duress
join:2003-06-21
|  5200 Snooping
I've decided to play with my 5200 from sympatico and found fw from »alltel.net/downloads/links/5200u···1-13.exe. After downloading it and updating the fw on the modem I found out that it was even more crippled then before. So I had a friend of mine unpack the exe and we found some interesting files. I have included the files for your viewing pleasure and also decided to try something out. When I ran the update I had a packet sniffer running also and found out that each time I ran the patch a password would be set at random for the ftp and telnet service, during the update process you could use the random password to access the ftp server or the telnet server. The firmware files would be uploaded in the following order 004-E240-A16-boot.img, 004-E240-A16.img and 003-1045-003.def via ftp. Another interesting thing that was in the fw patch was a program called bcr.exe that would let you decrypt the encrypted files, an example of this would be -bcr.exe -k="EFNTEFNT" -d "004-E240-A16.img.enc" "004-E240-A16.img"-. The password they used to encrypt the files was EFNTEFNT. Anyway guys if you could send me some more 5200 firmware upgrades to data@shocking.net so that my friend can unpack em and let everyone enjoy the firmware goodness, I would greatly appreciate it. |
|
Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
clubs:
| See what is here. »yoda.easynet.fr/hotline/Modems_A···nt_5200/
Waiting for your analysis. 
Regards,
Doctor Olds |
|
Sarick
It's Only Logical
Premium
join:2003-06-03
USA
 ·FrontierNet Intern..
|  reply to duress
I'm not going to touch anything that involves reverse enginering or cracking.
Sure it's interesting but I won't attempt to alter the router outside it's normal fireware.
I don't think them crippling a modem more is very nice what is the perpose of internet if you can't even run ICQ in it's native mode.
Native meaning it accepts direct connections. Without port forwording you must go through the ICQ server to send or recieve a message.
Sad how they cripple everything in an UPDATE. Updates are supposed to improve on a model not cripple it. |
|
Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
clubs:
| There's two kinds of updates. 
For the Router/Modem version and for the Bridge/Modem version.
Then there is the Upgrade to a Router from a Bridge. 
Regards,
Doctor Olds
[text was edited by author 2003-06-22 00:02:15] |
|
Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
clubs:
| reply to duress
said by duress  :
I had a friend of mine unpack the exe and we found some interesting files.
What did he use to unpack the exe?
Regards,
Doctor Olds
--
Starfire is The Future Now! Clarke's Third Law: "Any sufficiently advanced technology is indistinguishable from magic." |
|
scoobydoobie
@twtelecom.net
| The 5200 firmware posted at alltel.net is for bridging only. If you have a 5200 that's been flashed to a router, don't use this firmware. It wil convert your 5200 into a bridge. The "update" refers to an updated firmware revision on the actual DSL chipset itself (from TI). It doesn't convert a bridged 5200 into a router. |
|
buggage
Premium
join:2002-11-28 | Could you share what the ftp user and pass were? |
|
Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
clubs:
| reply to duress
said by duress :
I've decided to play with my 5200
So where did you disappear to?? ;) |
|
duress
join:2003-06-21
| »www.prodigy.com.mx/infinitum/Upd···-503.exe |
|
duress
join:2003-06-21
| »www.prodigy.com.mx/infinitum/Upd···6_v1.exe |
|
duress
join:2003-06-21
| »yoda.easynet.fr/hotline/Modems_A···5_v1.zip |
|
duress
join:2003-06-21
| Like I said before, the user name and password would be set at random when the flash takes place. You will need to use a packet sniffer when you run the update to find out your user name and password. Once the update has finished the user name and password is no longer valid. |
|
duress
join:2003-06-21 | Here is a mirror I had setup for the files, please download and host the files on another site as they will be taken down soon.
»www.teamphreak.net/firmware |
|
Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
clubs: | reply to duress
You still around?
Try ftp.renatosiqueira.com
user: velox@renatosiqueira.com
pass: velox
Update us with your findings please.
Regards,
Doctor Olds |
|
Rafabgood
@com.b
| reply to duress
Just a tip about renatosiqueira's ftp:
Me, him, and other people that shares some interest in the SS5200 modem converted to router, we share some ideas in the Velox-Rio yahoo group.
People ther have discovered a loto of good stuff (did you know that the pass and the user for the telnet service in the 5200 is "telmex"?)
I am asking here to you try not overloading his ftp, it's his money...
There are 3 fw there: the mexican, a portuguese, and a crippled one that requires a password to install. (they already found out how to crack that).
So, if you guys don't intend to have a portuguese modem, use the mexican one.
ps: the portuguese (v5) is configured to run with a brasilian ISP called Velox.
r. |
|
Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
clubs:
| said by Rafabgood:
People ther have discovered a loto of good stuff (did you know that the pass and the user for the telnet service in the 5200 is "telmex"?)
Yes, Posted here »Re: Uncripple your 5200 router firmware today!!! on 2003-06-29 May only apply to the Mexican Firmware though. TelMex might be the reason. TelMex is one of the dominant phone service providers in Mexico.
said by Rafabgood:
I am asking here to you try not overloading his ftp, it's his money...
OK. I understand and Agree. said by Rafabgood:
There are 3 fw there: the mexican, a portuguese, and a crippled one that requires a password to install.
Care to share the P/W? said by Rafabgood:
So, if you guys don't intend to have a portuguese modem, use the mexican one.
ps: the portuguese (v5) is configured to run with a brasilian ISP called Velox.
The Firmwares can be reconfigured after Flashing as the Mexican one is set for PPPoE and Bridge that need either to be disabled or removed and then run the setup wizard to configure for your ISP. Or are you saying the Portuguese Firmware is not in English after flashing?
Regards,
Doctor Olds
[text was edited by author 2003-07-30 12:10:30] |
|
Rafabgood
@com.b
| reply to duress
Unfortunately, I do not have this password. There is a procedure to bypass the password and use the image (nothing that a crack on the executable could do).
About the other fw, the interface is in Portuguese, and there is, already, a connection created to work with the velox ISP. Although there is a little American flag that switches the language... |
|
buggage
Premium
join:2002-11-28 | Do you know if there is any difference between the Mexican firmware and the Portuguese firmware? |
|
Rafabgood
@com.b
| reply to duress
Not yet.
I am testing the Portuguese one, and I am not seen any big differences. Only a little bit more "uncrippled". I heard that this fw it’s a little but more unstable, rebooting the modem some times, but never happened to me.
Worth a try!
r. |
|
alep_rj
join:2003-04-25 | reply to duress
If someone wants the password for the brazilian firmware, its "telemar" (the username e pass are the same). I'm going to post how to use the firmware labeled as "Full Router", I just need to translate that. |
|
