Download Station Wifi-router

It's a Wifi accespoint, not a download station

 

The WRT54G is an access point yes, but Nintendo is using it as a download station.

 

nop
you can only go on Internet with and only with nintendo products

 

My understanding is that the router is a normal router with custom firmware. It is part of certain download stations and allows Nintendo devices (especially the DS) to connect to the internet. I have an old router and it sounds like a fun project to flash on the custom firmware.

 

if it ever gets dumped then we could do so xex

 

Hi,

have a look on this Video: http://www.youtube.com/watch?v=4CjIqaO_QeY&feature=player_embedded
on 04:00 Min there is a very nice card. Maybe it works on your System. (If you get it ) :033:

Cordialement

EDIT: Sorry

 

Sup guys
Finally got some new infos about this router, and directly from a Nintendo employee hehe.
As it, these routers CAN'T WORK. Even if you have its password in hands, it's useless. It was expected, but the router itself can't reconize Nintendo or Non-Nintendo products.

The router first retrieve the MAC addresses of the various devices which try to connect to it. Then the infos are sent directly to Nintendo servers in their headquarters.
There, the MAC addresses are checked and compared with their internal database. So if the hardware is not a known console (Chinese motherboard clones or simply not a DS) the request is aborted.

So all the real settings are done directly on the Nintendo servers. The routers connected to these servers are controlled. For example when a video game event is organised, the IP of the location is the only one authorised for the router, associated to its mac address. If a parameter does not match, everything is automatically blocked.

On Nintendo 3DS consoles, this can be used for many things.
Nintendo can limit or grant access to quite everything. Like allowing the browser, limit the games etc..
To use an unofficial product like flashcards can make your MAC address blacklisted, and eventually brick the console (depending of what the local laws are.) They have the power to do this. Now the question is... will they play the same game as M$, by stocking logs and suddenly ban? Future will tell

It's also good to know that Nintendo can blacklist the mac addresses of stolen consoles if all the procedures were done for that, the process is quite same than for stolen smart phones.
The console can then be blocked/bricked simply via a spot-pass or home internet connection.
Some guys will probably have some surprises after buying a "used" one on ebay lol.

 

lets get a dump of this first since what you describe is too labor intensive to be real.

 

How's that too labour intensive to be real? Cable modems have been doing that since they were made available commercially.

 

for a older router to contain all the skus of today and the furture that are nintendos the rom would have to be big and off loading this to a central server would be lag prone. cable modems and routers work diffently as one authetyicaes to be on the network and the other is its own network

but maybe you right its all acedemic since we do not have adump to look at.

 

Stores would probably have 100Mbps connections, so 10MB up and down simutainiously, sending 10 mac addresses every 30 seconds, you think that'd strain the servers?

 

in France, we have under 10 Mbps, that work correctly !

 

good point but without the dump we shall never know the truth

 

Today I have also a "Black Box" in hands :dance:
...but unfortunally also refusing by cracking the pass...:banghead:



On my Router (ver.3.1) I have a

1. s/n
2. mac address
3. ownership ID
   and a
4. device ID

I think the ownership ID is related to the goal?! :evil:

 

Probably not. Its probably a hardcoded password or something distributed to Nintendo employees only.

To get this cracked you'll need someone with the skills to do so, but I don't see anyone jumping at sending one of these to me.

 

;-) Sorry I also can not send it to your skills

 

Password is normally stored in clear text in the nonvol area.

Very similar to modems (which I have lots of experience with - admin @ sbhacker.net)

Should just be a case of jtagging it (or lifting the tsop) and dumping the flash chip - again also capable of doing.

you could also just hook up serial and no doubt get full access and change the password from the command line. all pretty common in router/modem world.


If you get fed up of not getting access to it, you can send it to me. I have no interest in keeping it, but would be interested to open this up for you and everyone else

 

I think about it :smashed:

 

The NVRAM stores the password on these, I can say that with 99% certainty as I've owned them for years. The firmware can potentially be dumped via exploits and the JTAG port but I wouldn't recommend trying that if you aren't comfortable with soldering.

Not sure if the NVRAM can be dumped via JTAG though, would make sense for it to not be for security reasons but there is usually a way around it. I'd imagine if it can be the DD-WRT guys have a guide for it.

 

nonvol = non violatile aka NVRAM


nvram is just a partition of the flash chip - it can certainly be dumped no problem.