JioFiber Router (JCO4032) Settings Import/Export

JioIsCrap · Nov 4, 2024

Current Firmware Version: SRCMTF1_JCO4032_R2.57
Current Firmware Date: Mon Jul 22 12:25:54 IST 2024

I last exported my router config at the end of September. I guess the firmware actually got updated at my end subsequently, although it supposedly dates back to July.

Anyway, logged in as admin today, changed some settings, saved, rebooted. Thought I'd export the config as usual so logged in again, and I swear, I'm going absolutely crazy because I've looked high and low for it but I just can't seem to find the damn Import/Export option at all anywhere now!

Used to be under Administration > Maintenance as far as I can remember, but now where the hell is it, does anyone know?

Don't tell me Fatso-in-Chief actually removed that option completely, because that would be mind-bogglingly moronic...

hacked2.57 · Nov 4, 2024

Its still there, just commented out. If you right click on "Factory Default settings" and choose inspect, your browser's developer console will open. In the developer console, you will see the commented form for backup and restore functionality. To bring it back, right click on the commented block and choose edit as html. Then remove  from the end of the block.

If you need to use restore functionality, the restore form has a hidden field called thispage which is set to backupRestore.html. Change that to factoryDefault.html.

JioIsCrap · Nov 5, 2024

That's awesome @hacked2.57, I'll try it out. Thanks!

Edit: Backup works, so no reason Restore shouldn't as well (for now). Great!

So these options were commented out deliberately. Next step no doubt will be to remove the actual code for these functions completely from the firmware. But why, Fatso (or his Minion), why?

What possessed you to remove basic Backup & Restore functionality, huh? What's wrong with you?

hacked2.57 · Nov 5, 2024

I think its just some stupid developers from teamf1 that is responsible for this. All they know for fixing any kind of vulnerabilities in the router is to remove that functionality all together. They even are not capable of doing that correctly. They leave all the backend code behind only hiding things from frontend assuming that issue is fixed. What they really need to do is sanitize the input, that alone will fix all the vulnerabilites that their router has.

JioIsCrap · Nov 6, 2024

I think its just some stupid developers from teamf1 that is responsible for this.

TeamF1, the D-Link subsidiary? So they are the ones responsible for the crappy FW for these Jio devices?

They leave all the backend code behind only hiding things from frontend assuming that issue is fixed.

Wow, some real geniuses there in Hyderabad I see.

What they really need to do is sanitize the input, that alone will fix all the vulnerabilites that their router has.

What vulnerabilities did Backup & Restore have?

itsyourap · Nov 6, 2024

@JioIsCrap

What vulnerabilities did Backup & Restore have?

The backup you get is actually a Lua file technically. When you dofile(file) on it, it will run the file.
In case of Jio, they put all the settings as Lua variables. That is why you can literally call a os.execute(...) to run a command on the router basically achieving a RCE.

hacked2.57 · Nov 6, 2024

There is also the information disclosure vulnerability that is mentioned here - JF-Customisation/Instructions/Get-Any-File-From-JF-ONT-Home-Gateway.md at main · JFC-Group/JF-Customisation

It still works. Just the value of thispage variable needs to be `factoryDefault.html".

Do note both backupRestore.html and factoryDefault.html files are present in latest firmware. Any decent developer would have removed all the dead code when creating the new factoryDefault.html file from the backupRestore.html. But that's not what teamf1 do. They copied it over, commented out the backup restore section in html and called it a day.

itsyourap · Nov 6, 2024

Great work @hacked2.57

shinchan72 · Apr 2, 2025

hi i wansnt able to restore the backup can any of you help me with some screenshots thanks

dibun · Apr 3, 2025

I am running SRCMTF1_JCOW414_R2.57 and encountering a 401 error when trying to restore the backup settings .enc file. How can I resolve this issue?