Login

jedilord9 · 22-01-2014, 05:50 PM

The fact of the matter is, there is no private unseen community string. The config file tftp'd to the modem from the cmts bootstraps the modem, so it contains all the information needed for the modem to run, including respond to snmp requests. ABM is trolling everyone with misdirection for shits and giggles.
Think about it, if there was some magical private community string (which isn't even defined in IOS) that was sent during a FW update or some other magical time, wouldn't that same technique be used to set every other property such as speeds, filters, etc.
Community strings are defined in the config, plain and simple. There may be x509 certs used in place of community strings for snmp query, but that isn't a string.
If you cant scan and you exhausted all options, your cmts implements ACL, which prevents any CM with a certain MAC or within an IP range to do snmp and the likes.
Quit bullshitting people ABM.

BornDirty · 22-01-2014, 06:48 PM

Iv been scanning for well over a year with out this private string.

slave · (This post was last modified: 22-01-2014, 07:53 PM by slave.)

(22-01-2014, 05:50 PM)jedilord9 Wrote: The fact of the matter is, there is no private unseen community string. The config file tftp'd to the modem from the cmts bootstraps the modem, so it contains all the information needed for the modem to run, including respond to snmp requests. ABM is trolling everyone with misdirection for shits and giggles.
Think about it, if there was some magical private community string (which isn't even defined in IOS) that was sent during a FW update or some other magical time, wouldn't that same technique be used to set every other property such as speeds, filters, etc.
Community strings are defined in the config, plain and simple. There may be x509 certs used in place of community strings for snmp query, but that isn't a string.
If you cant scan and you exhausted all options, your cmts implements ACL, which prevents any CM with a certain MAC or within an IP range to do snmp and the likes.
Quit bullshitting people ABM.

yes you are right
the only cable modem config passwords can drive it over snmp + also there is another password unique for motorola sb5101 and for other modems too which can be read via mibwalk and is already posted on that site
so if modems doesnt repply to its config passwords - then it should repply to its unique private password comming from mibs
but on my isp i cannot ping any devices from internall ip there is some kind of firewall
@abmjr thinking that every isp uses same things like american comcast but its not true
my isp have permamently disabled ping from locall ip - it use snmp only for modem diagnostics directly from cmts Wink

and register modems only using VPN propably thats why that ping is disabled and all ports from inside
i wrote here many times that this is bullshit about that ^magic non existed private snmp password from isp^ but nobody hear me
sure there are more snmp passwords on your network but for other things like read diagnostic status of cmts etc etc..
in my network:
-cable modem snmp replay only to following ip - ^cmts ip^ + ^broadband access center ip^ + ^tftp ip^ Wink

the rest of ip havent any privileges to pimp any cable modem using snmp cant even ping them
even if i clean config with those ip adress restrictions or modiffy and puts on it my ip - i cant
so the modems are beetwen firewall acl list
i was trying many crazy ways for over few months to get snmp access and i cant

jedilord9 · 22-01-2014, 08:51 PM

ABM is right that SNMP is never disabled. That is true.

slave · (This post was last modified: 22-01-2014, 10:26 PM by slave.)

(22-01-2014, 08:51 PM)jedilord9 Wrote: ABM is right that SNMP is never disabled. That is true.

yes its never disabled !
but you with your cable modem on some isp doesnt have privileges to scan over snmp only the cmts operator or bac can do it
so for you is disabled !

**teddyalmonds** · 22-01-2014, 11:46 PM

The only positive thing about the bs he was writing is that it caused a very small amount of people to look for the truth. I can admit that.

neo_ · 23-01-2014, 02:13 AM

(22-01-2014, 11:46 PM)teddyalmonds Wrote: The only positive thing about the bs he was writing is that it caused a very small amount of people to look for the truth. I can admit that.

Yup

zone2oo0 · 28-01-2014, 01:04 PM

cm>LSD_unload true
BROADCOM LSD OID COMMAND FEATURE
.................................................................................
.........................................................................
done
LSD_unload> GrabCert_afterREG true 192.168.100.1 certset.bin
Grabbing.....................................................................
................................................................................
................................................................................
................................................................................
................................................................................
lds.

**drewmerc** · 28-01-2014, 06:44 PM

now i want some LSD

Login
Username:
Password:	Lost Password?
	Remember me