|
5101 and certs
|
27-09-2012, 07:56 PM
Here, chew on this..
For all of you "spoofing" F/W strings, if you spoof the latest string, and it doesnt have to MFC's CVC , how is the CMTS going to be given this if your spoofing?
Knowledge=Power
Sending UDP ToD request to server...
SNMP Agent Binding to 10.51.152.125:161 Not logging event ID 2291949724, control for level 7 is 0. CM> UTC returned by ToD server 3557766043; UTC offset -18000 Current system time -> Thu Sep 27 15:20:43 2012 System start time -> Thu Sep 27 15:19:56 2012 Starting Tftp of configuration file... Opening file '?BBgdiS8AEsmqDxAKM7Z9@CjO2fT_hJIo1Xvq8gnh5c30GALtZVAbs' on 24.24.53.23 for reading... tftp-enforce bypass is DISABLED Storing received cfg of size 2836 to memory Tftp read < 512 bytes, we have reached end of file. Tftp transfer complete! TFTP Settings: Stack Interface = 1 Server Ip Address = 24.24.53.23 Server Port Number = 54912 Total Blocks Read = 6 Total Bytes Read = 2836 Config file was read! IP Initialization completed... MAX CPE per CM is being set to 32 TLV-11[1]: 1.3.6.1.2.1.69.1.2.1.2.16 -> 255.255.255.255 TLV-11[2]: 1.3.6.1.2.1.69.1.2.1.3.16 -> 255.255.255.255 TLV-11[3]: 1.3.6.1.2.1.69.1.2.1.4.16 -> RR_nycmny_nyc_m0d3m5 TLV-11[4]: 1.3.6.1.2.1.69.1.2.1.5.16 -> 3 (i32) TLV-11[5]: 1.3.6.1.2.1.69.1.2.1.6.16 -> HEX:40 00 TLV-11[6]: 1.3.6.1.2.1.69.1.2.1.7.16 -> 4 (i32) TLV-11[7]: 1.3.6.1.2.1.69.1.2.1.2.18 -> 255.255.255.255 TLV-11[8]: 1.3.6.1.2.1.69.1.2.1.3.18 -> 255.255.255.255 TLV-11[9]: 1.3.6.1.2.1.69.1.2.1.4.18 -> yZaK4E8l TLV-11[10]: 1.3.6.1.2.1.69.1.2.1.5.18 -> 2 (i32) TLV-11[11]: 1.3.6.1.2.1.69.1.2.1.6.18 -> HEX:40 00 TLV-11[12]: 1.3.6.1.2.1.69.1.2.1.7.18 -> 4 (i32) TLV-11[13]: 1.3.6.1.2.1.69.1.2.1.2.19 -> 255.255.255.255 TLV-11[14]: 1.3.6.1.2.1.69.1.2.1.3.19 -> 255.255.255.255 TLV-11[15]: 1.3.6.1.2.1.69.1.2.1.4.19 -> 0cxbof2f6UZt/TE TLV-11[16]: 1.3.6.1.2.1.69.1.2.1.5.19 -> 2 (i32) TLV-11[17]: 1.3.6.1.2.1.69.1.2.1.6.19 -> HEX:40 00 TLV-11[18]: 1.3.6.1.2.1.69.1.2.1.7.19 -> 4 (i32) TLV-11[19]: 1.3.6.1.2.1.69.1.2.1.2.20 -> 255.255.255.255 TLV-11[20]: 1.3.6.1.2.1.69.1.2.1.3.20 -> 255.255.255.255 TLV-11[21]: 1.3.6.1.2.1.69.1.2.1.4.20 -> SM1n5axgWWgX4az TLV-11[22]: 1.3.6.1.2.1.69.1.2.1.5.20 -> 3 (i32) TLV-11[23]: 1.3.6.1.2.1.69.1.2.1.6.20 -> HEX:40 00 TLV-11[24]: 1.3.6.1.2.1.69.1.2.1.7.20 -> 4 (i32) TLV-11[25]: 1.3.6.1.2.1.69.1.6.1.0 -> 1 (i32) TLV-11[26]: 1.3.6.1.2.1.69.1.6.2.1.2.20 -> 4 (i32) TLV-11[27]: 1.3.6.1.2.1.69.1.6.2.1.3.20 -> 0 (i32) TLV-11[28]: 