Boring, usual disclaimer: the stuff you’ll read in this article can easily render your router a not-so-useful paperweight. Please take the time to read and understand it completely, and keep in mind that I cannot guarantee that it will work on your Argo.
Also, make sure you follow the instructions for the right model of router: ARGO55+ is the ADSL version, while ARGO95 is the optical fiber one.
Warning: we are investigating an issue with the ARGO55+ firmware – apparently there’s a configuration problem with the WAN, and clients are unable to reach the outside. Please be aware of that before trying a downgrade on the 55+.
Ok, so we have no way – at this time, at least – to unlock the interface of the Argo with the recent firmware revisions.
By the way, what are these revisions?
These are the firmware versions I am aware of:
1.3.19 (Mar 25 2011) [ARGO95]
1.3.20 (Mar 25 2011) [ARGO55+]
0.4.4 (Nov 20 2011) [ARGO55+/ARGO95]
1.4.4 (Jan 19 2012) [ARGO95]
0.4.52 (Feb 28 2012) [ARGO55+/ARGO95]
As you can see, the version numbering is kind of curious, but release 1.3.19 (for 95) and 1.3.20 (for 55+) are the last one with interface enabled. So, how we can downgrade to that firmware version? Well, here the bootloader of the Argo comes handy.
What you’ll need:
Assign your computer a fixed ip address on the same network of the router (i.e. 192.168.1.10), connect it to the ethernet port nearest to the power supply port, fire up the tftp server and copy to its root the two *.img files. Connect to the router via serial port, log in and do a
conf download tftp://<tftp_server_ip>/my_conf_backup.conf
then do a dump of your entire flash (if you haven’t done it already) using the instructions posted here.
Finally, type system reboot and press enter.
As soon as the router restarts, you’ll see the message “Press ENTER twice to stop autoboot in 2 seconds”. Quicky press (you guessed it) the enter key two times.
You are now in the U-Boot command prompt: this nice bootloader has a load of useful features (take a look at the help command), but has also the power to render your router unusable. So, pay attention!
Now we have to set a couple of variables: I’m assuming that you used 192.168.1.10 as the ip of your tftp server, remember to adapt the commands to your setup.
Set the router ip address:
setenv ipaddr 192.168.1.1
Set the router netmask:
setenv netmask 255.255.255.0
Set the tftp server ip address:
setenv serverip 192.168.1.10
Now check if you can reach the tftp server machine with
If everything is ok, you can now cross your fingers, and start the downgrade.
First downgrade the recovery image:
update_openrg argo55_openrg_1_n.img 1 (if you are downgrading an ARGO55+)
update_openrg argo95_openrg_1_n.img 1 (if you are downgrading an ARGO95)
Then the standard image:
update_openrg argo55_openrg_2_n.img 2 (if you are downgrading an ARGO55+)
update_openrg argo95_openrg_2_n.img 2 (if you are downgrading an ARGO95)
If you haven’t received any error, you can check that the images are correctly recognized with get_openrg_active
Make sure that there are two valid partitions, and the active one is the 3/7. Then, exit typing reset and pressing enter.
The Argo should now reboot and start your new-old-firmware. Keep in mind that Fastweb has still access to your router, so probably the best way to avoid an immediate upgrade is to disconnect the WAN cable (fiber or adsl) during the boot, log in to the router (via serial port) and issue a
that should stop the remote configuration service, hopefully. Then reconnect the WAN cable, access to the Argo web interface, and follow the steps in the hardening post, before it’s too late :)
Corrected a couple of mistakes (mistyped the update_openrg commands and forgot to mention to connect via ethernet). Thanks D3FenD3r and geogeo!
Update 2 (13/04/2012)
Added files and instructions for ARGO55+. Thanks Arf!
Update 3 (14/04/2012)
Added a missing command line. Thanks D3FenD3r!
Update 4 (16/04/2012)
Added a warning while we investigate problems with the ARGO55+ configuration.
Categorised as: Hacking