Modifying DD-WRT’s Protected GUI

hacking_the_ddwrt_gui

[Craig] is always keeping busy by deconstructing and poking around in various firmware images. This time around he has taken on the task of modifying the DD-WRT package, a popular replacement firmware for SOHO routers.

While the firmware is released under the GPL, [Craig] cites that it’s pretty difficult to build from source. Instead, he says that the typical course of action is to extract files from the firmware image, alter them, then reconstruct the image. This works for most things, but the DD-WRT GUI files are protected in order to prevent modification.

Since the phrase “you are not allowed to do that” doesn’t exist in his vocabulary, [Craig] set out to see if he could make his way around the protections and change the GUI code. It took quite a bit of digging around using IDA Pro and readelf, but he was eventually able to extract, tweak, then reinsert individual pages back into the firmware image.

The process is pretty time consuming, so he put together a tool called webdecomp that automates the extraction and rebuilding of DD-WRT’s web page file. If you’re interested in rocking a custom Hackaday-branded router interface like the one shown above, be sure to swing by his site and grab a copy of webdecomp.

29 thoughts on “Modifying DD-WRT’s Protected GUI

    1. DD-WRT is, shall we say, “equivocal”, about being open… It is ostensibly ‘open’; but they’ve been treading down the path of ‘community’/’premium’ for some time now, which creates an incentive to make the free version less flexible.

    2. phisrow nailed it. dd-wrt blows when it comes to modifying stuff. i will say its pretty decent for ‘set it and forget it’ type of stuff, but forget getting any real assistance with compiling/building for it.

    3. The reason DD-WRT state that they make it difficult to do this is because people were re-branding it, flashing it on to routers then selling them on ebay at a higher price, IE taking credit for DD-WRT’s work.

      On a slightly related note about the openness, I’ve built a few packages from source that I run on my DD-WRT based router. More on my website.

      1. @Andee –
        “The reason DD-WRT state that they make it difficult to do this is because people were re-branding it, flashing it on to routers then selling them on ebay at a higher price, IE taking credit for DD-WRT’s work.”

        That is illogical – the license dd-wrt chose explicitly permits resale. Also “Taking credit” is a bit of a stretch… if the router description states it is dd-wrt firmware, then quite clearly they are attributing credit even if the firmware is custom. Who wants to buy a non dd-wrt firmware??

        Lastly, I can clearly imagine dd-wrt themselves NOT wanting to sell pre-flashed routers… so anyone who does so is just fulfilling a service wanted by the public.

        If dd-wrt is actually complaining about all this I am astonished. Linus doesn’t give a rat’s ass who sells Linux preloaded.

        Now I CAN reasonably expect that dd-wrt do not want to provide free technical support to commercially sold routers. They’re perfectly fine to clarify that. But making GUI customization difficult is only going to thwart the community, not the resellers.

      2. I can see this happening. There’s a lot of free software out there that someone is trying to get you to pay for. Irfanview, VLC, PowerISO, and many others. Whenever setting up a new computer, I have to go download these again and sometimes I fall into the trick sites that want you to pay (just $3.99, why not?) or download some bundled adware.

        This is justifiable because there are crappy people in the world out to make a buck at someone else’s expense. If you made or helped make a fully featured piece of software, then were nice enough to give it away to people, I’m sure you be angry seeing someone else sell it for their own profit. It’s just crap all around

        1. @j0z0r dear j0z0r, I would like your opinion on a matter related to the one you’re discussing. I am considering packaging a bunch of free tools with reviews, appropriate use, and offer of phone support at a reasonable price. by weeding through millions of free offerings and snippets of advice, I am providing a service in terms of my expertise. and because I want to sell it retail, there is a cost to market distribute and produce the collection and book. while yes, I am piggy backing on the work of freeware makers, I am helping circulate and popularize their work, multiplying the benfit of their work. also I expect users to use proper installers, agree to the approprite licenses, be made aware of and have access to the root source of the tool, and make sure they know not just from the tool, but also from my product, that the tool is available for free, that they are bound by it’s license requirements which are likely free for home, non-commercial use only, and also be up front with people that what I am providing selling is a handholding through the masses of solutions which are already available free, AND by making a free version of my material available for free on my web-site, AND by charging a fair price for the end product, just to fuel its production and distribution to further its reach and therefor again multiply the benefit of the feely available tools, and promote their popularity and use.

