diff --git a/README.md b/README.md
index a7192b1..0f2f0a2 100644
--- a/README.md
+++ b/README.md
@@ -8,12 +8,6 @@ Just hacks and code snippets which might be useful to someone else.
 
 [Push Let's Encrypt certificates to Ruckus Unleashed/ZoneDirector](pages/PfSenseLetsEncryptToRuckus.md)
 
-[Retrieve forgotten passwords from Unleashed/ZoneDirector backups](pages/ExtractRuckusAdminUserPass.md)
-
-[Enable Upgrades and Add Extra AP Licenses to ZoneDirector for HomeLab Use](pages/ZD1200LicensesAndSupport.md)
-
-[Fix insecure Unleashed/ZoneDirector SSH Host Key](pages/MakeRuckusSshUseEcdsa.md)
-
 [Connect APs to ZoneDirector / Unleashed Dedicated Master over the Internet](pages/ZD1200OpenPfsensePorts.md)
 
 ## Font Hackery
diff --git a/images/OneTimeRootShell_NoSupport_1051.png b/images/OneTimeRootShell_NoSupport_1051.png
deleted file mode 100644
index bee6cbc..0000000
Binary files a/images/OneTimeRootShell_NoSupport_1051.png and /dev/null differ
diff --git a/images/Root_Support_APs_1031.png b/images/Root_Support_APs_1031.png
deleted file mode 100644
index 78ff47c..0000000
Binary files a/images/Root_Support_APs_1031.png and /dev/null differ
diff --git a/images/Support_And_Licenses_1031.png b/images/Support_And_Licenses_1031.png
deleted file mode 100644
index 54e6d94..0000000
Binary files a/images/Support_And_Licenses_1031.png and /dev/null differ
diff --git a/images/Unleashed_Root_Shell.png b/images/Unleashed_Root_Shell.png
deleted file mode 100644
index 979dd38..0000000
Binary files a/images/Unleashed_Root_Shell.png and /dev/null differ
diff --git a/images/unleashed.ecdsa.patch.dbg b/images/unleashed.ecdsa.patch.dbg
deleted file mode 100644
index aca9e8a..0000000
Binary files a/images/unleashed.ecdsa.patch.dbg and /dev/null differ
diff --git a/images/unleashed.restore_rsa.patch.dbg b/images/unleashed.restore_rsa.patch.dbg
deleted file mode 100644
index d3da73d..0000000
Binary files a/images/unleashed.restore_rsa.patch.dbg and /dev/null differ
diff --git a/images/unleashed.root.patch.dbg b/images/unleashed.root.patch.dbg
deleted file mode 100644
index 0f2baae..0000000
Binary files a/images/unleashed.root.patch.dbg and /dev/null differ
diff --git a/images/unleashed.unlock.dbg b/images/unleashed.unlock.dbg
deleted file mode 100644
index f217bb6..0000000
Binary files a/images/unleashed.unlock.dbg and /dev/null differ
diff --git a/images/unleashed.url_filtering_license.patch.dbg b/images/unleashed.url_filtering_license.patch.dbg
deleted file mode 100644
index d2b0992..0000000
Binary files a/images/unleashed.url_filtering_license.patch.dbg and /dev/null differ
diff --git a/images/zd.temproot.img b/images/zd.temproot.img
deleted file mode 100644
index 64ba6f6..0000000
Binary files a/images/zd.temproot.img and /dev/null differ
diff --git a/images/zd1000.licenses.patch.img b/images/zd1000.licenses.patch.img
deleted file mode 100644
index a440990..0000000
Binary files a/images/zd1000.licenses.patch.img and /dev/null differ
diff --git a/images/zd1100.licenses.patch.img b/images/zd1100.licenses.patch.img
deleted file mode 100644
index 2e1afea..0000000
--- a/images/zd1100.licenses.patch.img
+++ /dev/null
@@ -1,3 +0,0 @@
-6‘J½,Öò*%]¶Ä;É°P&f~clæ;ÃòzÀA©Ñ‰&zW/L‘.¨”˜ËâX©¶—Gÿ¯™QlQµUA#_R°ÙÅ‡	´”ËC9›¯QÚ®^74pt`4kGzˆQy–˜å>M”›à¼Ñ‘Ð‘V`T¿T{é¢²¯õ™ûuQ/¥ ª*ðNÜÏ;cW2 Ë)U7	˜4{F›ø‰Ä>¯4µøNhu¾ ‚³«¢Í¼TŽPÊ§/qipOÒ[[_zÕè¯WC­Å«gE‘n.ðkËòëz:hÂ&V,¦ãS$Jf{¸?pbN_u‹»œÖ=·Ò"ö&'rzÔØ¾_õÜJGÈö…
-¬¥Xªï'N?BÑh>¿Žþ=é;á¿OÖ<Ò<šÄ³¿â†r¨/í0“çÕ“ë;ÔÆÿ¹“ã8:æÕ— 3ù Ÿn	ß¸Ñ=è1’Ì‰ç2’A™Í¡'z3›ÁJ.‰à‰àÎGpxý¬{ìƒ‡ßŽL¤ã-bEEfHÏØæê_Oj‰ÝÔ–¡ñÍDÎP¢””ý7y(ÅïxìB€¼•.&$†“AÀêÒò8Ä¯È´É<mâæ¶ûŽíkš¢²G×‚º1íŒ)"³äÿÐ	F2îVX“ßNb>$C¸^5Æ}×?€yE<ñ„ ›F Ÿ4º°»o¢çQÄ½æiKä;!‹¸t'ùe3k®fR4Þäß#®÷Rxt\µ“"ÈÜS1ó«8Í‘œ	ž¯85EûCÄ¸ËKÛgI+“âtC.X˜™Ü˜ª
-é{—yWOõ¦Ù	Ý¹¡rºâ]í”6Ãea> ÔÎìr+ÏbÇaKõ¸ME@ú8½Ûx©Àx5©,’!Ê00`×U¾^6î®Jº«†Íj¥J)™Û+¤º¨d]û‰1"9¯s¢©¥'þÖÁ_@z·Ì>…°Öµ€\ b²Q¹e”x_<Ë'Æ8¢êøRL)Â·íE«Z<ÿg¹ÓÉÉM"šÅÖê0Or¶±·…BèÍÛV Šz«‘åQÛgÂ”üóeW‰1¯š4)ö¦„…˜»ðû>€rl~‘µÿ(‹JÔízMáÌb¯poåHÄ’Ý—Ý²®"'æŽVøPèß9ÌÌqž½Ü³,:¿ ­×<ä”Õ•ôCºñô4˜Ç²ÿ’õdUž&¶­Ïaúß2&‹/¾{2ñ9TàÒ¹ßT3ý ùÂÌ;þËÊÝÆÞ@Í«-¯$}ëÓž’ÿbŽ-Ð1Ÿ •O).ë«?G‚±yÁ>r,rJ7än›î®)bH
\ No newline at end of file
diff --git a/images/zd1200.ecdsa.patch.img b/images/zd1200.ecdsa.patch.img
deleted file mode 100644
index dc8e146..0000000
Binary files a/images/zd1200.ecdsa.patch.img and /dev/null differ
diff --git a/images/zd1200.licenses.patch.img b/images/zd1200.licenses.patch.img
deleted file mode 100644
index a15fae7..0000000
Binary files a/images/zd1200.licenses.patch.img and /dev/null differ
diff --git a/images/zd1200.restore_rsa.patch.img b/images/zd1200.restore_rsa.patch.img
deleted file mode 100644
index 433da73..0000000
Binary files a/images/zd1200.restore_rsa.patch.img and /dev/null differ
diff --git a/images/zd1200.rootshell.patch.img b/images/zd1200.rootshell.patch.img
deleted file mode 100644
index dda960b..0000000
Binary files a/images/zd1200.rootshell.patch.img and /dev/null differ
diff --git a/images/zd3000.licenses.patch.img b/images/zd3000.licenses.patch.img
deleted file mode 100644
index f687a36..0000000
Binary files a/images/zd3000.licenses.patch.img and /dev/null differ
diff --git a/pages/CustomizeZoneDirectorSoftware.md b/pages/CustomizeZoneDirectorSoftware.md
deleted file mode 100644
index 94a78d5..0000000
--- a/pages/CustomizeZoneDirectorSoftware.md
+++ /dev/null
@@ -1,139 +0,0 @@
-# Customize Ruckus ZoneDirector Software
-
-The ZoneDirector upgrade process just runs a script (`ac_upg.sh`) from the Software Image, and nothing is signed! So it's very easy to customize your ZoneDirector.
-
-You'll need to decrypt/encrypt the images. I include bash functions to do this here. If you prefer C# then look in the Decryption/Encryption page.
-
-## Ruckus Crypt bash Functions (using Python)
-> Use the C# version on the Decrypt/Encrypt page if you want something much faster.
-
-```bash
-function rks_encrypt {
-RUCKUS_SRC="$1" RUCKUS_DEST="$2" python3 - <<END
-import os
-import struct
-
-input_path = os.environ['RUCKUS_SRC']
-output_path = os.environ['RUCKUS_DEST']
-
-(xor_int, xor_flip) = struct.unpack('QQ', b')\x1aB\x05\xbd,\xd6\xf25\xad\xb8\xe0?T\xc58')
-structInt8 = struct.Struct('Q')
-
