Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Need Advice..
#1
Smile 
Hi guys im a noob need advice and bit explanations...

I have 2 modems EPC2100R2 (haxorware r39) and DPC2100R3 (stock). For about 2 years i was running on modded nicely until 3 days ago it stops and says auth reject on the logs with TLV-11 bad OID things. So now im running with my stock version which is slow as hell.

I tried to change bpi + docsis 1.1 and signal is locked but stuck on ranging complete wherenever it says sending registration it shows auth reject permanent blabla... so i think this happened because i dont have valid certs. i did try to copy my stock mac to hax but the error remains the same... the questions is if it possible to use the stock mac to hax and untick firmware upgrade as well enable SNMP after registration?? i want to trick CM to send valid certs, does this exposing my installed hax to cc?
Reply
#2
CM never send certs. certs are born and made at the time of production...

Unless you know CC really well, your done testing

CC will co-sign valid certs with a new MFC cert, but only if the CM is provisioned and the certs are valid. Unless you do the TELNET trick...
Knowledge=Power
Reply
#3
(12-10-2013, 03:13 PM)ABMJR Wrote: CM never send certs. certs are born and made at the time of production...

Unless you know CC really well, your done testing

CC will co-sign valid certs with a new MFC cert, but only if the CM is provisioned and the certs are valid. Unless you do the TELNET trick...

hmmm.. so basically haxorware has self-generated certs?? if CM do "signing" my certs so auth rejects has 2 meanings either they cant do signing because im blocking SNMP or my certs doesn't contain valid information regarding to the HFC mac?? please correct me if im wrong. can i re-generate certs from telnet? thanks
Reply
#4
Haxorware and its self signed certs are useless. Who said anything about Haxorware having certs. Its a GUI. Nothing more. You people amaze me with the questions. HAXORWARE is a small modified GUI over the shell of the firmware. Certs are made at birth/production. I have said, if you have a valid virgin bin, you can force the CMTS to provision you in an un-official way. I do not post this telnet command as it will be abused.

No to your question...
Knowledge=Power
Reply
#5
Auth Reject means you swapped the mac and that killed the corresponding certs which means w/o a backup of the original certs you will just range forever in BP+ because you cannot show the proper license to be on the network. You are on CC and you just now got bpi??? wow.

There is no simple way to test CC anymore. No Modded firm by itself will get you what you want nowadays. Wish I had a better answer for you, but there just isn't one. It's a long, arduous journey through countless hours of reading and testing to get there....especially on CC.
Reply
#6
The certs dont get "killed" they are the wrong values for the HFC MAC used. Change the HFC MAC back to the original and the certs will be mated to them and correct. Then you get the provisioning page
Knowledge=Power
Reply
#7
(12-10-2013, 07:25 PM)ABMJR Wrote: Haxorware and its self signed certs are useless. Who said anything about Haxorware having certs. Its a GUI. Nothing more. You people amaze me with the questions. HAXORWARE is a small modified GUI over the shell of the firmware. Certs are made at birth/production. I have said, if you have a valid virgin bin, you can force the CMTS to provision you in an un-official way. I do not post this telnet command as it will be abused.

No to your question...

hax looks like tomatos Big Grin.. i created my own serial jtag and dump the bin long time ago before i play with mac addresses.

look i dont want to play with alll this stuff either, is just that im not in the country where you get reasonable price for internet and speed. Here im paying almost $50 and im getting 384kbps and i cant even have other isp to come in my area because of "monopoly" and that gives me no option. i think this is a rip-off ISP period

I have 2 kids and making just enough money to make a living and pay what its worth to pay.. i rather feed my kids than having internet if it's not because of job. Back then i spoof mac just for 1mbps while i can go for much more.. i know very well when enough is enough.. i dont have the greed like nowadays kids Smile i just want to get enough speed with reasonable price and speed so im referring the price of the other isp here.. questions is how much will i get for $50?? that's about it.

So im not asking how to and tutorials either i just need enough clues, good hints..

thank you for your answers btw somehow its helpful
Reply
#8
(12-10-2013, 10:39 PM)ABMJR Wrote: The certs dont get "killed" they are the wrong values for the HFC MAC used. Change the HFC MAC back to the original and the certs will be mated to them and correct. Then you get the provisioning page

i changed to original address and it's stuck on ranging complete well i think it's because im not listed in the database so it wont register. btw i have your un-documented telnet pdf but i havee nooo idea how... anyways i scan my network through snmp and got thousands of new macs and sn...

this is bit confusing.. i tried to retrieve my original hax certs with snmp and edit the bin just to check whether it has valid/same mac on it and it does.. so if i change mac through ui and get cert then modify it would it work?
Reply
#9
Change what MAC and what certificate? Makes no sense
Knowledge=Power
Reply
#10
when you change the mac addy without uploading the original bpi keys you get "ranging forever". when you change the mac addy back it will not work. You must upload either the 5 original keys or upload the original nonvol to be bpi+ compliant. If you get all lights operational then the certs are good. good certs does not mean you will get online. Good certs will allow the cm to be provisioned on the network. good certs only gets you to the doorman, you still need to be on the guest list to get in the club.
Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)