Here's a list of files in the internal memory of the router:
http://pastebin.com/JZt2yTxE
Also, I don't seem to have root access since the shell is started from the ATP console thats logged in from a non root user. Thats why when I do " ls" in some dir's there's no files inside, but from the file list i got there are files inside!
I'm also messing with adb to try to get this router ROOTED (oh android, you're everywhere)!
segunda-feira, 12 de setembro de 2016
quarta-feira, 7 de setembro de 2016
Huawei e5172 Router - Messing with it
The other day a friend of mine found a router just like the one i have, but it didn't have the front plastic cover, the Ethernet port was broken and it was full of dirt?
Anyways, since I like to get my stuff unlocked, but i dont want to break them, i asked him if he could give it to me for doing some experiments :D
(Yah the router had the ethernet port broken xD)
After googling around I found a way to get this (and many more) routers from huawei sim unlocked.
Just go to here http://huaweicodecalculator.com/new-algo/, login with your google account (yep seems weird, so maybe dont use your main account) then enter your imei and your router model, "+1" their page and you get a few codes.
Now in the router insert a different network sim card WITH PIN CODE DISABLED, power it on and go to the Web Interface ( http://192.168.1.1 ) and enter your username and password (admin ) and it will ask you for the network code, use the "NEW ALGO CODE" to unlock it.
Well one barrier down, now let's see if I can get a Global firmware, since the firmware from my isp is somewhat locked.
I've tried using the multicast upgrade tool to install, but with a weird result.
I might have mixed 2 firmwares and the router entered in "equipment mode" with a Blue and Pink power LED.
Googling a bit more I found this great blog about the B593 (which is VERY similar in terms of firmware, i even got ssh access to my router and found some files called B593 in a E5172), and this guy also bricked his router. He also had a fix, but it was risky since it was a different router.
https://blog.hqcodeshop.fi/archives/305-De-bricking-a-B593-s22.html
Anyway I tried and.... it worked. I was back in action, but while i was in Equip. mode i had free access to telnet and got the ssh password.
Thats located in "/var/sshusers.cfg". I also messed around with "/app/curcfg.xml" and found the "Superuser" account. The password is encripted but I already know the admin password, right? So i copied the admin password to the superuser field and went to the web interface: "Superuser" "admin". Voila i'm in. I got access to some more options like the remote management that the isp uses.
I also did a backup of the config file through the web interface, don't know if it works and changes the password. LINK
This time I read about getting the firmware update with a modified firmware (at 4pda.ru) ,simply editing the number inside the BIN file with notepad++, just change the number after V200R01C** to match the one you currently have, and upload through the web interface
In my case i used the " E5172As-22_MPWUDPUPDATE_V200R001C00SP201_Universal "
Here's the firmware for my operator NOS with fw SP58 LINK , this will update to a global firmware the router and allow to isntall any version. WARNING: you might no longer login through the web with this firmware if you dont have Superuser working!!!
Also I tried to use RS232 or UART and it seems that the TX pin connects to a IC that isnt there... so no access :(
https://exelab.ru/f/index.php?action=vthread&forum=5&topic=22698&page=1 -talking about how to crack the password encription but its in russian and translator fails sometimes
http://blog.asiantuntijakaveri.fi/2013/08/gaining-root-shell-on-huawei-b593-4g.html -possible getting commands to work. Only some version have this flaw
Anyways, since I like to get my stuff unlocked, but i dont want to break them, i asked him if he could give it to me for doing some experiments :D
(Yah the router had the ethernet port broken xD)
After googling around I found a way to get this (and many more) routers from huawei sim unlocked.
Just go to here http://huaweicodecalculator.com/new-algo/, login with your google account (yep seems weird, so maybe dont use your main account) then enter your imei and your router model, "+1" their page and you get a few codes.
Now in the router insert a different network sim card WITH PIN CODE DISABLED, power it on and go to the Web Interface ( http://192.168.1.1 ) and enter your username and password (admin ) and it will ask you for the network code, use the "NEW ALGO CODE" to unlock it.
Well one barrier down, now let's see if I can get a Global firmware, since the firmware from my isp is somewhat locked.
I've tried using the multicast upgrade tool to install, but with a weird result.
I might have mixed 2 firmwares and the router entered in "equipment mode" with a Blue and Pink power LED.
Googling a bit more I found this great blog about the B593 (which is VERY similar in terms of firmware, i even got ssh access to my router and found some files called B593 in a E5172), and this guy also bricked his router. He also had a fix, but it was risky since it was a different router.
https://blog.hqcodeshop.fi/archives/305-De-bricking-a-B593-s22.html
Anyway I tried and.... it worked. I was back in action, but while i was in Equip. mode i had free access to telnet and got the ssh password.
Thats located in "/var/sshusers.cfg". I also messed around with "/app/curcfg.xml" and found the "Superuser" account. The password is encripted but I already know the admin password, right? So i copied the admin password to the superuser field and went to the web interface: "Superuser" "admin". Voila i'm in. I got access to some more options like the remote management that the isp uses.
I also did a backup of the config file through the web interface, don't know if it works and changes the password. LINK
This time I read about getting the firmware update with a modified firmware (at 4pda.ru) ,simply editing the number inside the BIN file with notepad++, just change the number after V200R01C** to match the one you currently have, and upload through the web interface
In my case i used the " E5172As-22_MPWUDPUPDATE_V200R001C00SP201_Universal "
Here's the firmware for my operator NOS with fw SP58 LINK , this will update to a global firmware the router and allow to isntall any version. WARNING: you might no longer login through the web with this firmware if you dont have Superuser working!!!
Also I tried to use RS232 or UART and it seems that the TX pin connects to a IC that isnt there... so no access :(
https://exelab.ru/f/index.php?action=vthread&forum=5&topic=22698&page=1 -talking about how to crack the password encription but its in russian and translator fails sometimes
http://blog.asiantuntijakaveri.fi/2013/08/gaining-root-shell-on-huawei-b593-4g.html -possible getting commands to work. Only some version have this flaw
Subscrever:
Mensagens (Atom)