Thread Rating:
  • 5 Vote(s) - 4 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Arris TG2492 (VM Super hub 3)
#11
@emantec

did you do chip off read? With what device you dump nand?

encrypted nand did you verifY read that it was not corrupt?
Reply
#12
Does anyone have the 9.1.116.608 firmware, or a mechanism to log in to this release? I can login to 9.1.116V using the mechanism from the NCC blog and I'm sure there must be other vulnerabilities to allow local login still. I looked at the two UARTs and only get output though someone mentioned the possibility of causing some sort of crash. Also from another site, it seems JTAG is disabled, so not going to try that route.
Reply
#13
nothing else has been done since this thread got made
Reply
#14
Ok, well if anyone is interested in collaborating, I have a spare 116V device I bought on ebay to play with and can extract all the disk images from it, as well as one running 608 that I haven't got into yet.
Reply
#15
see what ya can do with it break down the fw from it
Reply
#16
ok, I've stuck the files up on keybase, since it's free and has 250GB space.
$ ls /keybase/team/tg2492
mmcblk0p1 mmcblk0p11 mmcblk0p13 mmcblk0p3 mmcblk0p5 mmcblk0p7 mmcblk0p9
mmcblk0p10 mmcblk0p12 mmcblk0p2 mmcblk0p4 mmcblk0p6 mmcblk0p8

https://keybase.io/
Reply
#17
have you managed to break down the fw on this router
Reply
#18
I just copied all the partitions off the device with tftp and then extracted them with binwalk
Reply
#19
keep us updated VMU19
Reply
#20
(19-01-2019, 07:46 PM)vmu19 Wrote: I just copied all the partitions off the device with tftp and then extracted them with binwalk

hey , how did you copy the partition of it through tftp ?
Reply


Forum Jump:


Users browsing this thread: 11 Guest(s)