-with open(input_path, "rb") as input_file:
-    with open(output_path, "wb") as output_file:
-        input_len = os.path.getsize(input_path)
-        input_blocks = input_len // 8
-        output_int = 0
-        input_data = input_file.read(input_blocks * 8)
-        for input_int in struct.unpack_from(str(input_blocks) + "Q", input_data):
-            output_int ^= xor_int ^ input_int
-            xor_int ^= xor_flip
-            output_file.write(structInt8.pack(output_int))
-        
-        input_block = input_file.read()
-        input_padding = 8 - len(input_block)
-        input_int = structInt8.unpack(input_block.ljust(8, bytes([input_padding | input_padding << 4])))[0]
-        output_int ^= xor_int ^ input_int
-        output_file.write(structInt8.pack(output_int))
-END
-}
-```
-```bash
-function rks_decrypt {
-RUCKUS_SRC="$1" RUCKUS_DEST="$2" python3 - <<END
-import os
-import struct
-
-input_path = os.environ['RUCKUS_SRC']
-output_path = os.environ['RUCKUS_DEST']
-
-(xor_int, xor_flip) = struct.unpack('QQ', b')\x1aB\x05\xbd,\xd6\xf25\xad\xb8\xe0?T\xc58')
-structInt8 = struct.Struct('Q')
-
-with open(input_path, "rb") as input_file:
-    with open(output_path, "wb") as output_file:
-        input_data = input_file.read()
-        previous_input_int = 0
-        for input_int in struct.unpack_from(str(len(input_data) // 8) + "Q", input_data):
-            output_bytes = structInt8.pack(previous_input_int ^ xor_int ^ input_int)
-            xor_int ^= xor_flip
-            previous_input_int = input_int
-            output_file.write(output_bytes)
-        
-        output_padding = int.from_bytes(output_bytes[-1:], 'big') & 0xf
-        output_file.seek(-output_padding, os.SEEK_END)
-        output_file.truncate()
-END
-}
-```
-### Decrypt a software image
-```bash
-rks_decrypt zd1200_10.5.1.0.176.ap_10.5.1.0.176.img zd1200_10.5.1.0.176.ap_10.5.1.0.176.img.tgz
-```
-### Re-encrypt a software image
-```bash
-rks_encrypt zd1200_10.5.1.0.176.ap_10.5.1.0.176.img.tgz zd1200_10.5.1.0.176.ap_10.5.1.0.176.modded.img
-```
-
-## Editing a Software Image
-
-### Extract the upgrade image
-```bash
-rks_decrypt zd1200_10.5.1.0.176.ap_10.5.1.0.176.img zd1200_10.5.1.0.176.ap_10.5.1.0.176.img.tgz
-gzip -d zd1200_10.5.1.0.176.ap_10.5.1.0.176.img.tgz
-tar -xvf zd1200_10.5.1.0.176.ap_10.5.1.0.176.img.tar ac_upg.sh
-```
-
-### Injecting content during the upgrade process 
-
-Edit the `ac_upg.sh` file, adding code to inject your changes.  
-You can insert your injection script immediately into the `_upg_rootfs()` function:-
-
-Before:-
-```bash
-echo "FILE:`/usr/bin/md5sum ./$ZD_KERNEL`" >>/mnt/file_list.txt
-cd $popd;
-```
-
-After
-```bash
-echo "FILE:`/usr/bin/md5sum ./$ZD_KERNEL`" >>/mnt/file_list.txt
-#
-# Your code goes here.
-# The upgraded root fs is now RW mounted at /mnt for you to edit.
-# If you have extra files you want to install then add them to the tar file and extract them here.
-#
-cd $popd;
-```
-
-### Repackage the image
-
-```bash
-tar uvf zd1200_10.5.1.0.176.ap_10.5.1.0.176.img.tar ac_upg.sh
-gzip zd1200_10.5.1.0.176.ap_10.5.1.0.176.img.tar
-rks_encrypt zd1200_10.5.1.0.176.ap_10.5.1.0.176.img.tar.gz zd1200_10.5.1.0.176.ap_10.5.1.0.176.patched.img
-```
-
-Now you can use the image to do an upgrade directly from the Web UI.
-
-### Making changes directly to your ZoneDirector
-
-If you want to tinker then you can [patch a root shell into your ZoneDirector](ZD1200AddRootShell.md).
-
-
-`/` is mounted read-only.
-Anything which needs to be writable is either linked into `/writable` or is in a tmpfs mount.  
-
-Your ZoneDirector configuration files live in `/etc/airespider` - which is a link to `/writable/etc/airespider` - so  you can edit these files and the changes will be persistent.  
-The factory-default versions of these files live in `/etc/airespider-defaults`, in case you need to refer to them.
-
-If you need to make changes outside of the `/writable` mount, then you can temporarily mount `/` read/write:-
-
-```bash
-mount -o remount,rw /
-# ...now make your modifications
-# then remount ro when you're done...
-mount -o remount,ro /
-```
-
-Many configuration functions are delegated to `/bin/sys_wrapper.sh`. If you're wanting to tweak some behaviour then this is a good first place to check.  
diff --git a/pages/DecryptRuckusBackups.md b/pages/DecryptRuckusBackups.md
deleted file mode 100644
index 65563c4..0000000
--- a/pages/DecryptRuckusBackups.md
+++ /dev/null
@@ -1,228 +0,0 @@
-# Decrypt Ruckus Unleashed / ZoneDirector Backups
-
-This code works for ZoneDirector & Unleashed backups and debug logs, and also ZoneDirector Software Images.
-
-There is a faster Windows Powershell/C# version at the bottom of this page.
-
-## Ruckus Crypt bash Functions (using Python)
-
-> Python is really slow. To keep things speedy(ish), this code is more ugly and complicated than the C# version below, and uses lots of memory.
-
-```bash
-function rks_encrypt {
-RUCKUS_SRC="$1" RUCKUS_DEST="$2" python3 - <<END
-import os
-import struct
-
-input_path = os.environ['RUCKUS_SRC']
-output_path = os.environ['RUCKUS_DEST']
-
-(xor_int, xor_flip) = struct.unpack('QQ', b')\x1aB\x05\xbd,\xd6\xf25\xad\xb8\xe0?T\xc58')
-structInt8 = struct.Struct('Q')
-
-with open(input_path, "rb") as input_file:
-    with open(output_path, "wb") as output_file:
-        input_len = os.path.getsize(input_path)
-        input_blocks = input_len // 8
-        output_int = 0
-        input_data = input_file.read(input_blocks * 8)
-        for input_int in struct.unpack_from(str(input_blocks) + "Q", input_data):
-            output_int ^= xor_int ^ input_int
-            xor_int ^= xor_flip
-            output_file.write(structInt8.pack(output_int))
-        
-        input_block = input_file.read()
-        input_padding = 8 - len(input_block)
-        input_int = structInt8.unpack(input_block.ljust(8, bytes([input_padding | input_padding << 4])))[0]
-        output_int ^= xor_int ^ input_int
-        output_file.write(structInt8.pack(output_int))
-END
-}
-```
-```bash
-function rks_decrypt {
-RUCKUS_SRC="$1" RUCKUS_DEST="$2" python3 - <<END
