Just dumped a Arris TG862A, what next? - Printable Version +- Haxorware Forums (http://www.haxorware.com/forums) +-- Forum: General (http://www.haxorware.com/forums/forumdisplay.php?fid=6) +--- Forum: Modems (http://www.haxorware.com/forums/forumdisplay.php?fid=7) +--- Thread: Just dumped a Arris TG862A, what next? (/showthread.php?tid=3290) |
RE: Just dumped a Arris TG862A, what next? - ciaby - 23-09-2014 (23-09-2014, 05:16 AM)sixteen Wrote: If you or talking a bout forceware it self, its not supported.Ok, that's what I wanted to know. Anyway, I managed to dump the firmware, extract the U-boot Multi File, extract the SquashFS partition (actually, both of them), patch /etc/inittab (replace the silly CLI with /bin/ash), re-pack everything and re-flash it, trace the UART port on the board and get a root shell. I'm getting there Now, time to sleep... If someone's interested, I can document all the steps. Cheers! Ciaby RE: Just dumped a Arris TG862A, what next? - pidiware - 23-09-2014 (23-09-2014, 09:45 AM)ciaby Wrote:(23-09-2014, 05:16 AM)sixteen Wrote: If you or talking a bout forceware it self, its not supported.Ok, that's what I wanted to know. Can you explain how you did it? RE: Just dumped a Arris TG862A, what next? - kapec - 08-01-2015 This arris firmware is a compleate junk. Not to mention they put their custom additions everywhere, theyve also added 2 password sets to protect the modem. One of them is widely known arris password of the day, the second one is called a cm password. Arris pwod can be generated using a public tool, but it seems they are now changing password seed, so the password u generate will not be valid. No biggie, all it does is that it gives you access to cm page with some technical info. The other password is needed for accessing modems cli. Well, theres something to care about, like the ability to change mac address, right? After taking a quick look-the password is generated from modem serial number, then hashed at hmac function, then theres some byte shifting. Since iam just lazy i just patched them both lol. Btw, iam looking for some newer firmware revisions, like 2014 ones would be helpful. RE: Just dumped a Arris TG862A, what next? - pitbulldog911 - 09-01-2015 (08-01-2015, 11:27 PM)kapec Wrote: This arris firmware is a compleate junk. Not to mention they put their custom additions everywhere, theyve also added 2 password sets to protect the modem. i happen to have cm820a 2013 -2014 fermware just its on modem lol RE: Just dumped a Arris TG862A, what next? - kapec - 09-01-2015 Thanks, i need tg862 firmware, the other models wont work well because they dont support integrated ethernet switch :/ RE: Just dumped a Arris TG862A, what next? - vermzin - 12-05-2015 (23-09-2014, 05:41 PM)pidiware Wrote:(23-09-2014, 09:45 AM)ciaby Wrote:Can you help us to unpack/repack the modem firmware?(23-09-2014, 05:16 AM)sixteen Wrote: If you or talking a bout forceware it self, its not supported.Ok, that's what I wanted to know. RE: Just dumped a Arris TG862A, what next? - christianrodher - 18-05-2015 (22-09-2014, 05:06 PM)ciaby Wrote: Hi there! I'm very new to cable modem hacking. I just made a dump of the SPI flash inside a TG862A. Using binwalk and the firmware-mod-kit, I managed to extract the two filesystems. I also tried to modify /etc/passwd and point the root shell to /bin/sh, but of course it didn't work... can you send me the dumb... i want to extract it and see what i find... trying to find the oid to put them in factory via snmp. RE: Just dumped a Arris TG862A, what next? - KCO - 18-05-2015 and they tried to put forceware? RE: Just dumped a Arris TG862A, what next? - joepanda - 12-05-2016 (08-01-2015, 11:27 PM)kapec Wrote: This arris firmware is a compleate junk. Not to mention they put their custom additions everywhere, theyve also added 2 password sets to protect the modem. Hello, i'm trying to get access to the busybox, but i need the password, could you share the chunk of code where is generated the password? (to see the algorithm) so i could generate the password from my modem's serial. RE: Just dumped a Arris TG862A, what next? - jd02902 - 26-05-2016 (12-05-2016, 04:34 PM)joepanda Wrote:Hi, I don't know the answer to what you're asking but since you were able to make the dump, can I ask you how you opened the modem in the first place? I've unscrewed all the screws I could see holding the modem, two upper corner screws and two screws on the bottom of the modem. I just can't seem to take the outter enclosure apart. I need to get to the internals to try to make a dump. Please provide some detailed guide and pictures do help me alot. Thanks fellow memebers.(08-01-2015, 11:27 PM)kapec Wrote: This arris firmware is a compleate junk. Not to mention they put their custom additions everywhere, theyve also added 2 password sets to protect the modem. |