amtm amtm 5.2 - the Asuswrt-Merlin Terminal Menu, February 09, 2025

[Jaime Alvarez]

Isn't .ch the Swiss TLD?

 

[Viktor Jaep]

Isn't .ch the Swiss TLD?

Oh whoops. I couldn't read it due to the dark red on black until zoomed in further.

Again, same reasoning stands - could be blocked. Try another mirror?

 

[Tech9]

I couldn't read it due to the dark red on black

No worries...

 

[Viktor Jaep]

No worries...

View attachment 64243

No wonder I can't see red. Lol

 

[elbubi]

You're trying to update through China. Perhaps something is getting blocked going that route?

Thanks for your reply Victor.
I did not quite get it though, my ISP is from Argentina, and I don't use a VPN to ruote through China.

Please tell me I'm not hacked (once) again...
In TOP I'm seeing a proccess I don't recall (bwdpi), I've read its related to TrendMicro, what intrigues me is its location (/tmp/bwdpi)

Do you see anything strange?

Thanks once again for your help.

 

[Viktor Jaep]

Thanks for your reply Victor.
I did not quite get it though, my ISP is from Argentina, and I don't use a VPN to ruote through China.

Please tell me I'm not hacked (once) again...
In TOP I'm seeing a proccess I don't recall (bwdpi), I've read its related to TrendMicro, what intrigues me is its location (/tmp/bwdpi)

View attachment 64250

Do you see anything strange?

Thanks once again for your help.

Sorry... You're not using the Chinese server - my mistake for not zooming in far enough.

In AMTM, try changing your source server. Perhaps something is blocking your route to the .ch server?

 

[elbubi]

Thanks once again for your reply Victor.
Tried to change server but did not find that option.
Nevertheless, I tried pinging diversion.ch and its reachable.

 

[Jaime Alvarez]

Thanks once again for your reply Victor.
Tried to change server but did not find that option.
Nevertheless, I tried pinging diversion.ch and its reachable

I noticed your router has an older firmware version (3004.388.7). You might want to try updating to the latest 3004.388.8_4 and see if you can update amtm.

 

[elbubi]

Hi Jaime. Yes, I've been on 388.8_4 before but I had some issues (my bad, dirty upgrade), so I reverted back to 388.7.
Now I'm abroad, so no chance to updagre from scratch. Do you think it might be fw related? I've updated amtm a few times under this fw version.

Regards and thanks for your help

 

[Jaime Alvarez]

Hi Jaime. Yes, I've been on 388.8_4 before but I had some issues (my bad, dirty upgrade), so I reverted back to 388.7.
Now I'm abroad, so no chance to updagre from scratch. Do you think it might be fw related? I've updated amtm a few times under this fw version.

I do dirty upgrades all the time without problems. But sometimes, when I have a strange issue that defies expalantions, I have resorted to a hard reset and configure everything from scratch.

Regards and thanks for your help

No problem. Greetings from Chile!

 

[dave14305]

Do you think it might be fw related?

Login via ssh and run this test:

curl -v -o /dev/null https://diversion.ch/

Post the full results.

# curl -v -o /dev/null https://diversion.ch/
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 80.74.145.140:443...
* Connected to diversion.ch (80.74.145.140) port 443
* ALPN: curl offers http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [25 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [2609 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=diversion.ch
*  start date: Feb 10 00:07:27 2025 GMT
*  expire date: May 11 00:07:26 2025 GMT
*  subjectAltName: host "diversion.ch" matched cert's "diversion.ch"
*  issuer: C=US; O=Let's Encrypt; CN=R11
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> GET / HTTP/1.1
> Host: diversion.ch
> User-Agent: curl/8.4.0
> Accept: */*
>
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0< HTTP/1.1 200 OK
< Server: nginx
< Date: Fri, 07 Mar 2025 15:09:43 GMT
< Content-Type: text/html; charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Vary: Accept-Encoding
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Expires: Fri, 06 Jun 1975 15:10:00 GMT
< Vary: User-Agent,Accept-Encoding
< Set-Cookie: PHPSESSID=2db7a7571b502e1d603fcda24ba510bf; path=/; HttpOnly
< Last-Modified: Fri, 07 Mar 2025 15:09:43 GMT
< Strict-Transport-Security: max-age=15768000; includeSubDomains
<
{ [15843 bytes data]
100  183k    0  183k    0     0   132k      0 --:--:--  0:00:01 --:--:--  169k
* Connection #0 to host diversion.ch left intact

 

[elbubi]

Login via ssh and run this test:

curl -v -o /dev/null https://diversion.ch/

Post the full results.