-import os
-import struct
-
-input_path = os.environ['RUCKUS_SRC']
-output_path = os.environ['RUCKUS_DEST']
-
-(xor_int, xor_flip) = struct.unpack('QQ', b')\x1aB\x05\xbd,\xd6\xf25\xad\xb8\xe0?T\xc58')
-structInt8 = struct.Struct('Q')
-
-with open(input_path, "rb") as input_file:
-    with open(output_path, "wb") as output_file:
-        input_data = input_file.read()
-        previous_input_int = 0
-        for input_int in struct.unpack_from(str(len(input_data) // 8) + "Q", input_data):
-            output_bytes = structInt8.pack(previous_input_int ^ xor_int ^ input_int)
-            xor_int ^= xor_flip
-            previous_input_int = input_int
-            output_file.write(output_bytes)
-        
-        output_padding = int.from_bytes(output_bytes[-1:], 'big') & 0xf
-        output_file.seek(-output_padding, os.SEEK_END)
-        output_file.truncate()
-END
-}
-```
-### Decrypt a backup
-```bash
-rks_decrypt ruckus_db_073122_14_17.bak ruckus_db_073122_14_17.bak.tgz
-```
-### Re-encrypt a backup
-```bash
-rks_encrypt ruckus_db_073122_14_17.bak.tgz ruckus_db_073122_14_17.modded.bak
-```
-
-## Backup > Decrypt > Edit > Re-encrypt > Restore
-Plenty of scope for good stuff. e.g. tweaking the `metadata` file lets you...
-
-### Restore Onto Mismatched Firmware Version / Downlevel Hardware
-* Restore a backup from a previous firmware version.
-* Restore a backup from a 'bigger' model to a 'smaller' model (e.g. if you replaced an old ZD3000 with a ZD1200).
-
-```bash
-rks_decrypt zd1200_103.bak zd1200_1051.bak.tar.gz
-gunzip zd1200_1051.bak.tar.gz
-cat > metadata <<END
-PURPOSE=backup
-VERSION=10.5.1.0
-BUILD=176
-PLATFORM=COB7402
-APMODEL=ZD1200
-END
-tar uvf zd1200_1051.bak.tar metadata
-gzip zd1200_1051.bak.tar
-rks_encrypt zd1200_1051.bak.tar.gz zd1200_1051.bak
-```
-
-### Choose Passwords for Internal DPSK Users
-
-```bash
-rks_decrypt ruckus.bak ruckus.bak.tgz
-mkdir bakimg
-tar -xzvf ruckus.bak.tgz -C bakimg
-```
-
-Now edit `bakimg/etc/airespider/dpsk-list.xml` to add/remove users, change VLANs & change passwords.  
-Then...
-
-```bash
-find bakimg -printf "%P\n" | tar -czf ruckus.modded.bak.tgz --no-recursion -C bakimg -T -
-rks_encrypt ruckus.modded.bak.tgz ruckus.modded.bak
-```
-
-All done. Restore your modified backup.
-
-#### Encoding DPSK Passphrases
-
->The only tricky part is the `x-passphrase` attribute for each `<dpsk>`.  
->This needs to be ROT1 encoded, and then HTML encoded. E.g. for the passphrase:-
-
-```
-#*_ljpdRdtm/]2*i`SPSK.:%Li/aZDKts5J?pUJX+lp[t]b!RQ+,=-dmx0TE`U
-```
-
->you can run something like this:-
-
-```bash
-echo '#*_ljpdRdtm/]2*i`SPSK.:%Li/aZDKts5J?pUJX+lp[t]b!RQ+,=-dmx0TE`U' | tr ' -}' '!-~' | sed 's/&/\&amp;/g; s/</\&lt;/g; s/>/\&gt;/g; s/"/\&quot;/g; s/'"'"'/\&#39;/g'
-```
-
->to obtain the `x-passphrase`:-
-
-```
-$+`mkqeSeun0^3+jaTQTL/;&amp;Mj0b[ELut6K@qVKY,mq\u^c&quot;SR,-&gt;.eny1UFaV
-```
-
-## Ruckus Crypt PowerShell Functions (using C#)
-
->These functions are much quicker than the python functions. They use much less memory, and it's easier to see the algorithm too.   
->But if you want to process your backup for re-upload then you need to be careful to use unix line endings in a few places, so it will probably be easier to tinker in WSL if you're a Windows user.
-
-```powershell
-Add-Type -Language CSharp @"
-using System;
-using System.IO;
-namespace Ms264556
-{
-    public static class Ruckus
-    {
-        private static readonly byte[] XorBytes = new byte[] { 0x29, 0x1A, 0x42, 0x05, 0xbd, 0x2c, 0xd6, 0xf2, 0x1c, 0xb7, 0xfa, 0xe5, 0x82, 0x78, 0x13, 0xca };
-
-        public static void DecryptFile(string sourcePath, string destinationPath)
-        {
-            var inputBlock = new byte[8];
-            var previousInputBlock = new byte[8];
-            var outputBlock = new byte[8];
-
-            using (var input = File.OpenRead(sourcePath))
-            using (var output = File.Open(destinationPath, FileMode.Create))
-            {
-                int offset = 0;
-                while (true)
-                {
-                    var bytesRead = input.Read(inputBlock, 0, 8);
-
-                    if (offset > 7)
-                    {
-                        var bytesToWrite = bytesRead == 0 ? (8 - outputBlock[7]) & 0xf : 8;
-                        if (bytesToWrite > 0) { output.Write(outputBlock, 0, bytesToWrite); }
-                    }
-
-                    if (bytesRead == 0) break;
-                    if (bytesRead != 8) throw new Exception("Corrupt input file");
-
-                    for (int i = 0; i < bytesRead; i++)
-                    {
-                        outputBlock[i] = (byte)(XorBytes[offset++ % 16] ^ inputBlock[i] ^ previousInputBlock[i]);
-                        previousInputBlock[i] = inputBlock[i];
-                    }
-                }
-            }
-        }
-
-        public static void EncryptFile(string sourcePath, string destinationPath)
-        {
-            var inputBlock = new byte[8];
-            var previousInputBlock = new byte[8];
-
-            using (var input = File.OpenRead(sourcePath))
-            using (var output = File.Open(destinationPath, FileMode.Create))
-            {
-                int offset = 0;
-                while (true)
-                {
-                    var bytesRead = input.Read(inputBlock, 0, 8);
-                    if (bytesRead < 8)
-                    {
-                        byte paddingBytes = (byte)(8 - bytesRead);
-                        byte padding = (byte)(paddingBytes | paddingBytes << 4);
-                        for (int i = 0; i < paddingBytes; i++) { inputBlock[i + bytesRead] = padding; }
-                    }
-
-                    for (int i = 0; i < 8; i++)
-                    {
-                        inputBlock[i] = (byte)(XorBytes[offset++ % 16] ^ inputBlock[i] ^ previousInputBlock[i]);
-                        previousInputBlock[i] = inputBlock[i];
-                    }
-                    output.Write(inputBlock, 0, 8);
-
-                    if (bytesRead < 8) break;
-                }
