Hi folks,
I have purchased a DLink DWM-222 with the intention of exploring the
Linux OS running inside it, and if possible, compiling some additional
USB gadgets to use with it.
FWIW, the USB ID's are 2001:ac01 before modeswitch, and 2001:7e3d
after switching.
It creates ttyUSB[0-4] when switched, and the VID:PID added to the
option driver.
I was wondering if there had been any further developments in the
exploration of the A1 hardware or firmware, in terms of gaining a
shell on the device at all without soldering?
Some initial probing has shown some 1.8v signals on some of the test
points, so I will check those with a scope while booting to see if I
can identify some waveforms, hopefully indicating a UART. I do have a
FTDI UART with a voltage reference, so I am fairly confident that I
can access those signals without damaging the device once identified.
Unfortunately, the updated hardware has complete shields over the
interesting bits, so I cannot identify chips, etc. I have also not
been able to find firmware for the A2, the only firmware I could find
was at ftp://ftp.d-link.co.za/DWM/dwm222/Firmware/, marked as A1. I'll
check to see if they are compatible. And of course, will be copying
the driver software from the embedded CDROM.
Regards,
Rogan
Hi friends...
Sorry to disturb you...
I have a Qualcomm Quectel EC25 modem which I can send AT-Commands to this
module with reciving the response. I store this modem diag bytes using a
python opensource app (qcsuper <https://github.com/P1sec/QCSuper>) with a
little code manipulation. Here is a sample diag bytes:
21 00 00 0A 08 01 01 00 00 50 1C 00 04 00 03 03 FF FF 00 FF 11 90 02 00 00
10 00 00 00 EF 1F AA 4C 0B 1E 03 00 00 11 90 02 00 00 00 00 08 01 02 63 ...
02 00 B2 00 4F 00 C0 *7E* 01 00 D2 00 FD 00 C0 8E 00 00 C5 00 C5 01 C0 7E
01 00 BA 00 ... 00 00 00 00 14 *7E* 01 00 50 81 01 00 40 7D 01 00 2C ... 8D
00 00 48 8C 00 00 *7E* 00 00 00 7D 00 00 00 78 00 00
QCSuper can also run Wireshark automatically to dissect RRC Signaling
messages.
I had an experience with Qualcomm Snapdragon mobile phone and after
receiving the bytes I could dissect them using a specific structure. Some
of the patterns of this structures were indicated in a python-c++
opensource app (mobile-insight
<https://github.com/mobile-insight/mobileinsight-core>) e.g. the frames in
the diag bytes starts with *98 00* and timestamp and frame type with a
specific size follow it. Also *7E* is indicated the end of the frame.
Now, I want to know is there a similar structure in this modem diag outputs
to allow for dissecting? Can you offer me a suitable document or app like
mobile-insight?
I saw a project in Osmocom as osmo-qcdiag.
<https://github.com/osmocom/libosmocore> Can I use that to get this
structure?
I hope you help me...
Thank you very much
--
*When there is much light, The shadow is deep...*
