can't connect on Kali to a Netgear AC1000 R6080

[dtpeters]

Using an up to date Kali install on a desktop, tried both the linux binary and installed via homebrew, neither would connect. Also the homebrew installed binary needs sudo permissions but can't resolve the path to the binary and thus refuses to run. Maybe I'm just doing this all wrong!

following the directions with two different brand new routers I get either an "Error: Ethernet cable is unplugged" or if I ctrl-c past that "Advertising NMRP server on eth1....." "No response after 60 seconds. Bailing out."

I was also unable to get the source to build on Kali, it keeps looking for addr.h from netlink and not finding it.

[dtpeters]

I knew I should've waited. Still not working but I got it to build on Kali.

[jclehner]

Also the homebrew installed binary needs sudo permissions [...]

Both binaries need sudo permissions (i.e. root). Did the linux binary (from the releases section) not print an error message when run without sudo?

[...] but can't resolve the path to the binary and thus refuses to run.

Please show the exact error message.

following the directions with two different brand new routers I get either an "Error: Ethernet cable is unplugged" or if I ctrl-c past that

Have you tried different Ethernet ports?

[dtpeters]

Thank you for the quick response! I'll switch over to the machine to cut and paste your error messages, but I'm able to sniff the connection with wireshark and maybe I'm just missing the window for Uboot? I can see the utility sending the advertisiments and then the netgear stack wake up and use the connection for its own sequence.
I have indeed tried different ethernet ports, same results.
And yes, both binaries needed root, that was my poor communication.

[jclehner]

A wireshark dump file of the session could be useful! Either attach it here, or send me an email!

[dtpeters]

Your suggestion to try different ethernet ports was the right one, I thought you meant on the client device, not on the router. I did that, got to a failed upload and then netgear took over again.
Trying again I now get this error message.

Waiting for Ethernet connection (Ctrl-C to skip). rtnl_addr_add: Unspecific failure

[jclehner]

Your suggestion to try different ethernet ports was the right one

Which Ethernet port(s) worked, and which didn't?

I did that, got to a failed upload and then netgear took over again.

What was the exact output of nmrpflash? Please re-run with -vv, and always post the full output of the commands you ran.

[dtpeters]

Brand new router, the internet port (the blue one) Command: sudo nmrpflash -i eth0 -f openwrt-23.05.0-ramips-mt76x8-netgear_r6080-squashfs-factory.img -vv

Temporarily disabling NetworkManager on interface. Waiting for Ethernet connection (Ctrl-C to skip). Error: Ethernet cable is unplugged.

Nothing captured by wireshark

[dtpeters]

Same message on the other port, i.e. LAN port #1

[dtpeters]

finally got something!

I tried playing with my network settings and managed to get further again, with the same error message.

# sudo nmrpflash -i eth1 -f firmware.img   
Waiting for Ethernet connection (Ctrl-C to skip).
Advertising NMRP server on eth1 ... -
Received configuration request from c8:9e:43:e4:89:4f.
Sending configuration: 10.164.183.253/24.
Received upload request without filename.
Uploading firmware.img ... 

and then it just hangs while the router goes into its setup.

[jclehner]

finally got something!

On which LAN port?

I tried playing with my network settings and managed to get further again, with the same error message.

Do you remember what you changed exaclty?

# sudo nmrpflash -i eth1 -f firmware.img   

Always use -vv for now.

Waiting for Ethernet connection (Ctrl-C to skip).
Advertising NMRP server on eth1 ... -
Received configuration request from c8:9e:43:e4:89:4f.
Sending configuration: 10.164.183.253/24.
Received upload request without filename.
Uploading firmware.img ... 

and then it just hangs while the router goes into its setup.

A Wireshark capture of this exchange would be incredibly useful!

[dtpeters]

I've sent you an email with wireshark captures of two sessions, both reproducing the behavior. Thank you so much for taking the time to look into this.

[jclehner]

Thanks. I see two issues here:

1. While your router acknowledges the TFTP upload requests, these responses are not processed by nmrpflash. Is there a firewall running on Kali? You might have to disable that!

2. The above issue should cause nmrpflash to print a timeout message. Can you try either version 0.9.21 and 0.9.20?

[dtpeters]

I'll have a look at both of these suggestions this week and update accordingly. Thank you for taking so much time, it is sincerely appreciated.

[dtpeters]

Update time! I removed the most recent version of nmrpflash, built and installed the 0.9.20 version, which worked! On the first try too. I used LAN port # 1 on the router, no problems. Also openwrt has a note on this devices page to say that the filesystem might not be up, but it was. Fully ready to go after the flashing. Thank you again for taking the time to investigate this. I am happy to do some follow up testing with the other devices, checking log files or a BPF based tool on the most recent version to see why it in particular is giving users a hardtime on this specific device. I'll send along any thing that might look interesting.