          I plan on trying to get the co-operation of the makers of the primary tools I will promote/recommend/provide.

          where limited by license to not be able to provide the tool directly, I can still provide links and help people understand the when, why, and what it doeses of the many free tools.

          do you see any aspects of my plan that are distasteful, or wrong to you?

          I ask because based on your text in this post, I think you have will have an opinion on the subject. you sound reasonable, and justice minded, and I would consider your opinion valuable. I kinda have that google philosophy of “do no evil” in my work. but i cant afford to always work gratis. i can try to make money off included advertising and provide as free a product as possible. but production and distribution will have a cost. and the general public deserve to be able to access the tools in a retail environment where they are badly needed.

          I hope you will take a couple of minutes to let me know your thoughts.

          Cheers,
          Alistair

          alistair.riddoch@gmail.com

  1. It sounds like you have an abusive relationship with DD-WRT, with you as the abused person.

    You shold:
    1) request everything that you are owed under the terms of the GPL and other Free Software licenses. This includes, of course, “scripts used to control compilation”.

    2) Choose open over closed, freedom over chains. OpenWRT isn’t quite as good as DD-WRT? Work on OpenWRT. Don’t work on DD-WRT.

    1. GPL already states 1.

      In GPLv2 section 3:

      The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.

      So if the webpages are distributed as GPL then they are in violation.

  2. I was having some serious issues with videos streaming and playing counterstrike through steam (connection error freeze for 10-15seconds every 5 min or so, or complete disconnect) after I switched to DD-WRT. I asked on the forums about my configuration (I’m behind a modem and the router is set as the modems DMZ) to see if I was doing something wrong, the post was immediately closed with no response. Eventually after some joogling I found this is a known issue with DD-WRT (someone complained about youtube videos and modern warfare through steam), I tried several different builds to no avail, and switched to Tomato firmware, problem solved. I am very unhappy with DD-WRT.

  3. I wonder why he didn’t spend the time working on the compilation rather than reverse engineering the firmware.

    I prefer Tomato, btw. I recall reading something about DD-WRT (or OpenWRT?) violating the GPL or some other license. Does anyone know the facts?

  4. A lot of DDWRT haters on here, tbh it seems to work well for me, even if i can’t modify the GUI. I don’t spend any more than 5 minutes a month actually on that screen, so i don’t really care

  5. @Colecago

    If you’re running windows 7 this may not be a result of DDWRT but instead a default windows network throttling setting that usually takes effect when too many sounds are playing. (IE when playing full game-servers) etc.

    Try reading through this before blaming DDWRT for it: http://forums.steampowered.com/forums/showthread.php?t=1043281

    @Everyone else
    Can we please try to stay on-topic? I don’t think it matters whether you like DDWRT or not- the post [Craig] made was about changing a user-interface that was otherwise locked. A good hack- and something most people have been doing for years with anything they can get their hands on- from shell replacements for windows, nix, or mac, to firmware hacking PSPs and PS3’s to get that custom appearance they want. Job well done [Craig].

  6. @j0z0r

    It is wrong of you to suggest that dd-wrt can lock down the firmware. I don’t think you realize that you’re basically saying it is OK for ddwrt to “steal” someone else’s code.

    Like many GPL projects, the project ddwrt stands on the work of other projects that came before it. You can’t un-gpl code without permission of all of the contributers (and in this case, it would involve thousands of Linux kernel developers…)

  7. Yea, they’ve been stealing code for years. They charge you for features they should include and didn’t code themselves. The source tree is intentionally unbuildable. Props to Craig for sticking it to them.

