU0b1d_YhtSdwZjlwN7oSsW5YNRBCtc-33N78

[pmgcosta]

sorry for the delay, after upgrade the firmware copyright change from 2014 to 2016 but no telnet enabled

I think my baseline firmware don't have the modulo already or have some kind of protection.

Can you share with me in format on flash dump ?

[nunomcruz]

I have the same issue, did you find how to enable it @pmgcosta ?

[nunomcruz]

Ok, answering myself, I fixed the issue by flashing upgrade.bin from here https://github.com/LeeXiaolan/hwfw-tool/tree/master/test

I noticed that R015 bins that are available here don't include the equipment.tar.gz, and unpacking and repacking doesn't include it, because the .header file doesn't allow to add new files, only change existing ones.

Probably the upgrade.bin also opens telnet for other users without changing firmware, I cannot confirm this.

I also noticed that there's a sshd at port 2222, but seems to accept only public key auth.

[pmgcosta]

Hello @nunomcruz , can you explain with more detail ? i sill facing the same issue

[nunomcruz]

I just upgrade via web interface with the upgrade.bin from that url...