Hi Dave.
Thanks for your help.

Here's the output:

:/tmp/home/root# curl -v -o /dev/null https://diversion.ch/
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0*   Trying 80.74.145.140:443...
* Connected to diversion.ch (80.74.145.140) port 443
* ALPN: curl offers http/1.1
} [5 bytes data]
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
} [512 bytes data]
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: none
  0     0    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Server hello (2):
{ [122 bytes data]
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
{ [25 bytes data]
* TLSv1.3 (IN), TLS handshake, Certificate (11):
{ [2609 bytes data]
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
{ [264 bytes data]
* TLSv1.3 (IN), TLS handshake, Finished (20):
{ [52 bytes data]
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
} [1 bytes data]
* TLSv1.3 (OUT), TLS handshake, Finished (20):
} [52 bytes data]
* SSL connection using TLSv1.3 / TLS_AES_256_GCM_SHA384
* ALPN: server accepted http/1.1
* Server certificate:
*  subject: CN=diversion.ch
*  start date: Feb 10 00:07:27 2025 GMT
*  expire date: May 11 00:07:26 2025 GMT
*  subjectAltName: host "diversion.ch" matched cert's "diversion.ch"
*  issuer: C=US; O=Let's Encrypt; CN=R11
*  SSL certificate verify ok.
* using HTTP/1.1
} [5 bytes data]
> GET / HTTP/1.1
> Host: diversion.ch
> User-Agent: curl/8.4.0
> Accept: */*
>
{ [5 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data]
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
{ [265 bytes data]
* old SSL session ID is stale, removing
{ [5 bytes data]
< HTTP/1.1 200 OK
< Server: nginx
< Date: Fri, 07 Mar 2025 16:43:51 GMT
< Content-Type: text/html; charset=utf-8
< Transfer-Encoding: chunked
< Connection: keep-alive
< Vary: Accept-Encoding
< Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
< Pragma: no-cache
< Expires: Fri, 06 Jun 1975 15:10:00 GMT
< Vary: User-Agent,Accept-Encoding
< Set-Cookie: PHPSESSID=de765b4a919b20095292770cf70e0675; path=/; HttpOnly
< Last-Modified: Fri, 07 Mar 2025 16:43:51 GMT
< Accept-Ranges: none
< Strict-Transport-Security: max-age=15768000; includeSubDomains
<
{ [15822 bytes data]
100  183k    0  183k    0     0  75499      0 --:--:--  0:00:02 --:--:-- 92149
* Connection #0 to host diversion.ch left intact

 

[dave14305]

Here's the output:

Looks normal, so what happens if you try to update amtm now?

Try running this command and post the output:

curl -fNL --connect-timeout 10 --retry 3 --max-time 12 https://fwupdate.asuswrt-merlin.net/amtm_fw/amtm.mod | grep "^version="
find /jffs/addons/amtm/ -type f -exec ls -l {} +

 

[elbubi]

Looks normal, so what happens if you try to update amtm now?

Same error as always:

Try running this command and post the output:

curl -fNL --connect-timeout 10 --retry 3 --max-time 12 https://fwupdate.asuswrt-merlin.net/amtm_fw/amtm.mod | grep "^version="
find /jffs/addons/amtm/ -type f -exec ls -l {} +

 curl -fNL --connect-timeout 10 --retry 3 --max-
time 12 https://fwupdate.asuswrt-merlin.net/amtm_fw/amtm.mod | grep "^version="
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   245    0   245    0     0    408      0 --:--:-- --:--:-- --:--:--   560
  0     0    0     0    0     0      0      0 --:--:--  0:00:01 --:--:--     0ve                                               rsion=5.2
100 38965  100 38965    0     0  17958      0  0:00:02  0:00:02 --:--:-- 63254

find /jffs/addons/amtm/ -type f -exec ls -l {} +
find: unrecognized: -type
BusyBox v1.25.1 (2024-04-26 14:22:44 EDT) multi-call binary.

