Unlocking BT Home Hub V1 *Upgrade at your own risk*

[fruit tool]

I thought this might be helpfull to somebody so...

If anyone flashed the bootloader wrong on one of these things you probably killed the thing and it wouldnt let you flash to it again. Well i figured out how to get it to flash again. This should work with other badly flashed bcm6348 based routers ive seen on the net also.

The home hub illuminates two leds very dimly when this happens, can't remember which ones. Its either wireless + broadband or broadband + internet.

DONT TRY THIS UNLESS YOU KNOW FOR CERTAIN THAT A BAD BOOT BLOCK IS STOPPING YOU FROM RECOVERING YOUR ROUTER.

The Problem.
If i erased the flash (so its empty) then reset the router the cpu initialized and was happy to write to the flash again.
But if the boot portion of the flash has bad data in it the cpu will lock up instantly not giving a chance to reflash.

So i read the datasheet on the s29gl064m flash that this thing uses. and figured that pin#37 (count along from the dot in the corner and back up the other side or pin#12 down away from the cpu on the bottom side) was it's supply voltage pin. Now with a small blade i lifted the pin away from the board not too much though or it might have snapped off, just enough to break contact with the board. The pin is very thin so i had to be very careful.

I plugged the router in and started the jtag flash tool for erase. (hairy dairy maids wrt56g or tornado jtag flash tool google for it). I wont tell you how to use this tool because the way i see it, if you can figure out what im telling you to do here you can figure out how to use these tools. Anyway just as the jtag tool says its initializing the cpu push that pin on the flash chip back down on the board with somthing non conductive (not metal, a plastic toothpick is perfect). Be carefull though not to bend it too much or it will snap off. you might need to do it a couple of times to get the timing right but like i say be very careful. when its erased solder the pin back down and go ahead and flash your bootloader back to the router.

Im not brilliant at grammar so if you need clarification or anything then just inbox me.

Have fun.

s29gl064m datasheet:
http://www.spansion.com/datasheets/s29gl-m_00_b8_e.pdf

I can not open window to go to Internet, any time i open the window it says:
""(Your DSL connection is down.
Verify if your SpeedTouch is correctly connected to your DSL line. For more information consult your documentation.
Please close this window and try again.)""
so i don't know what to do and i don't know what is DSL?

Well, that homehub that had been donated to me by some people has come into play today as my regular wireless router died. And I'm discovering what a useful little piece of kit it is alongside my normal hub and cable modem.

So, I've got the v1 - knocked down to 6.2.2.6, done the superuser hack, preventing upgrades, routeinternally to use as an AP and VOIP working via PBXes! lovely setup... all I want now is for my PSTN calls to be the default, and to use 5 for VOIP when I choose to.

I can't find this specific info anywhere - can someone help? There's reference on homehubhacks to PSTN breakout for a speedtouch but I don't want to go experimenting as I've already flashed and reflashed about 7 times.

Also, is there a way to log out of the web interface - once I'm in that's it! I want to go back in as the superuser to extract my voice.ini out.

Thanks in advance!

Hi
Well I am no PC whiz but after many frustrating hours and resources I have managed to flash a BT Home Hub I was given and can now access the internet using Firefox and Chrome BUT not IE7 which means I cannot use my Windows Live (MSN, etc).

Can anyone help me out what I should be doing to sort this - I gather that it can be overcome but seem to be unable to find how.

Thanks

Is there any solution for BT Home Hub 2 ??

[btsimonh]

I've got a linux prompt on the homehub v1.5

Need help with squashfs to proceed.

See:
http://forums.modem-help.co.uk/viewtopic.php?t=2695
or
http://homehubhacks.co.uk/index.php?n=HHH.Firmware

pm or reply if you can help with the bt hh squashfs filesystem, can't create a valid one at the moment (can extract, but can't create).

s

[fuji0000]

Seeing as I had my home hub apart for a while now (since about May I think), I anticipation I'd accord the telephony a go (not with the hub buzz as that doesn't work, but with a corded buzz instead), so I set up an annual with sipgate which I can use anyway, and had to reflash the hub with the SIP firmware. I entered my data and according to the hub it is registered and the ablaze came on, but the buzz is application the buzz band as against to the hub at the moment. I accept back accustomed up for now and accept afflicted the ambience to use the corded buzz alone and none of the dect phones. Also, is there a amount I accept to access in acclimation for the hub to put the buzz assimilate VoIP or some added acclimation to accomplish it absence to VoIP as this would be handy?


________________
ip pbx