Analysis of TD-W9960 Router

Download the firmware from the official TP-Link website. The screenshot is Turkish. I’m sorry for that.

By Frimware Analysis Tool (FAT) its pretty easy to extract and start the fully emulate the system with qemu

It’s successfully booted up

For exit from the qemu CTRL+A and press X.

In order to run particular executables, we need to download qemu’s statically compiled binaries for specific target like mips etc.

sudo apt install qemu-user-static

We need to extract the binary

binwalk --extract --quiet TD-W9960V1_1.4.0_0.8.0_220621.bin

I copied the qemu-mips-static under to squashfs-root and executed the ip binary successfully, which is compiled for MIPS architecture.

sudo chroot . ./qemu-mips-static ./usr/bin/ip

Physical analysis

I bought the router

Disassembled it

It’s obvious that the four pins in the upper right corner are the UART pins. Lets try to connect UART-to-USB cable to those pins.