-            }
-        }
-    }
-}
-"@;
-```
-### Decrypt a backup
-```powershell
-[Ms264556.Ruckus]::DecryptFile("C:\Users\Ms264556\Downloads\ruckus_db_073122_14_17.bak", "C:\Users\Ms264556\Downloads\ruckus_db_073122_14_17.bak.tgz")
-```
-### Re-encrypt a backup
-```powershell
-[Ms264556.Ruckus]::EncryptFile("C:\Users\Ms264556\Downloads\ruckus_db_073122_14_17.bak.tgz", "C:\Users\Ms264556\Downloads\ruckus_db_073122_14_17.modded.bak")
-```
diff --git a/pages/ExtractRuckusAdminUserPass.md b/pages/ExtractRuckusAdminUserPass.md
deleted file mode 100644
index d77a1d0..0000000
--- a/pages/ExtractRuckusAdminUserPass.md
+++ /dev/null
@@ -1,71 +0,0 @@
-# Extract Ruckus Unleashed / ZoneDirector passwords from Backups
-
-Use this script if you've forgotten the login details for your Ruckus Unleashed/ZoneDirector, but you have access to a backup.
-
-> If your password contained any `~` characters, these aren't stored in the backup.  
-> Hopefully the rest of the password jogs your memory enough so you can insert these in the right place.
-
-## Bash script (using Python)
-
-Paste this script into a bash shell, to create the extraction function:-
-```bash
-function ruckus_getadmin {
-RUCKUS_BAK="$1" python3 - <<END
-import io
-import os
-import struct
-import tarfile
-import xml.etree.ElementTree as ET
-
-input_path = os.environ['RUCKUS_BAK']
-
-(xor_int, xor_flip) = struct.unpack('QQ', b')\x1aB\x05\xbd,\xd6\xf25\xad\xb8\xe0?T\xc58')
-structInt8 = struct.Struct('Q')
-
-with open(input_path, 'rb') as input_file:
-    with io.BytesIO() as output_file:
-        input_data = input_file.read()
-        previous_input_int = 0
-        for input_int in struct.unpack_from(str(len(input_data) // 8) + 'Q', input_data):
-            output_bytes = structInt8.pack(previous_input_int ^ xor_int ^ input_int)
-            xor_int ^= xor_flip
-            previous_input_int = input_int
-            output_file.write(output_bytes)
-        output_file.seek(0)
-        with tarfile.open(fileobj = output_file) as tar:
-            system_xml = tar.extractfile('etc/airespider/system.xml').read()
-            tree = ET.fromstring(system_xml)
-            admin = tree.find('./admin')
-            username = admin.attrib['username']
-            x_password = admin.attrib['x-password']
-            password = ''.join(chr(ord(letter)-1) for letter in x_password)
-            print('user =', username)
-            print('pass =', password)
-END
-}
-```
-Now you can point the function at your latest backup:-
-```bash
-$ ruckus_getadmin ruckus_db_080622_16_21.bak
-user = ms264556
-pass = MyPassw0rd
-$
-```
-
-## Python aioruckus
-
-The Python [aioruckus package](https://pypi.org/project/aioruckus/) can also be used to extract Ruckus Unleashed/ZoneDirector passwords from backups.
-
-Sample Python code to do this:-
-```python
-from aioruckus import BackupSession, SystemStat
-import asyncio
-
-async def print_admin_user():
-    with BackupSession.create("<path to your ZoneDirector/Unleashed .bak file>") as session:
-        admin = (await session.api.get_system_info(SystemStat.ALL))["admin"]
-        print(f"{admin['username']}: {admin['password']}")
-asyncio.run(print_admin_user())
-```
-
-
diff --git a/pages/MakeRuckusSshUseEcdsa.md b/pages/MakeRuckusSshUseEcdsa.md
deleted file mode 100644
index b0287b1..0000000
--- a/pages/MakeRuckusSshUseEcdsa.md
+++ /dev/null
@@ -1,28 +0,0 @@
-# Change Unleashed / ZoneDirector SSH Host Key Algorithm to ECDSA
-
-Ruckus Unleashed / ZoneDirector use 2048 bit RSA SSH host keys.  
-This algorithm is deprecated, so most SSH clients will refuse to connect unless you explicitly specify `-oHostKeyAlgorithms=+ssh-rsa` on your `ssh` commandline.  
-_(If your AP / ZoneDirector is really old, you will need to specify `-oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-rsa -oCiphers=+aes256-cbc`)._
-
-Sure, you can permanently add `HostKeyAlgorithms +ssh-rsa` to your `~/.ssh/config` file.  
-But you might prefer to tweak your Unleashed or ZoneDirector to use (secure, non-deprecated) ECDSA instead...
-
-## Unleashed ECDSA SSH Host Key Procedure
-> This procedure changes only the Master AP - you will need to follow the same procedure again if another AP begins acting as Master.  
-
-[This patch](../images/unleashed.ecdsa.patch.dbg) should be uploaded as a `Preload Image` (`Admin & Services` > `Administration` > `Upgrade` > `Local Upgrade` > `Preload Image`).  
-> The upload process completes the change; no upgrade will be offered.  
-> ![](../images/Unleashed_Root_Shell.png)  
-
-Although [the patch](../images/unleashed.ecdsa.patch.dbg) can be directly downloaded and used, I recommend either [creating the patch yourself](../Scripts/create_unleashed_ecdsa_patch.sh) or [decrypting the patch](DecryptRuckusBackups.md) to verify it does only what it should.
-
-> If you run into problems and need to go back to using an RSA host key for SSH then you can apply [this patch](../images/unleashed.restore_rsa.patch.dbg) to generate a new RSA key.
-
-## ZoneDirector 1200 ECDSA SSH Host Key Procedure
-
-[This patch](../images/zd1200.ecdsa.patch.img) should be uploaded as a Software Upgrade (`Administer` > `Upgrade` > `Software Upgrade`).  
-> The upload process completes the patching; no upgrade will be offered. Instead you will receive confirmation the patch has successfully completed.  
-
-Although [the patch](../images/zd1200.ecdsa.patch.img) can be directly downloaded and used, I recommend either [creating the patch yourself](../Scripts/create_zd1200_ecdsa_patch.sh) or [decrypting the patch](DecryptRuckusBackups.md) to verify it does only what it should.
-
-> If you run into problems and need to go back to using an RSA host key for SSH then you can apply [this patch](../images/zd1200.restore_rsa.patch.img) to generate a new RSA key.
diff --git a/pages/RuckusCountryCodeChange.md b/pages/RuckusCountryCodeChange.md
index 58d07e7..f8b469d 100644
--- a/pages/RuckusCountryCodeChange.md
+++ b/pages/RuckusCountryCodeChange.md
@@ -8,17 +8,7 @@ The country cannot be changed from the Web interface, and if you try to SSH in a
 
