27-10-2011, 05:27 PM
(27-10-2011, 02:22 AM)snoop911 Wrote: Anyone running a SB5100 modem with custom firmware (SB5100MoD.1.0.4, SIGMAX-BL_v2.6-LITE, etc) booting a business config image from flash, will soon realize that TWC is now using DOCSIS 1.1 (Baseline Privacy Plus Interface 56-bit dec encryption (BPI+)), and that simply telneting and dis/enabling BPI+ in the modem is pointless.
By linking digital certificates to the modem's key and mac address, this effectively stops cloning hfc macs since it does not pass authentication (Reject(pk), Reject(kek) or Reject(tek))
For some great info on this:
http://docsis.beckitrue.com/documents/ci...lchart.pdf
http://www.defcon.org/images/defcon-16/d...6-self.pdf
I'm guessing there will be a surplus of cheap modems out there now, and armed with a jtag adapte, can the hardware be repurposed for something else? Is there a processor/fpga that can execute custom logic?
We have been discussing TWC upgrades for a few months now:
http://www.haxorware.com/forums/thread-947.html
I heard from a local PC tech in nearby West LA, that someone has written his own flash program that enables the use of any Broadcom 3348 chipped modem to work on TWC without the use of any certs...even in Doc1.1 areas. I have yet to get in touch with this person or tested his program.