How to get by any security!

[haroldstein]

I can say, The "Secret" is in TELNET..

I can take any D2 or D3 modem and "make" it work on any CMTS..

I always said there are "UnDocumented" Telnet commands...I posted about 85 % of them 2 SBH...

Still works...

About 20 + know of this, the same peeps that know of the DCH-70 and DCT-700 "open" access..

Still stand by this today.

You got me curious, when you say:
I can take any D2 or D3 modem and "make" it work on any CMTS..
Are you saying you can take a Stock cm and completely have it running?
If you say yes, then there is alot more reading to do.

[ABMJR]

Stock...Never provisioned. Virgin..

If it was banned, reflash new BIN, change 1st CPE. Use Haxo Lite. TElnet in. Execute a command at a certtain time during early stages, after TOD, FW Push..

The rest I cant say

[haroldstein]

Stock...Never provisioned. Virgin..

If it was banned, reflash new BIN, change 1st CPE. Use Haxo Lite. TElnet in. Execute a command at a certtain time during early stages, after TOD, FW Push..

The rest I cant say

so this is done after this command

The TELNET command is done with haxo Diag, and at a certain time..

Once the CM is given the Co-CVC and F/W push, it is "provisioned" in the eyes of the CMTS. Then, you take the CM off-line and re-flash Haxo Lite..

This command is "Un-Documented", meaning there is no Documentation detailing it. Only the Whitepapers of the developers have it

so you start with Diag ver then switch over to lite.
a little more for the puzzle. thnks Ambjr.

[southernyankey1970]

If he screws up and gives out a line or two you guys are all fucked! It will be the end of it. I know it's prob not too difficult to figure out on your own if actually familiarize yourself with the provisioning process...

I hope he never gives it out and just enjoys it rather than torture you guys with it...

THERE ARE SOOOOO MANY WAYS STILL!

[Stoowyguy]

Are you trying to tell me that if I use the right telnet commands on a docsis 2 modem then I can just magically get online
O

I can say, The "Secret" is in TELNET..

I can take any D2 or D3 modem and "make" it work on any CMTS..

I always said there are "UnDocumented" Telnet commands...I posted about 85 % of them 2 SBH...

Still works...

About 20 + know of this, the same peeps that know of the DCH-70 and DCT-700 "open" access..

Still stand by this today.

[southernyankey1970]

Yes, you can! It's not magic. It is an insider's knowledge of the finer workings of docsis and how a CM communicates with a CMTS. Only a chosen few know the secret (self not-included) and most likely it will go no farther. I can tell you though, that it is not necessary to know that little gem to successfully test in high security...even in my area. There are still some pretty big holes if you know what to look for.

[piposarcade]

Honestly I do not think it's a simple undocumented command, you must be a whole number of things that do something .. if it were that simple, I think the ISP would have discovered ..

[southernyankey1970]

No...
It's simple! That is how I find the best holes...Think simple. Docsis 3 is complicated, but it leaves a few things wide open here and there. it doesn't have to be complicated to work. read some of the SBH archives sometime and look at the ways they found to get around the old security. It was off the wall shit that got the best results.

[shocky]

to abmjr.......
am i on the right path????


"if ( naco == NACO_ON )"

[torro32]

No...
It's simple! That is how I find the best holes...Think simple. Docsis 3 is complicated, but it leaves a few things wide open here and there. it doesn't have to be complicated to work. read some of the SBH archives sometime and look at the ways they found to get around the old security. It was off the wall shit that got the best results.

Everyone who think you are not some spy here or a FBI agent is retarded in his head.
So far I haven't find any constructive post from you.