    People were stealing their work and selling it so they said fuck it, we’ll make the money ourselves. The free firmware is mostly for old consumer routers now anyway like 10 year old WRT54G. New ubiquity and others cost $$

  8. @Analog
    It is windows 7, but I’m sure its unrelated, it would give me a “connection error” that would stay on the screen with me frozen for 10-15s and there would be a countdown to a timeout. When I had a friend playing on the same network, this would happen at the same time to both of us (he was sitting a few feet away) and the clock would count down from 60 or 90 (don’t remember what its max was) and we would get kicked from the server because of a lost connection. These problems very much seem to be a network problem and they went away when I switched to Tomato. I’m mostly upset by the fact that instead of trying to assist me with my problem or even tell me that my network was wired the way it should be (one of the questions I asked and I gave lots of details of my setup), they just locked the post immediately. That coupled with the fact that I’ve seen this issue on multiple blogs and forums across the net now makes me think they know about the issue and don’t give a shit, or want to hide it so they locked my post.

  9. Problem with DD-WRT vs OPENWRT is, a lot more routers are supported by DD-WRT while not in OPENWRT.

    This whole flashing thing isnt all about old routers anymore, we want to flash the new routers we buy immediatly.

    I am not asking for supporting all the devices, its a never ending task. But a bit support for new hardware will make me want to use OPENWRT.

  10. I totally agree with ScottInNH and Analog, j0z0r , especially liked wjhat Skeltorr, mewse and fartface had to say. I would love to get superchannel on openwrt. I have almost mastered hostapd and I love what madwifi can do. I have integrated the best op borgbox into a 3.9 MB and 6.9 M firmware and added my own convienient scripts for mdk3 and ettercap. I build in my own multi virtual server freeradius and upgraded to the latest openssl. I had trouble reflashing a pico2HP to the 7M firmware (that previously used to work on the same device) after recompiling it to include my new and improved/corrected configs.

    Now I have 4 networks using the same radio ( each of which can be setup independently of the rest and in a very detailed way) , one for my private admin use, one 2 wpa2 encrypted networks that can have different shared keys for each client mac, one 802.1x network conected to a my freeradius server
    2 monitor interfaces, one of which uses mdk3ś ssid beacon flood to shower the enemy networks with a network of fake APs, and another interface for deauthing their clients or just as a lauchpad use attacks using aircrack-ng/airpwn/airbase/kismet as a drone.

    OpenWRT is just as wicked as it gets for my Ubiquity. What’s left is to make ath5k mature enough and get an openhal working and achieve frequency freeedom

    It has been done on Compex.
    http://www.compexshop.com/OpenWrt/OpenWRT%20with%20Compex%2011n%20Drivers_V1.4.pdf

    https://forum.openwrt.org/viewtopic.php?id=19302
    http://www.dl8rds.de/index.php/OpenWRT

    I recommend you get that PDF or get in contact with some russians.
    http://forum.nag.ru/forum/index.php?showtopic=51019

    Fuck the FCC. Oops I live in Mexico.

  11. I actually don’t mind paying dd-wrt for anything they produce so long as it works & they are obvious about it. I’m all for getting payed for ones effort, but don’t waste my F*&^ing time & be obvious about what you are doing.

  12. I think you are not quite sure what exactly GPL is and what it protects. If code was produced, and released, under a GPL – then that code is freely available. Any changes to that code must also be made freely available.

    Now I can write my own binary in C, running on a linux machine (which, linux is released under GPL) and I DO NOT have to share the code for my binary C program. What? Why? I thought it was GPL?

    No. My code was written by myself. I did not use any code released under GPL in the production of my binary. Just because it runs on linux, or even interfaces with any other code released under GPL, does not mean that my code must be GPL.

    I.E. The makers of DD-WRT have written code that implements their user interface. These are simply scripts that create html pages on-the-fly for users when browsing the web interface. The http server that serves these web pages is a GPL licensed binary – the sources for this are available. The settings these web pages change on the server can be part of GPL code, and these settings must be made available. But the source for these scripts/binaries written to generate these html documents, as long as no code in them was taken from other GPL licensed code, does not need to be made available.

    Refresh yourself on GNU/GPL before making complaints.

    And no, I do not work for DD-WRT.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.