90 ‐ Hardware ‐ Aruba AP11 - freifunk-darmstadt/projects GitHub Wiki
- APBoot 2.6.2.9
- Obtain Bootloader. Cut from dump of complete flash:
$ sha256sum AP11-2023-spi-f061c0c4c850.patched-alex.bin
4ca6d50359787bc9767c6f59731e70cf974a00b8f8e89c51b207c9f42769927d AP11-2023-spi-f061c0c4c850.patched-alex.bin
$ dd if=AP11-2023-spi-f061c0c4c850.patched-alex.bin of=apboot-unlocked.bin bs=983040 skip=1 count=1
1+0 records in
1+0 records out
983040 bytes (983 kB, 960 KiB) copied, 0.00188398 s, 522 MB/s
$ sha256sum apboot-unlocked.bin
69e45b047de07ceeeb4a3daec6232ba2902acea8806075af80c2725ea52298a5 apboot-unlocked.bin- Transfer to device
Execute on APBoot shell.
APBoot 2.6.2.9 (build 81770)
Built: 2021-10-05 at 22:04:52
Model: AP11
DRAM: 512 MiB
Flash: Detected MX25R3235F: with write protection total 4 MiB
NAND: 128 MiB
Power: DC
Net: eth0
Radio: ipq4019#0, ipq4019#1
FIPS: passed
Hit <Enter> to stop autoboot: 0
apboot> setenv ipaddr 192.168.1.6; setenv serverip 192.168.1.66; netget 0x84000000 apboot-unlocked.bin
eth0 up: 100 Mb/s full duplex
Using eth0 device
TFTP from server 192.168.1.66; our IP address is 192.168.1.6
Filename 'apboot-unlocked.bin'.
Load address: 0x84000000
Loading: ################
252.9 KiB/s
done
Bytes transferred = 983040 (f0000 hex)
Invalid image format version: 0x1010100
apboot>
- Erase Bootloader and write the old, unlocked one to flash
Execute on APBoot shell.
sf probe; sf protect off; sf erase 0xf0000 0xf0000; sf write 0x84000000 0xf0000 0xf0000
- Reboot by powercycle or execute "reset" on the U-Boot shell