XqRepack Guide

Step 1 (Downgrade) Step 2 (Temporary SSH) Step 3 (Flashing)

AX3600 Hack Tutorial Using XqRepack Method

(Last edited on 06/06/2023)

Advantages of Using xqprepack:

- Allows you to have the latest Chinese firmware version.
- Doesn't send data to China.
- You can change power settings directly from the web, watt by watt.

- Permanent SSH

Summary of Steps:

These are the steps to follow, which will be explained in detail later:
1. - Downgrade firmware to hackable 0.17 version.
2. - Perform a hack by entering a code in the browser.
3. - Upload the new firmware via WinSCP (if you already have SSH, you can start from here).
4. - Flash the new firmware via SSH.

NECESSARY TOOLS:

Root Password: Obtain it from the website https://xiaohack.es
Hackable Chinese Firmware 1.0.17
Putty
WinSCP
Fuckax3600 Script

You can download all the necessary tools from here: https://xiaohack.es

Step 1. (Obtaining Root Password and Flashing/Downgrading via Web)

We need the root password for your router, which is unknown and unique for each device. To find out the one that corresponds to your AX3600 router, visit the website: https://xiaohack.es
Enter the SN (serial number) of your AX3600 to generate the root user's password. Example: 266XX/E0P80XXXX
Open Notepad or a text editor and save the password generated on the website.
With the AX3600 router turned on, press the rear button for a few seconds until the blue lights on the front disappear (hard reset). This will eliminate any strange configurations that may later cause problems.
After the restart (which takes a couple of minutes), with the AX3600 powered on again, connect to the router's web interface via: http://192.168.31.1, and set the access password to the router's settings using the root password obtained from the website http://xiaohack.es
Now, you will be prompted to configure the Wi-Fi network. Do not change the default SSIDs of the Wi-Fi network (leave them as they are), and set the Wi-Fi password to the one from the website http://xiaohack.es
Now, we will manually downgrade the Firmware to version 1.0.17, which we previously downloaded and saved to the hard drive of our PC.

To do this, go to:

Settings > Status > Manual Update

Select the Firmware file, Version 1.0.17, that you previously downloaded to your PC's hard drive.

The process will take a few minutes, and the router will restart automatically. Do not disconnect the power during this process.

Once it has restarted, connect again to the router's web interface via: http://192.168.31.1, and you will see that everything is now in Chinese. Don't worry.

Set the access password to the router again using the password from the website http://xiaohack.es

Now, you will be prompted to configure the Wi-Fi network again. Do not change the default SSIDs of the Wi-Fi network (leave them as they are), and set the Wi-Fi password to the one from the website http://xiaohack.es

You should have the router working, but in Chinese, with internet and Wi-Fi available.

Step 2. (Obtaining Temporary SSH with a Single Command)

Important notes:

The AX3600 router must have internet access to apply this method. Connect the AX3600's WAN port via a network cable to any LAN port of your ISP's router.
Copy the text from the TEMPORARY SSH FILE THAT YOU HAVE PREVIOUSLY DOWNLOADED.
Go to http://192.168.31.1 and log in.
Press (F12) to open the console on the right window.
Inside the console, press Ctrl + V to paste the copied text.
Press Enter, and a window will open to enter the root password obtained earlier from Xiaohack.es.
With this, you will have temporary SSH access.

Step 3. (Flashing)

Open WinSCP and enter IP: 192.168.31.1, User: root, Password: password
Access the /tmp/ folder and copy the xqrepack firmware, which you can download from here:.
You need to choose the latest available version, which is 1.1.19. Then you have several options:
- Mi: compatible with the app but sends data to China. If you are comfortable with web management, my advice is not to choose the MI version.
- Opt: adds an opt directory (its purpose is still unknown, but it doesn't hurt to have it).
- SSH: with permanent SSH access.
- Txpower: allows you to change power in watts directly from the web.
For testing purposes, I will choose:
miwifi_r3600_firmware_aba17_1.1.19+SSH+opt+txpwr.bin
Open Putty and enter 192.168.31.1, User: root, Password: password
Copy and paste the following code in one go:
ubiformat /dev/mtd12 -f /tmp/miwifi_r3600_firmware_aba17_1.1.19+SSH+opt+txpwr.bin -s 2048 -O 2048
If it gives an error, try using this one instead:
ubiformat /dev/mtd13 -f /tmp/miwifi_r3600_firmware_aba17_1.1.19+SSH+opt+txpwr.bin -s 2048 -O 2048
Wait for it to finish, and then enter these 3 commands:
nvram set flag_ota_reboot=1 nvram commit reboot
Some users report that when they flash the xqrepack firmware, their password changes to another one.
To obtain that other password, use your SN displayed on the main screen of 192.168.31.1 and paste it (including the slash and all) at:
http://xiaohack.es
In any case, if you use SSH: passwd root, you can change the password to whatever you like.
END OF TUTORIAL

ADDITIONAL INTERESTING INFO:

- If you want to turn off the router's power LED (and you have selected not to use the app):
- Use WinSCP to access the /etc/rc.local file and add the following at the end:
(sleep 60;cd /sys/class/leds/led_blue/;echo 0 > brightness)&
- If you want it to reboot automatically, use WinSCP to access /etc/crontabs/root:
and add the following line (it reboots at 4:30 in the morning):
30 4 * * * sleep 70 && touch /etc/banner && reboot

OTHER INTERESTING INFORMATION:

- If you want to turn off the router's power LED (and you have selected not to use the app):
- Use WinSCP to access the /etc/rc.local file and add the following at the end:
(sleep 60;cd /sys/class/leds/led_blue/;echo 0 > brightness)&
- If you want it to reboot automatically, use WinSCP to access /etc/crontabs/root:
and add the following line (it reboots at 4:30 in the morning):
30 4 * * * sleep 70 && touch /etc/banner && reboot

Asistente XiaoHack