Boot Commands

atin initialize hidden flash access module

atbt x block0 write enable (1=enable, other=disable)

atwm x set MAC address in working buffer

aten x,(y) set BootExtension Debug Flag (y=password)

atse x show the seed of password generator

atwz a(,b,c) write ZyXEL MAC addr, Country code, EngDbgFlag

atcb copy from FLASH ROM to working buffer

atcl clear working buffer

atsb save working buffer to FLASH ROM

atbu dump manufacturer related data in working buffer

atco x set country code in working buffer

atfl x set EngDebugFlag in working buffer

atub x,y,z upgrade bootloader, set engineer debug flag and country code

atdb x dump bootloader to a file

atec x,y set engineer debug flag and country code

atsn x set serial number

atmr dump MRD and MTD information

atmi x Enable/Disable model ID checking (1=enable, 0=disable)

4 comments:

  1. Anonymous14 June 2013 at 09:02

    Would be nice to find out how to debrand it. There's a guide for some other Zyxel equipment:
    http://futureblog.grawet.be/wp-content/uploads/2006/08/zyxel-debranding.pdf

    Wondering what is that extra parameter in ATSE.

    ReplyDelete
  2. Unknown9 October 2013 at 11:28

    press z key at imediat power-on, and u will get (zloader)ZLO - prompt

    ZLGO boot up the whole system
    ZLGU go back to U-Boot command line
    ZLUA x upgrade ras image (whole image)
    ZLUP x upgrade ras image (zboot+kernel+rootfs

    at ZLGU command u will get U-BOOT enviroment.

    VR9 # ?
    ? - alias for 'help'
    askenv - get environment variables from stdin
    base - print or set address offset
    bootm - boot application image from memory
    bootp - boot image via network using BootP/TFTP protocol
    cmp - memory compare
    cp - memory copy
    crc32 - checksum calculation
    echo - echo args to console
    erase - erase FLASH memory
    flinfo - print FLASH memory information
    go - start application at address 'addr'
    help - print online help
    imls - list all images found in flash
    loop - infinite loop on address range
    md - memory display
    mm - memory modify (auto-incrementing)
    mtest - simple RAM test
    mw - memory write (fill)
    nand - NAND sub-system
    nboot - boot from NAND device
    nm - memory modify (constant address)
    ping - send ICMP ECHO_REQUEST to network host
    printenv- print environment variables
    protect - enable or disable FLASH write protection
    rarpboot- boot image via network using RARP/TFTP protocol
    reset - Perform RESET of the CPU
    run - run commands in an environment variable
    saveenv - save environment variables to persistent storage
    setenv - set environment variables
    tftpboot- boot image via network using TFTP protocol
    version - print monitor version

    ReplyDelete
  3. Unknown13 December 2013 at 18:57

    to get seed necesary to unlock atxx protected commands, use ATSE DSL-2492HNU-L3v2 command.
    after, get the password with this tool https://www.dropbox.com/s/nvzskobftyzbmkz/zyxel

    then use : aten 1, (resulted passwd)

    ReplyDelete
  4. Anonymous23 May 2016 at 10:39

    What is sympthoms of corrupted bootloader? If it really corrupted, what is shown?

    ReplyDelete

Subscribe to: Posts (Atom)