Hello, I’m trying to locate clean dumps of mmcblk0 for a few GL.iNet routers:
Spitz AX (GL-X3000)
Flint A
Opal (GL-SFT1200)
(Also looking for clean MTD dumps but not as important. )
If anyone has these saved from past testing or dev work or would be willing to dump one from a known-clean device, I’d really appreciate it.
I’ve got four GL.iNet routers in total and really love the hardware, but due to a series of unfortunate events involving persistent malware (and a script kiddie who has nothing better to do), I need a verified clean slate to work from. They’re all kind of brand new and I can’t figure out what’s triggering the return of modified files after a full factory reset. I was able to dump the spitz and it helped but unfortunately the threat was staging files while it was being dumped so it’s not fully clean.
Or if anyone knows of any way I can track where this is coming from, or lock it down I’ll happily take any help provided. I’m seeing stuff like modified /etc/shadow return and the removal of gl specific init scripts and replaced with unwanted custom builds. I just need a way to reset storage completely or figure out what is stopping it getting wiped. Closest thing that seems to work is ssh, screen, loading busybox into memory, and flashing it from /tmp using an uncompressed image.
Anything at this point would be greatly appreciated. Thank you