Ok so we think we’ve identified our serial connection, so now let’s have a crack at connecting to it and see what we get.
In order to connect our machine to the device we’re going to need it to ‘speak’ serial,luckily there are a ton of cheap chips that can do this.
The cheapest and simplest method is to use a USB TTM, you can pick these up super cheap on eBay or Amazon.
Once you’ve plugged it in you’ll need to find out which COM port it’s using on your Windows machine, you can do that by brining up device manager.
If you’re using Linux then you’ll need to find the correct device file under /dev.
Next we need to determine the Baud rate, the ‘proper’ way to do this is using an oscilloscope or a logic analyser but we can make do without.
Unfortunately without the correct kit trial and error is the only real way of determining the baud rate, luckily there aren’t that many standard rates to pick from so it shouldn’t take too long to get through the list of possibilities, if you don’t have the correct rate the output will be garbled, as soon as you have the right value you should start seeing some data that makes sense.
A list of standard baud rates is below, the most commonly used are in bold:
- 110
- 300
- 600
- 1200
- 2400
- 4800
- 9600
- 14400
- 19200
- 38400
- 57600
- 115200
- 128000
- 256000
The first thing is to physically hook up the wires to the correct spots we identified earlier:
TX to RX
RX to TX
GND to GND
We don’t need to worry about VCC since the device already has voltage from it’s normal power supply.
Hook those up, you can solder on some pins to make life easier, and you should end up with something that looks like this:
And we’re done, it’s quite hard to make out in these images but on the USB side we have GND, RXD, TXD.
On the target, as we determined in the previous post the order, form left to right in the above image is VCC, GND, RX, TX, so when we hook the wires up we need to ensure that RX is connected to TX and vice versa.
Now boot up a tool that is able to speak serial through the USB, in this instance we’re going to use Putty, enter the relevent serial line and baud rate, in Linux we can do essentially the same thing using the screen command:
screen /dev/USB0 115200
Turn the target device on and you should start to see output something like this:
At this point there are a number of potential scenarios, if you’re lucky you may get dropped into a root shell (YAY), alternatively you may get to a username/password prompt (less yay).
TL-MR3020 mips #4 Mon Sep 21 17:19:36 CST 2015 (none)
TL-MR3020 login:
In this instance we have a log in prompt so from here we have a few options that we can look into in another post.