 Fortunately, it's possible to bypass the country lock, or even turn a locked `US` AP into an unlocked `WW` AP...
 
-## Option 1: Permanently removing the country lock from an Unleashed AP
-
-[This patch](../images/unleashed.unlock.dbg) should be uploaded as a `Preload Image` (`Admin & Services` > `Administration` > `Upgrade` > `Local Upgrade` > `Preload Image`).  
-> The upload process completes the unlock; no upgrade will be offered. Simply wait a few seconds after the upload, then force-refresh your browser.  
-> ![](../images/Unleashed_Root_Shell.png)  
-> The option to change your country code will now be available at `Admin & Services` > `System` > `Country Code`
-
-You can, if you wish, [create the patch yourself](../Scripts/create_unleashed_unlock.sh).
-Alternatively, you can [decrypt the patch](DecryptRuckusBackups.md)  to verify it's only doing what it should.
-
-## Option 2: Changing the locked Country Code
+## Option 1: Changing the locked Country Code
 
 SSH into the AP (using the same credentials you use to log into the web dashboard).
 
@@ -41,7 +31,7 @@ reboot
 
 Job done.
 
-## Option 3: Permanently removing the country lock from a Solo or Standalone AP
+## Option 2: Permanently removing the country lock from a Solo or Standalone AP
 
 ### 1) Obtain a root shell
 
diff --git a/pages/StandaloneApRootShell.md b/pages/StandaloneApRootShell.md
index a6946b3..1ccc509 100644
--- a/pages/StandaloneApRootShell.md
+++ b/pages/StandaloneApRootShell.md
@@ -10,11 +10,7 @@ The encrypted serial# is saved to a file using the `Ruckus` command, then the `!
 
 Sorry, I don't have a method to bypass the serial# check on newer Standalone/Solo AP firmwares.  
 
-If your AP was released before mid-2019 then you can downgrade to an older Solo firmware. If there are no older Solo firmwares, but your AP model was supported in ZoneDirector before this date (e.g. R730) then you can download the ZoneDirector release, [decrypt the image](ZDecryptRuckusBackups.md), extract the relevant ZoneDirector AP image (e.g. using 7-Zip) and temporarily install this.
-
-For the R730, the [ZoneDirector 10.1.2.0.120](https://support.ruckuswireless.com/software/1970-zd1200-10-1-2-0-210-mr2-refresh1-software-release) firmware contains a suitable AP image at ```firmwares/ap-patch/patch000/ap-arm-11ax/10.1.2.0.120/rcks_fw.bl7.main```.
-
-Alternatively, if your AP has Unleashed firmware available then you can install and use this to [obtain a root shell](UnleashedAddRootShell.md).
+If your AP was released before mid-2019 then you can downgrade to an older Solo firmware.
 
