Dir-645 Firmware

[Lottie Dedinas]

Theoriginal firmware in upgrade contains a 96 bytes SEAMA-header followed by the kernel padded to 64KB, followed by the rootfs. Thus the rootfs is 96 bytes off from a 64 KB boundary. Note that the SEAMA-header is variable size.

You can use the usual tftp setup to get the initramfs running on there or you can burn it to the flash. The flash isn't supported out of the box with openwrt (as far as I can tell) so it'll need to be the initramfs kernel so that it loads everything in to ram. Hopefully someone can get the flash support going.

Tftp is simple. Just set up a tftp server on a computer (probably the one that you built the image on). When the device boots up hit option 1 or 2 as appropriate (1 for ram image, 2 to burn it). The first option is the ip address for the device (the address you want the device to have), the second is the ip address of the tftp server and the third is the filename you want to grab (DIR645A1_FW101B06_c5fl.bin if you used the steps above).

To access, simply hold down the reset button while powering on the router. The WAN LED should blink. Set your computer with a static IP in the 192.168.0.x range, and open 192.168.0.101 in a web browser. Recovery mode loads up within a few seconds, but doesn't respond to pings. If the power LED is blinking the above page should be accessible.

Help! My router is bricked! I tried reverting back to the original firmware of my router (the D-Link DIR-645 A1) and it just didn't respond after that. I tried everything: connecting to the page, factory reset, recovery mode but they all didn't work... Can anyone help me here?

if -link/dir-645#debricking does not help, a rather old router roughly worth 1 $ is dead, unless you are into soldering, in this case the TFTP process might be the only remainig tiny chance to get it back working, but that also nees a still intact boot loader just like the recovery GUI.

on this device the boot loader won't try to setup the switch

so it's random how it powers up in recovery

also this is common if you badly configure the switch

you have let it completely power down say 5 mins

& go straight into recovery

you may have to repeat this a few times

The wireless interface is effectively unusable. After router reboot, I can connect to the AP as normal, but within minutes (or sometimes longer) the network connection goes down entirely to the point where I cannot even access the router admin page. This is despite the fact that the wireless connection itself shows as remaining connected the entire time. Ethernet link remains and usable.

Even more frustrating is that, despite the DIR-645 having a separate firmware restore capability, even when trying to flash the stock firmware via the emergency web interface, the 'reset' only resets the LEDE installation. In other words, I cannot seem to revert to stock firmware - which, at this point, I would very much like to do considering how unreliable the LEDE installation has been.

Any ideas?

While I was interested to try LEDE, it is nowhere near the level of "it just works" as Tomato was on my old WRT54GL. I will check back in a year or two in the hopes that the project will have had much more investment in user-friendliness by then.

This sounds like the exact same problem I had after installing openwrt (chaoscalmer) on my dir-645. It's unfortunate the problem still persists. Dlink have abandoned that router so it would be good to get some more mileage out of it with lede or a similar open-source firmware.

My DIR-645 acts as an AP without DHCP, as this is done by another device.

After a random period of time or after a big file download starts, the connected device looses its asigned IP Address, the wifi connection works but the IP obtained is 169.254.x.x. The only fix is to reboot the DIR-645, I did regular restarts every 4-6 hours with cron tasks as a simple fix, but it was annoying as the failure happens seemingly random.

*Did it a bit unconventionally, but i wanted to see if it works:

I selected the old firmware in the webinterface and clicked on "Flash image", of course it didn't work and i went to the "debricking IP" 192.168.0.101 without restarting after the flash attempt (no reset button was pressed), selected the old firmware again and minionvoice tadaaa we're back in business.

sorry for the late reply, the first one is running as an LTE router with a ZTE Internet stick, the second one is behind a cable modem and the last one is the client of the second. There is no special configuration. The one behind the cable modem ran just fine for months and was mainly used by Wifi clients. The others are usually only used for hours. I don't know why I never ran into Wifi trouble?

No problem! I could establish a running router on another RJ45 connection with a different cable in our building. I did not test it properly, but I have the impression the the router with OpenWRT is quite picky with the selection of LAN cables...?

answering myself I've been running 19.07.5 on my router set-up as AP (cable and WBS client) for last 20 days and I haven't noticed any problems with it. No problems with WIFI disconnection or similar as claimed on the OpenWrt device page.

The older legacy devices listed below in the table, all hardware revisions, have reached their End of Life ("EOL") /End of Service Life ("EOS") Life-Cycle. D-Link US recommends D-Link devices that have reached EOL/EOS, to be retired and replaced. Please contact your regional office for recommendations (LINK).

CVE-2019-10891 - An issue was discovered in D-Link DIR-806 devices. There is a command injection in function hnap_main, which calls system() without checking the parameter that can be controlled by user, and finally allows remote attackers to execute arbitrary shell commands with a special HTTP header.

CVE-2015-2051 - he D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.

D-Link strongly recommends that this product be retired and cautions that any further use of this product may be a risk to devices connected to it. If US consumers continue to use these devices against D-Link's recommendation, please make sure the device has the most recent firmware, make sure you frequently update the device's unique password to access its web-configuration, and always have WIFI encryption enabled with a unique password.

A vulnerability, which was classified as very critical, was found in D-Link DIR-645 up to 1.04b12 (Router Operating System). Affected is an unknown part of the file Wired/Wireless of the component Interface. The manipulation with an unknown input leads to a command injection vulnerability. CWE is classifying the issue as CWE-77. The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:

The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface.

Upgrading eliminates this vulnerability. A possible mitigation has been published 3 months after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 20005.

Security for your D-Link router

Various media reports have recently been published relating to vulnerabilities in network routers, including D-Link devices. Security and performance is of the utmost importance to D-Link across all product lines. This is not just through the development process but also through regular firmware updates to comply with the current safety and quality standards.

We are proactively working with the sources of these reports as well as continuing to review across the complete product line to ensure that the vulnerabilities discovered are addressed.

We will continue to update this page to include the relevant product firmware updates addressing these concerns.

In the meantime, you can exercise the below cautions to avoid unwanted intrusion into your D-Link router.

Security patch for your D-Link router

These firmware updates address the security vulnerabilities in affected D-Link routers. D-Link will update this continually and we strongly recommend all users to install the relevant updates.

As there are different hardware revisions on our products, please check this on your device before downloading the correct corresponding firmware update. The hardware revision information can usually be found on the product label on the underside of the product next to the serial number. Alternatively, they can also be found on the device web configuration.

Please make sure you follow the firmware install guide provided within the ZIP firmware package.

At the street price of around $90, the DIR-645 will make an excellent router for homes that need a reliable and fast network that provides excellent Wi-Fi coverage. Those who want to stream high-def content from within the local network, however, might also want to check out dual-band routers that also support the 5Ghz band, such as the Linksys E3200 or the Asus RT-56u.

Setup and design

The DIR-645 has a completely new design with a sleek black housing and internal antennae. The router comes in a round, vertical shape, looking more like a computer speaker than a network device. Measuring 4.6 inches by 7.6 inches by 1.2 inches, it's actually not a small package but still manages to have very compact footprint, thanks to its cylindrical design. It's also very light at just 0.7 pound.

The router's front has two round, green LEDs that show the status of the connection the Internet and the Wi-Fi network and two buttons for the Wi-Fi Protected Setup (WPC) and the on/off button. These LEDs and buttons are stacked on top of one another in a vertical line to go with the router's design.

3a8082e126