Unbrick router via TFTP

In this post, I am going to show how to unbrick your router which might be bricked due to a failed firmware upgrade or flashing another firmware like OpenWRT.

Most of the new generation routers ship with a restore mechanism via TFTP protocol and since TFTP is generally a part of the bootloader, it is almost always possible to restore a router using this method.

The idea behind TFTP restore is a simple one,

  1. The router needs to be started in TFTP client mode
  2. Routers asks a TFTP server running at <SOME_IP> to send it a file named  <FILENAME.bin>
  3. If the server sends this file, router then uses this file to flash itself.

So now that we have this cleared, lets get started. And yes, you will need to connect to the router via an ethernet on the router LAN port because wifi and other stuffs won't work.

Start the router in TFTP client mode

Assuming that the router is connected to a computer via LAN cable, to start the router in this mode, we need to press a combination of hardware buttons on the router. In most of the router, this is holding the reset button and then pressing the power button.

You will see the networking adapter turn to unidentified network from unplugged cable mode.

Identifying the TFTP server IP and Filename

Now that we know how to start the router in TFTP mode, we need to know what IP and filename is the router looking at.

  1. To do this, we first download a wonderful network monitoring tool called Wireshark.
    Download and install this tool, and then start monitoring the ethernet network adapter for your computer
  2. Now restart the router in TFTP mode and you should start seeing some packets in Wireshark. What we are looking for are packets like this Who has Tell
    Now what this packet says is that the router is looking for ip as the TFTP server and that the ip of the router itself is
    Bingo, we got out TFTP server IP.
  3. Now set the static ip of your computer to and netmask as and restart the router in TFTP mode again. Dont turn off wireshark yet, since we need the filename and keep on monitoring the network adapter.
  4. This time on wireshark, you should see something like Read Request, File: recovery.bin
    What this means is that router is asking the server to send it this file over TFTP if it has it.
    Bingo, we got our filename too.

Flashing the firmware

  1. Download and run TFTP server software. I personally use the portable edition of this TFTP server.
  2. Download your router firmware file from the official website and rename it to the filename identified above and put it in a folder.
  3. In the TFTP server software, point the directory to the directory where your renamed file is present, and for the server interface, select your LAN adapter with and make sure the IP is the one which you identified above.
  4. Restart the router again in TFTP mode, and if everything goes right, the file transfer should start and once that is complete, give the router some time to flash and restore itself.

Voila, you have restored your router via TFTP and unbricked itself.

Thanks for reading. I hope this guide was helpful

Subscribe to Blog

Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
[email protected]