 ## Firmware 9.8 - 112.0 (excl. 110.0.0.0.2005)
 
diff --git a/pages/StandaloneWirelessBridgeRepeater.md b/pages/StandaloneWirelessBridgeRepeater.md
deleted file mode 100644
index b6081c0..0000000
--- a/pages/StandaloneWirelessBridgeRepeater.md
+++ /dev/null
@@ -1,51 +0,0 @@
-# Enable Wireless Uplink on Solo/Standalone Ruckus APs
-
-You can use the procedure below to bridge your AP to an existing WiFi network.
-
-> NOTE: This procedure has stopped working for the latest (100.0+) firmware releases.  
-  Make sure you have a 9.6, 9.7 or 9.8 firmware installed before following these steps.
-
-This may be useful if you have wired-only devices (e.g. printers or SIP phones) but can't easily run an ethernet drop.  
-Or maybe your router's WiFi signal is weak & it has no user-accessible ethernet ports (e.g. an LTE travel router or a phone hotspot).  
-
-### Step 1: SSH to the AP
-
-```console
-$ ssh 192.168.0.1 -oKexAlgorithms=+diffie-hellman-group1-sha1 -oHostKeyAlgorithms=+ssh-rsa -oCiphers=+aes256-cbc
-```
-
-> 192.168.0.1 is the default IP address, unless the AP was able to lease another IP from a DHCP server.
-
-Login.
-
-> Default username is "super", password is "sp-admin".
-
-### Step 2: Convert WLAN "Wireless16" into an uplink
-
-Paste the following into the AP's CLI.
-
-> NOTE: you will need to modify the last two `set rpmkey` commands to contain the correct uplink SSID and passphrase for your environment.
-
-```
-set rpmkey wlans/wlan15/wlan-cipher-type 2
-set rpmkey wlans/wlan15/wlan-encrypt-state 1
-set rpmkey wlans/wlan15/wlan-encrypt-type 1
-set rpmkey wlans/wlan15/wlan-if-flags 1
-set rpmkey wlans/wlan15/wlan-init-noup 1
-set rpmkey wlans/wlan15/wlan-userdef-text WirelessBridge
-set rpmkey wlans/wlan15/wlan-wpa-type 2
-set rpmkey wlans/wlan15/wlan-wpa-eap-enable 0
-set rpmkey wlans/wlan15/wlan-type sta
-set rpmkey wlans/wlan15/wlan-state up
-set rpmkey wlans/wlan15/wlan-ssid REPLACE_ME_WITH_YOUR_SSID
-set rpmkey wlans/wlan15/wlan-wpa-passphrase REPLACE_ME_WITH_YOUR_PASSPHRASE
-reboot
-```
-
-Your AP will now reboot, and associate to the WLAN you specified in step 2.
-
-> You won't be able to choose which 5Ghz channel is used anymore. The AP will use the uplink's channel for all 5Ghz WLANs.
-
-> You can choose a different WLAN to convert, if you're already using Wireless16 for something else or you require a 2.4Ghz uplink.  
-> Just tweak the script, changing `wlan15` to whichever of `wlan0` - `wlan7` (for 2.4Ghz uplink) or `wlan8` - `wlan14` (for 5Ghz uplink) is free.
-> 
diff --git a/pages/UnleashedAddLicenses.md b/pages/UnleashedAddLicenses.md
deleted file mode 100644
index fa4ab88..0000000
--- a/pages/UnleashedAddLicenses.md
+++ /dev/null
@@ -1,13 +0,0 @@
-# Add a URL Filtering License to Unleashed
-
-Ruckus won't let you buy a URL Filtering license for your Unleashed network unless you are the original purchaser of the APs.
-
-If you have a used Unleashed AP and would like to enable URL Filtering, you may use the procedure here to apply a license.
-
-[This patch](../images/unleashed.url_filtering_license.patch.dbg) should be uploaded as a `Preload Image` (`Admin & Services` > `Administration` > `Upgrade` > `Local Upgrade` > `Preload Image`).  
-> The upload process completes the patching; no upgrade will be offered. Simply wait a few seconds after the upload, and the license should be enabled.
-> ![](../images/Unleashed_Root_Shell.png)
-
-## Creating the Patch Image yourself (from Linux or WSL)
-
-Although [the patch](../images/unleashed.url_filtering_license.patch.dbg) can be directly downloaded and used, I recommend either [creating the patch yourself](../Scripts/create_unleashed_licenses_patch.sh) or [decrypting the patch](DecryptRuckusBackups.md) to verify it does only what it should.
diff --git a/pages/UnleashedAddRootShell.md b/pages/UnleashedAddRootShell.md
deleted file mode 100644
index 6505cf4..0000000
--- a/pages/UnleashedAddRootShell.md
+++ /dev/null
@@ -1,27 +0,0 @@
-# Add a Root Shell to Ruckus Unleashed
-
-Until late 2019 you could escape from the Ruckus CLI to a root shell.  
-You can add this functionality back to your Unleashed AP, if you'd find it useful.  
-
-[This patch](../images/unleashed.root.patch.dbg) should be uploaded as a `Preload Image` (`Admin & Services` > `Administration` > `Upgrade` > `Local Upgrade` > `Preload Image`).  
-> The upload process completes the patching; no upgrade will be offered. Simply wait a few seconds after the upload, and the root shell will be available.
-> ![](../images/Unleashed_Root_Shell.png)
-
-To access the root shell from the CLI:-
-
-```console
-ruckus> enable 
-ruckus# debug 
-You have all rights in this mode.
-ruckus(debug)# script 
-ruckus(script)# exec .root.sh
-
-Ruckus Wireless Unleashed -- Command Line Interface
-Enter 'help' for a list of built-in commands.
-
-ruckus$ 
-```
-
-## Creating the Patch Image yourself (from Linux or WSL)
-
-> Although [the patch](../images/unleashed.root.patch.dbg) can be directly downloaded and used, I recommend either [creating the patch yourself](../Scripts/create_unleashed_root_patch.sh) or [decrypting the patch](DecryptRuckusBackups.md) to verify it does only what it should.
diff --git a/pages/ZD1200AddOneTimeRootShell.md b/pages/ZD1200AddOneTimeRootShell.md
deleted file mode 100644
index dee6ffd..0000000
--- a/pages/ZD1200AddOneTimeRootShell.md
+++ /dev/null
@@ -1,112 +0,0 @@
-# Add a Single Use Root Shell to ZoneDirector 1200
-
-Until late 2019 you could escape from the Ruckus CLI to a root shell.  
-You can temporarily add this functionality, without making any persistent changes to your ZD1200.  
-
-The root shell will self-destruct the first time you use it, and the ZD1200's status LED will blink red until this happens.  
-
-[This patch](../images/zd.temproot.img) should be uploaded as a Software Upgrade (`Administer` > `Upgrade` > `Software Upgrade`).  
-> The upload process completes the patching; no upgrade will be offered. Instead you will be given instructions on using the root shell.
-> ![](../images/OneTimeRootShell_NoSupport_1051.png)
-
-> If you have no Upgrade Entitlement, then a temporary entitlement will also be added to your ZD1200. This will be overwritten the next time you do an online support license check.
-
-In case you miss the instructions, to access the root shell from the CLI:-
-
-```console
-ruckus> enable 
-ruckus# debug 
-You have all rights in this mode.
-ruckus(debug)# script 
-ruckus(script)# exec .root.sh
-Ruckus Wireless ZoneDirector -- Command Line Interface
-ruckus$
-```
-
-## Creating the Patch Installation Image yourself (from Linux or WSL)
-
-> Although [the patch](../images/zd.temproot.img) can be directly downloaded and used, I recommend either creating the patch yourself or [decrypting the patch](DecryptRuckusBackups.md) to verify it does only what it should.
-
-Save the script below to e.g. `create_patched_zdimage.sh`, make it executable (e.g. `chmod +x create_patched_zdimage.sh`), then you can create an upgrade an installation image:-
-```bash
-./create_patched_zdimage.sh zd.temproot.img
-```
-
-```bash
-#!/bin/bash
-
-function rks_encrypt {
-RUCKUS_SRC="$1" RUCKUS_DEST="$2" python3 - <<END
-import os
-import struct
-
-input_path = os.environ['RUCKUS_SRC']
-output_path = os.environ['RUCKUS_DEST']
-
-(xor_int, xor_flip) = struct.unpack('QQ', b')\x1aB\x05\xbd,\xd6\xf25\xad\xb8\xe0?T\xc58')
-structInt8 = struct.Struct('Q')
-
-with open(input_path, "rb") as input_file:
-    with open(output_path, "wb") as output_file:
-        input_len = os.path.getsize(input_path)
-        input_blocks = input_len // 8
-        output_int = 0
-        input_data = input_file.read(input_blocks * 8)
-        for input_int in struct.unpack_from(str(input_blocks) + "Q", input_data):
-            output_int ^= xor_int ^ input_int
-            xor_int ^= xor_flip
-            output_file.write(structInt8.pack(output_int))
-        
-        input_block = input_file.read()
-        input_padding = 8 - len(input_block)
-        input_int = structInt8.unpack(input_block.ljust(8, bytes([input_padding | input_padding << 4])))[0]
