The appearance of wireless multifunctional routers Smart Box (Smart Box) from Beeline at the end of 2013 was actively discussed on forums and blogs. Indeed, this is a very productive router in terms of hardware with very good functionality. He had a number of childhood illnesses, which were later resolved with a firmware update. To date, there are no special problems with Smartboxes, they work evenly. But over time, users began to ask questions; how can you configure Smart Box for other providers that are not bad in terms of access; Rostelecom, Dom.ru, TTK, etc. Why is this necessary? It’s just that people, due to various events, having disconnected from Beeline, do not want to spend extra money on a new router, so they are looking for a way to reconfigure the existing one to a new telecom operator.
Under normal access with admin rights; admin/admin ; Only DHCP+L2TP is available to you. But to configure PPPoE, Dynamic or Static IP, you need to log in as a superuser; login SuperUser, password Beeline$martB0x.
In the menu, select the item Advanced functions;:
On this moment you need to go to the Others section; WAN:
In this section you will see the connections available on the router. You can delete the existing WAN connection and re-create it, or edit the existing one:
For Internet connection type of service; DATA;, connection type; Routing;.
Accordingly for digital television; IPTV, SIP telephony; VOIP. The connection type is almost always bridge.
Separately, I would like to note that, if necessary, for each connection you can specify a VLAN ID tag and the value of 802.1p traffic.
As an example, I'll consider PPPoE setup on Smart Box for Rostelecom, TTK or Dom.ru. In this case, in the line IP Mode; set the PPPoE flag;.
Below we enter the login and password for access given to you by your provider.
We leave the trigger set to Keep Alive to constantly keep the connection active. We also leave the MTU at the default 1460.
Be sure to check that the Use NAT checkbox is checked; and click the Save button.
If your telecom operator uses an IPoE connection (Dynamic or Static IP), then it is even simpler. In case of Dynamic IP, you can simply select this type and click the Save button. In 99% of cases this is enough.
If the address is static; then you need to register it and all the data that the provider gave you and apply the functions.
In my opinion, you shouldn’t have any difficulties. Good luck!
Greetings, friends.
There is probably no person who has not heard about the Beeline company and their Internet of the same name. Like any “serious” provider, Beeline really likes to install branded routers.
The advantages are obvious: ease of setup and operation, as well as user support - the hardware is the same and possible problems have been known for a long time. And the castrated settings, tailored for the majority, do not allow the user’s playful hands to break everything.
This article will look at one of the most popular, widespread and overall good router Beeline SmartBox.
As expected in such cases 🙂, it is an OEM device. True, these are not typical repainted DLinks, but exotic ones from SERCOMM)
Read about disassembling the firmware and interesting findings below.
A little about the device:
In fact, the router is a slightly modified Realtek_RTL8197D reference.
You can see more about it below
Brand name: Beeline SmartBox.
Chip: Realtek 8197D (600 MHz)
RAM: 64 MB
WiFi: 802.11b/g/n 300Mbps, 2 internal antennas: 2x2 MIMO
Interfaces: 5 RJ-45 connectors with auto-detection of cable type, USB 2.0 port
From software features: DLNA, FTP-server, SAMBA-server (connection usb devices How network drive), which makes it an interesting option for creating a simple home media center.
In general, the device is not bad and worked stably for me, giving the maximum tariff over Wi-Fi.
However, as an enthusiast I lacked freedom, SSH and opportunities to dig deeper inside, as well as opportunities fine tuning. That’s why I started looking for alternative firmware for the “smart box” and soon realized that there are none and there won’t be any in the near future...
Well, the situation is unpleasant, but not hopeless. 🙂
Since there are no alternatives, you need to get the most out of the stock one, if possible getting a normal console and raising the privileges to root. And to do this you need to merge and unpack the stock firmware.
Let's get started:
Attention. The following points are made from under Linux systems and I do not guarantee that you will be able to repeat all this under Win-like OS.
During preparation we used: Debian Lenny, binwalk, squashfs-tools, a little ingenuity and red eyes.
1) I download the latest firmware from here
wget http://static.beeline.ru/upload/images/help/devices/routers/SmartBox/SmartBox2019.zip
2) Unpacking 7zip, I discover img a file of incomprehensible, at first glance, content.
7z x SmartBox2019.zip
3) Launch by passing as an argument img shnik, to which he cheerfully reports about Secomm's signatures and even tells us hardware id, but that’s not the main thing. Inside we find a pinched binary ( bin-file), unpack the archive and get
Output binwalk 
S1000_Smart_box_SERCOMM_BEELINE_2019.bin which once again emphasizes the SERCOMM origin of the device :)
4) Here it is, it would seem that happiness is nearby. But it was not there.
The binary file itself does not provide any human-readable information ( binary, cap).
And this is where the anal carnival begins:
We target it again and among the signatures, bootloader and garbage we find squashfs' official image (Briefly: Read-only file system, widely used in compressing *nix boot images). 
Happiness is close, I thought. All that remains is to unpack...
Merging from the repository squashfs-tools containing everything necessary for unpacking and anticipating... I'm breaking off, unsquashfs speaks
Filesystem uses lzma compression, this is unsupported by this version
Filesystem uses lzma compression , this is unsupported by this version |
What does it mean that the file has been compressed in the most insidious way? lzma and he cannot unpack it.
Hmm, I'll go to Github for latest version squashfs-tools, I collect from source codes and... I break off again.
Scratching the turnips and combing makefile I notice that support lzma disabled by default. I change the parameter and... pay attention to the comment that for LZMA required LZMA SDK.
)
()
()
()
7 Feb 2016
04:36 am - Beeline smartbox pro, crack SuperUser password.
Beeline smartbox pro has a tr-069 backdoor, the presence of which beeline does not deny; it refuses to remove it, claiming that its removal is not provided for by the firmware. In fact, it is possible to delete it, you just need to log in as SuperUser (password Beeline$martB0xPr0). Then almost unlimited possibilities for setting up for any provider will open up.
Conclusions.
1. Disadvantages of Beeline smartbox pro based on all previous posts:
-no radiators on microcircuits;
-no torrent downloader;
-does not know how to format and check connected USB drives for errors;
-poor support;
-lack of alternative firmware;
-there is a backdoor tr-069, which regular user will not be able to turn it off;
-all antennas are internal
-wan connector is only 100 megabit.
2. The router is made on chips developed in 2013: mt7602en+mt7612en+mt7621at. This set of chips has: Zyxel Keenetic Ultra II (RUB 10,828), D-Link DIR-860L (RUB 9,160), Linksys RE6500 (RUB 11,692), ZBT WG2626 (RUB 7,013). But they all have external antennas, radiators, are not locked to a specific operator and have a gigabit wan input. Therefore, it makes sense to buy Beeline smartbox pro only with the “free year” promotion, when you only pay for the Internet.
Comments:
That's exactly what I thought about the stock when I bought it.
But an unpleasant thing turned out to be true - it does not give a speed of more than 70 even when connected directly with a cable to the router. At the same time, an honest hundred was brought into the apartment, direct WAN connection to the laptop bypassing the router it shows.
Now I look at him and think what to do.
Why can he cut speed like that?