Usage: find [-HL] [PATH]... [OPTIONS] [ACTIONS]

Search for files and perform actions on them.
First failed action stops processing of current file.
Defaults: PATH is current directory, action is '-print'

-L,-follow Follow symlinks
-H ...on command line only

Actions:
! ACT Invert ACT's success/failure
ACT1 [-a] ACT2 If ACT1 fails, stop, else do ACT2
ACT1 -o ACT2 If ACT1 succeeds, stop, else do ACT2
Note: -a has higher priority than -o
-name PATTERN Match file name (w/o directory name) to PATTERN
-iname PATTERN Case insensitive -name
-mtime DAYS mtime is greater than (+N), less than (-N),
or exactly N days in the past
If none of the following actions is specified, -print is assumed
-print Print file name
-print0 Print file name, NUL terminated
-exec CMD ARG ; Run CMD with all instances of {} replaced by
file name. Fails if CMD exits with nonzero

Inside that folder theres a file called "amtm.mod" which first lines are this:

#!/bin/sh
#bof
version=5.0
release="November 17 2024"
amtmTitle="Asuswrt-Merlin Terminal Menu"
rd_version=1.3 # Router date keeper
fw_version=1.2 # Firmware update notification
wl_MD5=1cbf962ffa4593150bd1612352b1d131 # shared-amtm-whitelist

Thanks for your help!

 

[dave14305]

Thanks for your help!

What’s curious is that it’s still running the 5.0 FW version, and not anything newer.

find /jffs/addons/amtm/ -exec ls -ld {} +
ls -l /opt/bin/curl /usr/sbin/curl
df /jffs

Might want to remove the amtm directory under addons and try again, but first run the commands above.
The next step would be to run the script like I show below. It will create a lot of output on the screen, and then prompt you for the menu choice. Enter u for update, let it scroll all the output, and when you get the menu prompt again, enter e for exit. Then PM me a pastebin link of the debug.log file. Your choice, if you want to go that far.

sh -x /usr/sbin/amtm 2>&1 | tee /tmp/debug.log

 

[elbubi]

Hi Dave. Thanks once again for your help.
I will be on the road for the next 2/3 days.
As soon as I'm settled anywhere I will try it, if its not a hassle or a pita for you, otherwise I´ll leave alone and live with it.

 

[dave14305]

otherwise I´ll leave alone and live with it.

I’m too invested in this mystery to give up now! Safe travels.

 

[elbubi]

I’m too invested in this mystery to give up now! Safe travels.

Hi Dave! Made some time today, here's the results

Might want to remove the amtm directory under addons and try again, but first run the commands above.

 find /jffs/addons/amtm/ -exec ls -ld {} +
drwxrwxrwx    3 elbubi   root           296 Dec  4 00:35 /jffs/addons/amtm/
drwxrwxrwx    2 elbubi   root           232 Dec  4 00:35 /jffs/addons/amtm/a_fw
-rw-rw-rw-    1 elbubi   root         41236 Dec  4 00:35 /jffs/addons/amtm/a_fw/ amtm.mod
-rw-rw-rw-    1 elbubi   root            17 Apr 18  2024 /jffs/addons/amtm/.amtm_theme

 ls -l /opt/bin/curl /usr/sbin/curl
-rwxrwxrwx    1 elbubi   root        117672 Aug 14  2018 /opt/bin/curl
-rwxr-xr-x    1 elbubi   root        124876 Apr 26  2024 /usr/sbin/curl

 df /jffs
Filesystem           1K-blocks      Used Available Use% Mounted on
ubi:jffs2                45528      3664     39504   8% /jffs

Might want to remove the amtm directory under addons and try again, but first run the commands above.

Did that, when executing amtm prompts me to select theme (as first install), then its still gives update error, but now in top left corner it says "amtm 5.2" instead of "amtm 5.0 FW" as before.

The next step would be to run the script like I show below. It will create a lot of output on the screen, and then prompt you for the menu choice. Enter u for update, let it scroll all the output, and when you get the menu prompt again, enter e for exit. Then PM me a pastebin link of the debug.log file. Your choice, if you want to go that far.

Done the pastebin of this debug file, but I can't seem to reach you thoroug PM ("This member limits who may view their full profile", thus no PM option available)

Thanks for your help!