+- Haxorware Forums (http://www.haxorware.com/forums)
+-- Forum: General (http://www.haxorware.com/forums/forumdisplay.php?fid=6)
+--- Forum: Modems (http://www.haxorware.com/forums/forumdisplay.php?fid=7)
+--- Thread: how to dump firmware from broadcom based modems (/showthread.php?tid=5323)
Pages:
1
2
RE: how to dump firmware from broadcom based modems - doctor - 27-07-2017
I successfully removed the certs for you , I will send you a link within the hour
file sent , check it out and let me know how it turned out.
RE: how to dump firmware from broadcom based modems - jofre - 27-07-2017
thank you, I got them
they look fine, compared to the originals, right size and ca.cer and cm.cer are opening
what concerns me is that my cmnonvol is not working...did you do anything unusual other than -f filename -e?
could you send me a copy of your cmnonvol?
did you try extracting the nonvol_haxor2.bin file?
no need to send me the certs, just want to know if they came out ok
RE: how to dump firmware from broadcom based modems - doctor - 27-07-2017
I've sent you haxor2 , I didnt do anything out of the ordinary to extract files I just used -e -f . All the other files you sent are no good.
RE: how to dump firmware from broadcom based modems - jofre - 27-07-2017
that's the output I got when I try here:
F:\cmnonvol teste>cmnonexp2mb.exe -f nonvol_haxor.bin -e
cmnonexp (CableModem non-volatile explorer for BCM3348/BCM3349)
Version: 1.1.1 (Apr 20 2009 17:57:34)
©2008-2009 under GPLv3 by qingpu & raikol
Read 32768 bytes from file nonvol_haxor.bin
F:\cmnonvol teste>cmnonexp2mb.exe -f nonvol_haxor2.bin -e
cmnonexp (CableModem non-volatile explorer for BCM3348/BCM3349)
Version: 1.1.1 (Apr 20 2009 17:57:34)
©2008-2009 under GPLv3 by qingpu & raikol
Read 32768 bytes from file nonvol_haxor2.bin
with another version:
Code:
F:\cmnonvol teste>cmnonexpv1.1.1.exe -f nonvol_haxor.bin -e
cmnonexp (CableModem non-volatile explorer for BCM3348/BCM3349)
Version: 1.1.1 (May 24 2009 22:28:34)
(c)2008-2009 under GPLv3 by qingpu & raikol
Read 327 bytes from file nonvol_haxor.bin
0x00CA:(202) ---> Start new non-volatile nonvol <---
0x00CC:Length:0x2EB4 (11956)
0x00CE:CRC32-Motorola:0xC8C69FC5 (-926507067)
Non-volatile nonvol length: 0x2EB4 (11956) at offset: 0x00CA
Calculate CRC: 0xC8C69FC5
CRC OK!!!
CM Application NonVol Settings found!
0x00D2:CMAp Size:0x0009 (9)
0x00D4:CMAp Magic:0x434D4170 ('CMAp')
Message Logging NonVol Settings found!
0x00DB:MLog Size:0x003C (60)
0x00DD:MLog Magic:0x4D4C6F67 ('MLog')
HalIf NonVol Settings found!
0x0117:HalIf Size:0x00BE (190)
0x0119:HalIf Magic:0xF2A1F61F (' ')
0x0123:MAC address for IP Stack 1:00:11:AE:A5:72:0C
0x0129:MAC address for IP Stack 2:00:4F:9F:35:61:25
0x012F:MAC address for IP Stack 3:00:20:40:DE:AD:03
0x0135:MAC address for IP Stack 4:00:20:40:DE:AD:04
Factory NonVol Settings found!
0x01D5:FACT Size:0x0023 (35)
0x01D7:FACT Magic:0x46414354 ('FACT')got certs but with wrong size:
wtf
thank you, doctor
the one you sent me is working
it's a different version
if anyone is having similar issues, avoid these:
cmnonexpv1.1.1.exe
cmnonexp2mb.exe
working version: cmnonexp101.exe
cmnonexp101_win32.rar (Size: 594.6 KB / Downloads: 116)
RE: how to dump firmware from broadcom based modems - doctor - 27-07-2017
Glad to help .
RE: how to dump firmware from broadcom based modems - legendofsounds - 28-07-2017
(27-07-2017, 11:48 PM)doctor Wrote: Glad to help .
thats whats up i had the same issue
and now its solved thanks bro...
i like when i see others helping out +1