Thread Rating:
  • 1 Vote(s) - 1 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Telnet Commands
#1
-----------------------------------
stop scanning frequency
----------------------------------
cd /d
scan_stop
or
cd /cm
scan_stop
-----------------------------------
start scanning frequency
-----------------------------------
cd /d
goto_ds 327 (will be 327 Mhz, and if not hitch continues scanning)
---------------------
show HFC IP
---------------------
cd /d
ip_show
or:
cd /ip
lease_show
------------------------------------------------------------
Show information about registered modem
------------------------------------------------------------
cd /d
modem_caps
-----------------
clear logs
-----------------
cd /e
flush
------------------------------
disable snmp filters
------------------------------
cd /s
filters off
yes
----------------------------------
set snmp to NoAccess
----------------------------------
cd /s
view_v1v2 NoAccess
----------------------------------
show snmp information
----------------------------------
cd /s
n2m
y
-------------------------
Hide System OID
-------------------------
cd /s
delete sysDescr
write
-------------------------------
print certificate values
-------------------------------
cd /n/b
print private
print public
print root
print cm_cert
print ca_cert
------------------------------------
change certificate values
------------------------------------
cd /n/b
change_key public
change_key private
change_key root
change_key cm_cert
change_key ca_cert
write
----------------------------------------------------------
place root or ca_cert in dynamic memory
----------------------------------------------------------
cd /n/b
key_location root false
key_location ca_cert false
write
---------------------------------------
set frequency and channel
---------------------------------------
cd /n/d
ds_frecuency xxx <- your weightings in mhz
us_channel x <- your number of channel
write
-------------------------------------------------------------
change the start up downstream frequency
-------------------------------------------------------------
cd /n/d
startup_dsfreq xxxxxx
cd ..
write
---------------------------------
activating DOCSIS 1.1
---------------------------------
cd /n/d
enable docsis11 true
write
-------------------
disable bpi
-------------------
cd /n/d
enable bpi false
write
-------------------
enable bpi+
-------------------
cd /n/d
enable bpi true
bpi_version 1
write
-------------------
disable bpi+
-------------------
cd /n/d
enable bpi true
bpi_version 0
write
-------------------------
change tftp info
-------------------------
cd /n/d
enable force_cfgfile true
dhcp_settings
My IP Address: [192.168.100.1] {hit enter}
Subnet Mask: [255.255.255.0] {hit enter}
Router IP Address: [192.168.100.254] {hit enter}
Those are the only 3 that really need to be changed.
Do you want to change the other settings? [no] (hit Y}
TFTP Server IP Address: [10.10.10.254] type in the IP of your TFTP server here
Config file name: [cm.bin] {type config file}
Time Server IP Address: [10.10.10.254]
SysLog Server IP Address: [10.10.10.254]
----------------------------
change the tuner
----------------------------
cd /n/h
cm_tuner xx (xx its share)
write
---------------------------------------------
change the annex for your area
---------------------------------------------
cd /n/h
annex_ # (# = A -> EuroDOCSIS, B -> DOCSIS, C -> more)
cm_annex @ (@ = 1 -> Annex A, 0 -> Annex B, 2 - Annex C, 3 hybrid)
Write
(It is necessary to change the cm_annex if you change the annex)
---------------------------------
change Ethernet MAC
---------------------------------
cd /n/h
mac_address 2 aa:bb:ccBig Grind:ee:ff
write
---------------------------
change USB MAC
---------------------------
cd /n/h
usb_mac_address aa:bb:ccBig Grind:ee:ff
write
------------------------------
change the HFC MAC
------------------------------
cd /
write_memory 2155776876 0x11
write_memory 2155776877 0x22
write_memory 2155776878 0x33
write_memory 2155776879 0x44
write_memory 2155776880 0x55
write_memory 2155776881 0x66
cd /n
write
or
Assuming our MAC address is AA:BB:CCBig GrinD:EE:FF, enter:
write_memory -s 4 0x807e8b98 0xAABBCCDD
write_memory -s 2 0x807e8b9c 0xEEFF
or
cd n/h
mac_address 1 aa:bb:ccBig Grind:ee:ff
cd /n
write
-----------------------------------
show the current state
-----------------------------------
cd /n/h
show
or:
cd /n/d
show
------------------------------
enable telnet access
------------------------------
cd /n/m
enable_telnet true
write
----------------------------------------------------------
change the username and pass for telnet
----------------------------------------------------------
cd /n/m
user_name <your desired username here>
password <your desired password here>
write
-----------------------------------------
diable external telnet access
-----------------------------------------
cd /n/m
telnet_ipstacks 2
write
--------------------------------
stealth snmp settings
--------------------------------
cd /n/s
max_dload_tries 0
hide_ipstack_ifentries true
docsDevSwAdminStatus 3
docsDevSwOperStatus 2
diag_disable_post_reg true
write
------------------------------------------------------
old stealth mode (release hfc ip lease)
------------------------------------------------------
cd /ip
ipconfig 1 release
Knowledge=Power
Reply
#2
abmjr this command are good,but we need telnet hack also or is a big lye telnet hack??? xd
Reply
#3
JR, maybe you can help, I read a thread somewhere where someone posted the TELNET commands to fool the CMTS into pushing a modem "updated" firmware but now I cant find it, something like spoofing your firmware id all the way from bpi0 to + (along with the firmware id the CMTS expects to see) and rebooting the modem in between or some shit like that.. does someone have it they can PM to me, if not I will keep searching but for the life of me I cant remember where I saw it, and I was sure I had saved it but I have yet to find it in my folder of scattered c/p's

by the way, you forgot the TELNET hack Trick for dragonlord

at Command prompt type in telnet <enter> then O <enter> then towel.blinkenlights.nl
Reply
#4
xdddd
Reply
#5
Nevermind, I found it, Thanks...

Gotta love how sometimes you find a diamond in the rough in one of JR's posts, even in hijacked threads... so don't always go off the title of a thread folks!

One thing I learned.... "Read it ALL" even if it doesn't pertain to your particular scenario.... because one day, it just might!
Reply
#6
OMG...

WHY ARE YOU FUCKING STILL BEGGING FOR THAT GODDAMNED EXPLOIT????


Forget you ever heard about it...If you can't go back through a certain person's posts and piece it together then you aren't able tothink outside the damn box anyways.


You do not need it. Just read, test,and do it again till you figure it out. This isn't THAT hard! I can test in high security and I can't even use my wife's android phone w/o wanting to throw it in the damn ocean! lmao

modembricker certainly understands how this is done now.
Reply
#7
Forget you ever heard about it...If you can't go back through a certain person's posts and piece it together then you aren't able tothink outside the damn box anyways.

whos this certain person ?? ill read his posts lol
Reply
#8
It's a great piece of trolling bait...

old thread, old bs.

Just study your logs and figure out what they mean
Reply


Forum Jump:


Users browsing this thread: 4 Guest(s)