+- Haxorware Forums (http://www.haxorware.com/forums)
+-- Forum: General (http://www.haxorware.com/forums/forumdisplay.php?fid=6)
+--- Forum: Modems (http://www.haxorware.com/forums/forumdisplay.php?fid=7)
+--- Thread: password retrieval using winhex (/showthread.php?tid=4657)
password retrieval using winhex - doctor - 19-05-2017
Hey I need some help retrieving a password to get into the modems menus accessed by the isp. To login I use username: cusadmin and password :password . this gets me into the regular menus that customers are able to change wifi names and passwords and things like that. The isp uses the following to login :rogcesadmin (mso) password :nas00Rn7TU
dpc3825 cisco
here is a pic of what it looks like in winhex
.º..CMAp.......gMLog....cusadmin..password..rogcesadmin..nas00Rn7TU.admin...........W2402.......
so now im trying on the new cm which is a Hitron and I cant locate it . It may be encrypted , can someone just verify that and if it is how to decrypt
here is a pic of the hitron thru winhex
usb_enable true.console_mode disable.um_auth_account_name admin rogcesadmin.um_auth_account_password admin $1$ruUpQ3hH$7JYDTzc7/BwZ6/5r0mGvh0.um_auth_account_enable admin true.um_auth_account_name user1 cusadmin.um_auth_account_password user1 $1$ruUpQ3hH$NxgCJUb5ELLu5DR6CkevM0.um_auth_account_enable user1 true.um_auth_account_name user2 rmadmin.um_auth_account_password user2 $1$ruUpQ3hH$q86VIGg7Hqkee2slmvrH7/.um_
any chance of getting it ?
RE: password retrieval using winhex - newname - 19-05-2017
Orange County will say, "did you call your ISP"........
RE: password retrieval using winhex - doctor - 19-05-2017
(19-05-2017, 11:34 PM)newname Wrote: Orange County will say, "did you call your ISP"........
I know right. can someone actually verify if hes human or just a bot
RE: password retrieval using winhex - newname - 20-05-2017
Gotta' be a bot.....gotta' be......
RE: password retrieval using winhex - occalifornia - 22-05-2017
(19-05-2017, 11:34 PM)newname Wrote: Orange County will say, "did you call your ISP"........
I know, fuck me for not being an accessory to theft of service, right?
Also, my name isn't orange county. it's oc like overclock / overclocking. overclockingcalifornia was too long of a name.
RE: password retrieval using winhex - McAdams - 22-05-2017
OC overlocked the modified CM market in California and wants to protect his business (-;
RE: password retrieval using winhex - occalifornia - 22-05-2017
(22-05-2017, 03:52 PM)McAdams Wrote: OC overlocked the modified CM market in California and wants to protect his business (-;
lol i would never sell this stuff. there would be too much liability, and the government would easily go after a programmer like mgnforce, a seller like the guys on ebay or craigslist -- way before they go for a private home user. (similar to how LEO goes after SCENE rippers and seeds on P2P rather than the guy at home downloading the movie).
If you read the ToS thread, I clearly state why I'm active in flagging theft of service.. the less of it there is, the less scrutiny legitimate users will face.
If users here post more legal or reasonably assumed to be non-illicit posts, I would be happy to contribute. This thread seems OK
, which is why I've only spoken up when I was referenced.Good luck finding a solution to OP's question. I'm sure the community would benefit from it!
RE: password retrieval using winhex - McAdams - 23-05-2017
(19-05-2017, 11:19 PM)doctor Wrote: Hey I need some help retrieving a password to get into the modems menus accessed by the isp. To login I use username: cusadmin and password :password . this gets me into the regular menus that customers are able to change wifi names and passwords and things like that. The isp uses the following to login :rogcesadmin (mso) password :nas00Rn7TU
dpc3825 cisco
here is a pic of what it looks like in winhex
.º..CMAp.......gMLog....cusadmin..password..rogcesadmin..nas00Rn7TU.admin...........W2402.......
so now im trying on the new cm which is a Hitron and I cant locate it . It may be encrypted , can someone just verify that and if it is how to decrypt
here is a pic of the hitron thru winhex
usb_enable true.console_mode disable.um_auth_account_name admin rogcesadmin.um_auth_account_password admin $1$ruUpQ3hH$7JYDTzc7/BwZ6/5r0mGvh0.um_auth_account_enable admin true.um_auth_account_name user1 cusadmin.um_auth_account_password user1 $1$ruUpQ3hH$NxgCJUb5ELLu5DR6CkevM0.um_auth_account_enable user1 true.um_auth_account_name user2 rmadmin.um_auth_account_password user2 $1$ruUpQ3hH$q86VIGg7Hqkee2slmvrH7/.um_
any chance of getting it ?
What hitron are U working on?
RE: password retrieval using winhex - doctor - 23-05-2017
hitron CGN3 , there is a lot of info in the dump I'm just trying to figure it out. I just found that telnet is active by this section in the dump:
.ddns_enable false.telnet_enable true.ssh_enable true.cwmpd_enable false.cwmpd_acsurl http://hitron.acs.clearaccess.com.cwmp
but not sure how to get . I also found another password
username admin251134040788.cwmpd_cntreq_passwd OneAcsToRuleThemAll.
hahah "onceAcstoRuleThemALL" what the hell is that
RE: password retrieval using winhex - occalifornia - 23-05-2017
Can you post a full copy of the dump? That might help!