Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
password retrieval using winhex
#1
Hey I need some help retrieving a password to get into the modems menus accessed by the isp. To login I use username: cusadmin and password :password . this gets me into the regular menus that customers are able to change wifi names and passwords and things like that. The isp uses the following to login :rogcesadmin (mso) password :nas00Rn7TU

dpc3825 cisco

here is a pic of what it looks like in winhex

.º..CMAp.......gMLog....cusadmin..password..rogcesadmin..nas00Rn7TU.admin...........W2402.......

so now im trying on the new cm which is a Hitron and I cant locate it . It may be encrypted , can someone just verify that and if it is how to decrypt
here is a pic of the hitron thru winhex

usb_enable true.console_mode disable.um_auth_account_name admin rogcesadmin.um_auth_account_password admin $1$ruUpQ3hH$7JYDTzc7/BwZ6/5r0mGvh0.um_auth_account_enable admin true.um_auth_account_name user1 cusadmin.um_auth_account_password user1 $1$ruUpQ3hH$NxgCJUb5ELLu5DR6CkevM0.um_auth_account_enable user1 true.um_auth_account_name user2 rmadmin.um_auth_account_password user2 $1$ruUpQ3hH$q86VIGg7Hqkee2slmvrH7/.um_

any chance of getting it ?
Reply
#2
Orange County will say, "did you call your ISP"........
Reply
#3
(19-05-2017, 11:34 PM)newname Wrote: Orange County will say, "did you call your ISP"........

I know right. can someone actually verify if hes human or just a bot
Reply
#4
Gotta' be a bot.....gotta' be......
Reply
#5
(19-05-2017, 11:34 PM)newname Wrote: Orange County will say, "did you call your ISP"........

I know, fuck me for not being an accessory to theft of service, right?

Also, my name isn't orange county. it's oc like overclock / overclocking. overclockingcalifornia was too long of a name.
Reply
#6
OC overlocked the modified CM market in California and wants to protect his business (-;
Reply
#7
(22-05-2017, 03:52 PM)McAdams Wrote: OC overlocked the modified CM market in California and wants to protect his business (-;

lol i would never sell this stuff. there would be too much liability, and the government would easily go after a programmer like mgnforce, a seller like the guys on ebay or craigslist -- way before they go for a private home user. (similar to how LEO goes after SCENE rippers and seeds on P2P rather than the guy at home downloading the movie).

If you read the ToS thread, I clearly state why I'm active in flagging theft of service.. the less of it there is, the less scrutiny legitimate users will face. Smile

If users here post more legal or reasonably assumed to be non-illicit posts, I would be happy to contribute. This thread seems OK Big Grin, which is why I've only spoken up when I was referenced.

Good luck finding a solution to OP's question. I'm sure the community would benefit from it!
Reply
#8
(19-05-2017, 11:19 PM)doctor Wrote: Hey I need some help retrieving a password to get into the modems menus accessed by the isp. To login I use username: cusadmin and password :password . this gets me into the regular menus that customers are able to change wifi names and passwords and things like that. The isp uses the following to login :rogcesadmin (mso) password :nas00Rn7TU

dpc3825 cisco

here is a pic of what it looks like in winhex

.º..CMAp.......gMLog....cusadmin..password..rogcesadmin..nas00Rn7TU.admin...........W2402.......

so now im trying on the new cm which is a Hitron and I cant locate it . It may be encrypted , can someone just verify that and if it is how to decrypt
here is a pic of the hitron thru winhex

usb_enable true.console_mode disable.um_auth_account_name admin rogcesadmin.um_auth_account_password admin $1$ruUpQ3hH$7JYDTzc7/BwZ6/5r0mGvh0.um_auth_account_enable admin true.um_auth_account_name user1 cusadmin.um_auth_account_password user1 $1$ruUpQ3hH$NxgCJUb5ELLu5DR6CkevM0.um_auth_account_enable user1 true.um_auth_account_name user2 rmadmin.um_auth_account_password user2 $1$ruUpQ3hH$q86VIGg7Hqkee2slmvrH7/.um_

any chance of getting it ?

What hitron are U working on?
Reply
#9
hitron CGN3 , there is a lot of info in the dump I'm just trying to figure it out. I just found that telnet is active by this section in the dump:

.ddns_enable false.telnet_enable true.ssh_enable true.cwmpd_enable false.cwmpd_acsurl http://hitron.acs.clearaccess.com.cwmp

but not sure how to get . I also found another password

username admin251134040788.cwmpd_cntreq_passwd OneAcsToRuleThemAll.

hahah "onceAcstoRuleThemALL" what the hell is that
Reply
#10
Can you post a full copy of the dump? That might help!
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)