-        output_int ^= xor_int ^ input_int
-        output_file.write(structInt8.pack(output_int))
-END
-}
-
-cat <<END >metadata
-PURPOSE=upgrade
-VERSION=10.99.99.99
-BUILD=999
-REQUIRE_SIZE=1000
-REQUIRE_VERSIONS=9.9.0.0 9.10.0.0 9.10.1.0 9.10.2.0 9.12.0.0 9.12.1.0 9.12.2.0 9.12.3.0 9.13.0.0 9.13.1.0 9.13.2.0 9.13.3.0 10.0.0.0 10.1.0.0 10.1.1.0 10.1.2.0 10.2.0.0 10.2.1.0 10.3.0.0 10.3.1.0 10.4.0.0 10.4.1.0 10.5.0
-REQUIRE_PLATFORM=nar5520
-REQUIRE_SUBPLATFORM=cob7402
-END
-
-cat <<END >all_files
-*
-END
-
-cat <<END >upgrade_check.sh
-#!/bin/sh
-support_status=\`cfg support-list.status | cut -d" " -f 2\`
-if [ ! "\$support_status" -eq "1" ] ; then
-cat <<EOF >/writable/etc/airespider/support-list.xml
-<support-list status="1">
-	<support zd-serial-number="\`cat /bin/SERIAL\`" service-purchased="802" date-start="`date +%s`" date-end="1819731540" ap-support-number="licensed" DELETABLE="false"></support>
-</support-list>
-EOF
-echo "Added Upgrade Entitlement.\n<br />"
-fi
-rm -f /writable/etc/scripts/.root.sh
-cat <<EOF >/writable/etc/scripts/.root.sh
-#!/bin/sh
-#RUCKUS#
-rm -f /writable/etc/scripts/.root.sh
-/bin/led.sh green
-/bin/stty echo
-/bin/sh
-EOF
-chmod +x /writable/etc/scripts/.root.sh
-/bin/led.sh red blink
-echo "One-time root shell activated.\n<br />Blinking your status LED red until you&apos;ve used the shell.<legend>Accessing the one-time root shell from the CLI:-</legend>\n<pre><code><span class=\"text-muted\">ruckus> </span>enable\n<span class=\"text-muted\">ruckus# </span>debug\n<span class=\"text-success\">You have all rights in this mode.</span>\n<span class=\"text-muted\">ruckus(debug)# </span>script\n<span class=\"text-muted\">ruckus(script)# </span>exec .root.sh\n\n<span class=\"text-success\">Ruckus Wireless ZoneDirector -- Command Line Interface</span>\n<span class=\"text-success\">Enter &apos;help&apos; for a list of built-in commands.</span>\n\n<span class=\"text-muted\">ruckus\$ </span></code></pre>"
-END
-
-chmod +x upgrade_check.sh
-rm -f zd.patch.tar zd.patch.tar.gz
-tar czf zd.patch.tgz metadata all_files upgrade_check.sh
-rks_encrypt zd.patch.tgz "$1"
-rm all_files metadata upgrade_check.sh zd.patch.tgz
-```
diff --git a/pages/ZD1200AddRootShell.md b/pages/ZD1200AddRootShell.md
deleted file mode 100644
index c207cae..0000000
--- a/pages/ZD1200AddRootShell.md
+++ /dev/null
@@ -1,62 +0,0 @@
-# Add a Root Shell to Ruckus ZoneDirector
-
-## ZoneDirector 10.4 - 10.5.1
-
-The procedure below permanently adds a root shell command to your ZoneDirector CLI.  
-If you prefer a temporary, one-time use, root shell then [follow the instructions here](ZD1200AddOneTimeRootShell.md).
-
-[This patch](../images/zd1200.rootshell.patch.img) should be uploaded as a Software Upgrade (`Administer` > `Upgrade` > `Software Upgrade`).  
-
-The upload process completes the patching; no upgrade will be offered. Instead you will be given instructions on using the root shell:-
-
-![](../images/Root_Support_APs_1031.png)
-
-> The upgrade will also add a temporary Upgrade Entitlement if necessary.
-
->Subsequent software upgrades will disable the root shell: you will need to re-apply this patch each time you upgrade your ZoneDirector's software.
-
-In case you miss the instructions, to access the root shell from the CLI:-
-
-```console
-ruckus> enable 
-ruckus# debug 
-You have all rights in this mode.
-ruckus(debug)# script 
-ruckus(script)# exec .root.sh
-Ruckus Wireless ZoneDirector -- Command Line Interface
-ruckus$
-```
-
-Although [the patch](../images/zd1200.rootshell.patch.img) can be directly downloaded and used, I recommend either [creating the patch yourself](../Scripts/create_zd1200_root_patch.sh) or [decrypting the patch](DecryptRuckusBackups.md) to verify it does only what it should.
-
-## ZoneDirector 9.3 - 10.3
-
-Use [CVE-2019-19834](https://alephsecurity.com/vulns/aleph-2019004#proof-of-concept):-
-
-```console
-ruckus> enable 
-ruckus# debug 
-You have all rights in this mode.
-ruckus(debug)# script 
-ruckus(script)# exec ../../../bin/sh
-
-
-Ruckus Wireless ZoneDirector -- Command Line Interface
-Enter 'help' for a list of built-in commands.
-
-ruckus$ stty echo
-ruckus$
-```
-
-## ZoneDirector 3.0 - 8.x
-
-The CLI has an unprivileged `!v54!` command which drops you straight to the root shell:-
-
-```console
-ruckus% !v54!
-ruckus% 
-```
-
-> Really though, you should just upgrade to 9.3 or later.   
-If you're still using 3.0 because upgrade functionality is broken on modern PCs then [follow the steps here](ZD1000UpgradeFromV3.md).
-
diff --git a/pages/ZD1200CreateCustomFirmware.md b/pages/ZD1200CreateCustomFirmware.md
deleted file mode 100644
index fba1b47..0000000
--- a/pages/ZD1200CreateCustomFirmware.md
+++ /dev/null
@@ -1,124 +0,0 @@
-## Create a pre-patched ZoneDirector Software Installation Image (from Linux or WSL)
-
-The script below patches a ZD1200 Software Image so that it includes a root shell, 75 AP licenses and an Upgrade entitlement ending in 2027.  
-If you already have the latest software version or you have no active support then just download, patch & apply the version you're currently running.
-
-Save the script below to e.g. `patch_zd_image.sh`, make it executable (e.g. `chmod +x patch_zd_image.sh`), then you can patch any ZD1200 installation:-
-```bash
-./patch_zd_image.sh zd1200_10.5.1.0.193.ap_10.5.1.0.193.img patched1051.img
-```
-
-I've tested the script on all currently-public ZD1200 releases (9.9 - 10.5) for both web and cli upgrades.
-
->If you decide to tweak the script, and your upgrade hangs, don't panic!  
->Probably cycling the power will bring you back to the un-upgraded software, where you can have another try.  
->Even if your ZD1200 won't come back to life, you can pull the cfcard out and re-flash with a clean image from your PC.  
->Contact me in Issues if you need me to provide you with an image to flash.
-
-```bash
-#!/bin/bash
-
-function rks_encrypt {
-RUCKUS_SRC="$1" RUCKUS_DEST="$2" python3 - <<END
-import os
-import struct
-
-input_path = os.environ['RUCKUS_SRC']
-output_path = os.environ['RUCKUS_DEST']
-
-(xor_int, xor_flip) = struct.unpack('QQ', b')\x1aB\x05\xbd,\xd6\xf25\xad\xb8\xe0?T\xc58')
-structInt8 = struct.Struct('Q')
-
-with open(input_path, "rb") as input_file:
-    with open(output_path, "wb") as output_file:
-        input_len = os.path.getsize(input_path)
-        input_blocks = input_len // 8
-        output_int = 0
-        input_data = input_file.read(input_blocks * 8)
-        for input_int in struct.unpack_from(str(input_blocks) + "Q", input_data):
-            output_int ^= xor_int ^ input_int
-            xor_int ^= xor_flip
-            output_file.write(structInt8.pack(output_int))
-        
-        input_block = input_file.read()
-        input_padding = 8 - len(input_block)
-        input_int = structInt8.unpack(input_block.ljust(8, bytes([input_padding | input_padding << 4])))[0]
-        output_int ^= xor_int ^ input_int
-        output_file.write(structInt8.pack(output_int))
-END
-}
-function rks_decrypt {
-RUCKUS_SRC="$1" RUCKUS_DEST="$2" python3 - <<END
-import os
-import struct
-
-input_path = os.environ['RUCKUS_SRC']
-output_path = os.environ['RUCKUS_DEST']
-
-(xor_int, xor_flip) = struct.unpack('QQ', b')\x1aB\x05\xbd,\xd6\xf25\xad\xb8\xe0?T\xc58')
-structInt8 = struct.Struct('Q')
-
-with open(input_path, "rb") as input_file:
-    with open(output_path, "wb") as output_file:
-        input_data = input_file.read()
-        previous_input_int = 0
-        for input_int in struct.unpack_from(str(len(input_data) // 8) + "Q", input_data):
-            output_bytes = structInt8.pack(previous_input_int ^ xor_int ^ input_int)
-            xor_int ^= xor_flip
-            previous_input_int = input_int
-            output_file.write(output_bytes)
-        
-        output_padding = int.from_bytes(output_bytes[-1:], 'big') & 0xf
-        output_file.seek(-output_padding, os.SEEK_END)
-        output_file.truncate()
-END
-}
-
-rm -rf zdimage
-mkdir -p zdimage
-
-rks_decrypt "$1" zdimage/zd.img.tgz
-
-pushd zdimage
-
-gzip -d zd.img.tgz
-tar -xvf zd.img.tar ac_upg.sh
