4 edits |
derekm
Member
2012-Nov-7 1:49 pm
Sagemcom F@st 2864 unlock on *nixWith all credit due to lawrenson and this thread (now locked), here is the procedure I followed to achieve the same results without the Telnet.zip file: Download Config
curl http://admin:admin@192.168.2.1/save_rg_conf.cgi > download.txt
Edit Config
replace:
(telnets(ports))
with:
(telnets
(ports
(0
(port(23))
(ssl_mode(none))
(remote_access(0))
)
)
)
Post File
curl --data-urlencode new_rg_conf@download.txt http://admin:admin@192.168.2.1/replace_rg_conf.cgi
I would have added this to the other thread, but unfortunately, it's locked. Also, this device contains a ton of GPL'd software. Shouldn't the source for this device be available ala WRT54g? Does anyone know who was responsible for the liberation of the WRT54g, perhaps they'd be interested in this also: cat /proc/version
Linux version 2.6.16.26 #1 Fri Jun 15 14:52:40 CEST 2012
That's f'd up - did nobody yet notice this is a linux box? (IANAL, but it looks like Bell or Sagemcom may be in violation of the GPL....) |
|
 zacron
Premium Member
join:2008-11-26
Frozen Hoth |
zacron
Premium Member
2012-Nov-7 2:11 pm
I would like to make the code available but would need an eeprom reader. |
|
 TSI GabeRouter of Packets
Premium Member
join:2007-01-03
Gatineau, QC |
TSI Gabe
Premium Member
2012-Nov-7 2:13 pm
Yes we've gained access to it as well using this method but I've yet to manage to reflash it through the CLI. The ability to do so appears to have been locked out in the firmware |
|
| |
derekm
Member
2012-Nov-7 3:30 pm
said by TSI Gabe:I've yet to manage to reflash it through the CLI. The ability to do so appears to have been locked out in the firmware
... which would also be different violation of the GPL, I think. |
|
 SandroidBSD geek
Premium Member
join:2002-08-08
Anjou, QC |
Sandroid
Premium Member
2012-Nov-7 3:35 pm
stupid question... what's to gain out of unlocking it? |
|
| |
derekm
Member
2012-Nov-7 3:38 pm
Line stats, as usual.  I'm assuming TSI would want firmware backup/updates to help provision gear. |
|
| |
to derekm
said by derekm:did nobody yet notice this is a linux box? (IANAL, but it looks like Bell or Sagemcom may be in violation of the GPL....)
It's something that I looked into while first trying to find a way into the modem, knowing that it ran on OpenRG and therefore Linux. I ran into other GPL violation complaints involving Sagem, and seem to recall somewhere saying that they'll send you a copy of GPL'd code if you send a written request. |
|
| |
to derekm
said by derekm:Line stats, as usual.
I'm assuming TSI would want firmware backup/updates to help provision gear.
Except that it seems TSI has little access to these boxes and knows little about them. They only see the radius activity. The box is pretty locked down to Bell. So yeah, a little more access would be nice. *That's* why it needs unlocking. I'm a little bothered that in semi bridge mode it always has a default connection to Bell. The logs and stats suck. The clock is stupid. In general the box hides many of the control features we want and is a bit shady having a Bell back door. |
|
 RRRR
join:2008-05-27
Montreal, QC
3 edits |
RRRR
Member
2012-Nov-10 3:19 pm
So shall we request the GPL code and inform the FSF ? I'd really like to get rid of that bell connection and have a proper bridge mode... I feel vulnerable knowing I have a second open IP running crappy/vulnerable Bell code and letting them backdoor my firmware. Also, anyone heard of a class action lawsuit against this forced modem rental scheme? There are some in the US it seems... EDIT: » www.hardware.com.br/comu ··· 1238038/» www.tripleoxygen.net/wp/ ··· cking-1/The password for root in /etc/shadow seems to be: sagem |
|
| RRRR |
RRRR
Member
2012-Nov-11 3:32 pm
Is anyone at least able to get the line stats from within the modem? |
|
| |
said by RRRR:Is anyone at least able to get the line stats from within the modem?
No but the provider can see some stats from their end. When they see it all as good then we're at an impasse if there are stability problems. So until we have modem choice or can hack for stats VDSL is dead to me. |
|
RRRR
join:2008-05-27
Montreal, QC |
RRRR
Member
2012-Nov-11 4:12 pm
It's possible to d/l to the jffs2 partition via tftp so we could probably d/l a binary to do things, but yeah, I get what you're getting at and it's a very sad situation.
Anyone knows how can they legally force the rental? |
|
 JC_
Premium Member
join:2010-10-19
Nepean, ON |
JC_ to RRRR
Premium Member
2012-Nov-11 4:16 pm
to RRRR
said by RRRR:Is anyone at least able to get the line stats from within the modem?
Yes, you can view the line stats through the CLIl see » Re: Firmware + Sagemcom Modem + Help |
|
RRRR
join:2008-05-27
Montreal, QC |
RRRR
Member
2012-Nov-11 4:55 pm
Oops, missed that part even though I saw that password haha, cheers!  |
|
bigbug
join:2013-01-15
Markham, ON |
bigbug
Member
2013-Jan-15 9:39 pm
Can you guys access » admin:admin@192.168.2.1/ ··· conf.cgi ? I only get a box to re-enter the password. "admin" doesn't work for me. |
|
1 edit |
This no longer works on the latest firmware. For now we don't have any other way of enabling telnet. I have an idea for another method that may work, no promises though since I haven't had much time to look into it or do any testing. edit: Unfortunately the new method no longer works on the latest firmware either |
|
 jmckformerly 'shaded'
join:2010-10-02
Ottawa, ON |
jmck
Member
2013-Apr-1 9:59 pm
sorry to necro this thread, but is there a way to enable telnet or see line stats with the newer firmware? |
|
|
 andyb
Premium Member
join:2003-05-29
SW Ontario |
andyb
Premium Member
2013-Apr-1 10:09 pm
Firmware needs to be pulled and examined.Dunno if anyone has done it lately.Could be they encrypted it but if its GPL'd just ask bell for the source or get the GPL group to file a lawsuit |
|
| |
Do you know how to pull the firmware? I happen to have one that's telnet-able. |
|
s0dhi
join:2011-08-02
Brampton, ON |
s0dhi
Member
2013-Apr-2 11:46 am
I was able to telnet in to my new Sagemcom this morning. There appear to be commands to flash firmware and do a variety of other tasks. |
|
 HiVolt
Premium Member
join:2000-12-28
Toronto, ON |
HiVolt
Premium Member
2013-Apr-2 12:14 pm
said by s0dhi:I was able to telnet in to my new Sagemcom this morning. There appear to be commands to flash firmware and do a variety of other tasks.
what firmware is it running? |
|
s0dhi
join:2011-08-02
Brampton, ON |
s0dhi
Member
2013-Apr-2 12:15 pm
said by HiVolt:said by s0dhi:I was able to telnet in to my new Sagemcom this morning. There appear to be commands to flash firmware and do a variety of other tasks.
what firmware is it running? Firmware Version: FAST2864_v6637F Hardware Version: 2864-000000-002 |
|
HiVolt
Premium Member
join:2000-12-28
Toronto, ON |
HiVolt
Premium Member
2013-Apr-2 12:18 pm
Hrm i just dont remember if thats the latest... Did you let your modem update firmware several times when you first plugged it in? |
|
s0dhi
join:2011-08-02
Brampton, ON |
s0dhi
Member
2013-Apr-2 12:21 pm
said by HiVolt:Hrm i just dont remember if thats the latest... Did you let your modem update firmware several times when you first plugged it in?
Nope, I just got it as part of the 50/10 upgrade. It's never been plugged into the line yet. I can try to pull stuff off of it if someone can let me know how/what needs to be done. BTW, I have a Cellpipe collecting dust, and I'm running my own Zyxel. |
|
HiVolt
Premium Member
join:2000-12-28
Toronto, ON |
HiVolt
Premium Member
2013-Apr-2 12:22 pm
Ah, so thats why you were able to get in... When/if you plug it in, it will fetch new firmware and disable the telnet hole.. |
|
jmckformerly 'shaded'
join:2010-10-02
Ottawa, ON |
jmck
Member
2013-Apr-2 12:24 pm
yeah, my 50/10 service became active yesterday and i saw the modem reboot a few times after getting sync and got worried, but i guess it was just getting a new firmware. |
|
s0dhi
join:2011-08-02
Brampton, ON |
to HiVolt
said by HiVolt:Ah, so thats why you were able to get in... When/if you plug it in, it will fetch new firmware and disable the telnet hole..
Understood. I probably won't plug it in, unless my Zyxel give me some sort of issue. |
|
 GuspazGuspaz
MVM
join:2001-11-05
Montreal, QC |
to derekm
This is what mine reports:
Firmware Version
FAST2864_v6740S
Rescue Version
FAST2864_v7740S |
|
s0dhi
join:2011-08-02
Brampton, ON
1 edit |
s0dhi
Member
2013-Apr-2 12:40 pm
Is there any way to pull anything of value (for the community) off my Sagemcom since it's sitting here?
May be there is a way to drop a script on to the device that doesn't get overwritten during the upgrade? |
|
| |
to derekm
Last summer I sucessfully dumped the firmware from my Sagemcom modem. After deep analysis, I found a flaw in the web interface that could be used to inject executable code. My goal was to use this flaw to enable a page with line stats, and I succeeded. I released my tool here on the Bell forum but it has been removed minutes later. My work was considered "too suspicious" because I didn't want to include the source code of the injection tool. Too bad, I guess I'll be the only person with a beautiful line stats page on my Sagemcom. And yes it is still working with the latest firmware version!  |
|