-sed -i -e '/echo "FILE:`\/usr\/bin\/md5sum \.\/\$ZD_KERNEL`" >>\/mnt\/file_list\.txt/a \
-cd \/mnt\/etc\/persistent-scripts\
-cat <<EOF >support\
-<support-list>\
-	<support zd-serial-number="`cat \/bin\/SERIAL`" service-purchased="904" date-start="1661705940" date-end="1819472340" ap-support-number="licensed" DELETABLE="false"><\/support>\
-<\/support-list>\
-EOF\
-cat <<EOF >license-list\.xml\
-<license-list name="75 AP Management" max-ap="75" max-client="4000" value="0x0000000f" urlfiltering-ap-license="0">\
-    <license id="1" name="70 AP Management" inc-ap="70" generated-by="264556" serial-number="`cat \/bin\/SERIAL`" status="0" detail="" \/>\
-<\/license-list>\
-EOF\
-cat <<EOF >\.root\.sh\
-#!\/bin\/sh\
-#RUCKUS#\
-\/bin\/stty echo\
-\/bin\/sh\
-EOF\
-chmod +x \.root\.sh\
-tar -czf support\.spt support\
-CUR_WRAP_MD5=`md5sum \/mnt\/bin\/sys_wrapper\.sh | cut -d\x27 \x27 -f1`\
-sed -i -e \x27\/verify-upload-support)\/a \\\
-        cd \\\/tmp\\\
-        cat \\\/etc\\\/persistent-scripts\\\/support > support\\\
-        cat \\\/etc\\\/persistent-scripts\\\/license-list\\\.xml > \\\/etc\\\/airespider\\\/license-list\\\.xml\\\
-        echo "OK"\\\
-        ;;\\\
-    verify-upload-support-unpatched)\x27 -e \x27\/wget-support-entitlement)\/a \\\
-        cat \\\/etc\\\/persistent-scripts\\\/support\\\.spt > "\\\/tmp\\\/$1"\\\
-        echo "OK"\\\
-        ;;\\\
-    wget-support-entitlement-unpatched)\x27 \/mnt\/bin\/sys_wrapper\.sh\
-NEW_WRAP_MD5=`md5sum \/mnt\/bin\/sys_wrapper\.sh | cut -d\x27 \x27 -f1`\
-sed -i -e "s\/\$CUR_WRAP_MD5\/\$NEW_WRAP_MD5\/" \/mnt\/file_list\.txt' ac_upg.sh
-tar uvf zd.img.tar ac_upg.sh
-gzip zd.img.tar
-popd
-rks_encrypt zdimage/zd.img.tar.gz "$2"
-```
diff --git a/pages/ZD1200LicensesAndSupport.md b/pages/ZD1200LicensesAndSupport.md
deleted file mode 100644
index 33b4347..0000000
--- a/pages/ZD1200LicensesAndSupport.md
+++ /dev/null
@@ -1,26 +0,0 @@
-# Add Licenses and Upgrade Entitlement to ZoneDirector
-
-To prevent e-waste and save these from landfills, you may use the procedure here to enable upgrades, enable URL filtering and apply the maximum number of AP licenses to your ZoneDirector for use in a homelab or personal environment.
-
-The appropriate patch should be uploaded as a Software Upgrade (`Administer` > `Upgrade` > `Software Upgrade`):-
-
-* [ZD1000](../images/zd1000.licenses.patch.img)
-* [ZD1100](../images/zd1100.licenses.patch.img)
-* [ZD1200](../images/zd1200.licenses.patch.img)
-* [ZD3000](../images/zd3000.licenses.patch.img)
-
-The upload process completes the patching; no upgrade will be offered. Instead you will receive confirmation the patch has successfully completed:-
-
-![](../images/Support_And_Licenses_1031.png)
-
->Subsequent software upgrades will remove the patched support license: you will need to re-apply this patch each time you upgrade your ZoneDirector's software.
-
-You can, if you wish, create the patch yourself. Build scripts are here: [[ZD1000](../Scripts/create_zd1000_licenses_patch.sh)/[ZD1100](../Scripts/create_zd1100_licenses_patch.sh)/[ZD1200](../Scripts/create_zd1200_licenses_patch.sh)/[ZD3000](../Scripts/create_zd3000_licenses_patch.sh)].  
-Alternatively, you can [decrypt the patch](DecryptRuckusBackups.md) to verify it's only doing what it should.
-
-## Adding Licenses to a ZD5000 or your Unleashed network
-
-If you have a ZoneDirector 5000 then you can still add AP Licenses.  
-Follow the manual instructions here: [Add AP Licenses to a ZoneDirector](ZDAddLicenses.md)
-
-If you want to enable URL filtering on your Unleashed network, follow the instructions here: [Add Licenses to Unleashed](UnleashedAddLicenses.md)
diff --git a/pages/ZDAddLicenses.md b/pages/ZDAddLicenses.md
deleted file mode 100644
index d3e0b35..0000000
--- a/pages/ZDAddLicenses.md
+++ /dev/null
@@ -1,79 +0,0 @@
-# Manually Add AP Licenses to ZoneDirector
-
-Ruckus ships ZoneDirector controllers with a license to control a limited number of Access Points.   
-Extra APs can be controlled by purchasing and uploading a license file.  
-> Unfortunately Ruckus won't sell you AP licenses unless you are the original purchaser of the ZoneDirector.   
-
-To prevent e-waste and save these from landfills, you may use the procedure here to apply free AP licenses to your ZoneDirector for use in a homelab or personal environment.
-
->If you have a ZoneDirector 1000/1100/1200/3000 then you can add AP Licenses without having to install older software.  
->Follow the instructions here: [Add AP Licenses and Upgrade Entitlement to a ZoneDirector](ZD1200LicensesAndSupport.md)
-
-## 1) Install vulnerable firmware
-The unlocking procedure requires you to *temporarily* install an older software version.  
-Ensure the installed software was released in November 2019 or earlier. Otherwise, download an older version from [https://support.ruckuswireless.com/software](https://support.ruckuswireless.com/software) (e.g. I used 9.9.0.0.205) and do an 'upgrade' (`Administer` > `Upgrade`).
-
-> If you have already configured your ZD, then backup your configuration (`Administer` > `Back up`). Make a note of your current software version - you'll need to upgrade to this exact version to restore your configuration backup.
-
-> If you can't install firmware because your support has expired, download a 30 day support entitlement file from [https://supportactivation.ruckuswireless.com/](https://supportactivation.ruckuswireless.com/) and upload this to your ZoneDirector.  
-> Alternatively, do a factory reset (_after_ you've backed up your configuration, if you don't want to lose it!). So long as the ZD has internet access then it will grab a 30 day support entitlement.  
-> Now you can upgrade/downgrade your firmware.
-
-## 2) Obtain a root shell
-SSH into the ZD *using the same credentials you use to log into the web dashboard*, then break out to a root shell:
-
-```console
-ruckus> enable 
-ruckus# debug 
-You have all rights in this mode.
-ruckus(debug)# script 
-ruckus(script)# exec ../../../bin/sh
-
-
-Ruckus Wireless ZoneDirector -- Command Line Interface
-Enter 'help' for a list of built-in commands.
-
-ruckus$ stty echo
-ruckus$
-```
-
-> You won't be able to see yourself typing `stty echo`. Calling `stty echo` restores local echo so you can see what you're typing.
-
-## 3) Now increase your license count
-
-We're going to completely overwrite your `license-list.xml` file, so probably a good idea to copy and paste it somewhere safe in case anything goes wrong:-
-
-```console
-cat /etc/airespider-images/license-list.xml
-```
-It should look like this, unless you already bought some upgrades:-
-```xml
-<license-list name="5 AP Management" max-ap="5" max-client="2000" value="0x0000000f" />
-```
-
-So let's give ourselves 64 licenses:-
-```console
-ZD_SERIAL=$(cat /proc/v54bsp/serial) ; cat <<EOF >/etc/airespider-images/license-list.xml
-<license-list name="64 AP Management" max-ap="64" max-client="2000" value="0x0000000f">
-    <license id="1" name="59 AP Management" inc-ap="59" generated-by="264556" serial-number="$ZD_SERIAL" status="0" detail="" />
-</license-list>
-EOF
-```
-
-Your `license-list.xml` should now look like this (except with your ZD's serial number):-
-```xml
-<license-list name="64 AP Management" max-ap="64" max-client="2000" value="0x0000000f">
-    <license id="1" name="59 AP Management" inc-ap="59" generated-by="264556" serial-number="000000000000" status="0" detail="" />
-</license-list>
-```
-
-Give your ZD a reboot, and your license count should now be permanently higher:-
-```console
-reboot
-```
-
-## 4) Install a newer firmware
-If you downgraded your ZD software in order to run through this procedure, you can now upgrade your firmware again (and import your saved configuration if necessary).
-
-> It's quite likely that the older firmware won't work properly in Chrome/Edge. If you have problems then use Firefox.  
-If your firmware is really old then it's possible that even Firefox will refuse to work, because of an insecure TLS version. In this case, download and use an older Firefox release, e.g. version 40.