1.3.6.1.2.1.69.1.6.2.1.4.20 -> 1 (i32) TLV-11[29]: 1.3.6.1.2.1.69.1.6.2.1.5.20 -> 2048 (i32) TLV-11[30]: 1.3.6.1.2.1.69.1.6.2.1.2.22 -> 4 (i32) TLV-11[31]: 1.3.6.1.2.1.69.1.6.2.1.3.22 -> 0 (i32) TLV-11[32]: 1.3.6.1.2.1.69.1.6.2.1.4.22 -> 1 (i32) TLV-11[33]: 1.3.6.1.2.1.69.1.6.2.1.5.22 -> 2054 (i32) TLV-11[34]: 1.3.6.1.2.1.69.1.6.3.0 -> 2 (i32) TLV-11[35]: 1.3.6.1.2.1.69.1.6.4.1.2.135 -> 4 (i32) TLV-11[36]: 1.3.6.1.2.1.69.1.6.4.1.4.135 -> 2 (i32) TLV-11[37]: 1.3.6.1.2.1.69.1.6.4.1.5.135 -> 1 (i32) TLV-11[38]: 1.3.6.1.2.1.69.1.6.4.1.11.135 -> 6 (i32) TLV-11[39]: 1.3.6.1.2.1.69.1.6.4.1.14.135 -> 135 (i32) TLV-11[40]: 1.3.6.1.2.1.69.1.6.4.1.15.135 -> 139 (i32) TLV-11[41]: 1.3.6.1.2.1.69.1.6.4.1.2.136 -> 4 (i32) TLV-11[42]: 1.3.6.1.2.1.69.1.6.4.1.4.136 -> 2 (i32) TLV-11[43]: 1.3.6.1.2.1.69.1.6.4.1.5.136 -> 1 (i32) TLV-11[44]: 1.3.6.1.2.1.69.1.6.4.1.11.136 -> 17 (i32) TLV-11[45]: 1.3.6.1.2.1.69.1.6.4.1.14.136 -> 135 (i32) TLV-11[46]: 1.3.6.1.2.1.69.1.6.4.1.15.136 -> 139 (i32) TLV-11[47]: 1.3.6.1.2.1.69.1.6.4.1.2.445 -> 4 (i32) TLV-11[48]: 1.3.6.1.2.1.69.1.6.4.1.4.445 -> 2 (i32) TLV-11[49]: 1.3.6.1.2.1.69.1.6.4.1.5.445 -> 1 (i32) TLV-11[50]: 1.3.6.1.2.1.69.1.6.4.1.11.445 -> 6 (i32) TLV-11[51]: 1.3.6.1.2.1.69.1.6.4.1.14.445 -> 445 (i32) TLV-11[52]: 1.3.6.1.2.1.69.1.6.4.1.15.445 -> 445 (i32) TLV-11[53]: 1.3.6.1.2.1.69.1.6.4.1.2.446 -> 4 (i32) TLV-11[54]: 1.3.6.1.2.1.69.1.6.4.1.4.446 -> 2 (i32) TLV-11[55]: 1.3.6.1.2.1.69.1.6.4.1.5.446 -> 1 (i32) TLV-11[56]: 1.3.6.1.2.1.69.1.6.4.1.11.446 -> 17 (i32) TLV-11[57]: 1.3.6.1.2.1.69.1.6.4.1.14.446 -> 445 (i32) TLV-11[58]: 1.3.6.1.2.1.69.1.6.4.1.15.446 -> 445 (i32) TLV-11[59]: 1.3.6.1.2.1.69.1.6.4.1.2.593 -> 4 (i32) TLV-11[60]: 1.3.6.1.2.1.69.1.6.4.1.4.593 -> 2 (i32) TLV-11[61]: 1.3.6.1.2.1.69.1.6.4.1.5.593 -> 1 (i32) TLV-11[62]: 1.3.6.1.2.1.69.1.6.4.1.11.593 -> 6 (i32) TLV-11[63]: 1.3.6.1.2.1.69.1.6.4.1.14.593 -> 593 (i32) TLV-11[64]: 1.3.6.1.2.1.69.1.6.4.1.15.593 -> 593 (i32) TLV-11[65]: 1.3.6.1.2.1.69.1.6.4.1.2.64 -> 4 (i32) TLV-11[66]: 1.3.6.1.2.1.69.1.6.4.1.4.64 -> 2 (i32) TLV-11[67]: 1.3.6.1.2.1.69.1.6.4.1.5.64 -> 1 (i32) TLV-11[68]: 1.3.6.1.2.1.69.1.6.4.1.11.64 -> 17 (i32) TLV-11[69]: 1.3.6.1.2.1.69.1.6.4.1.12.64 -> 68 (i32) TLV-11[70]: 1.3.6.1.2.1.69.1.6.4.1.13.64 -> 68 (i32) TLV-11[71]: 1.3.6.1.2.1.69.1.6.4.1.14.64 -> 67 (i32) TLV-11[72]: 1.3.6.1.2.1.69.1.6.4.1.15.64 -> 67 (i32) TLV-11[73]: 1.3.6.1.2.1.69.1.6.4.1.2.66 -> 4 (i32) TLV-11[74]: 1.3.6.1.2.1.69.1.6.4.1.4.66 -> 1 (i32) TLV-11[75]: 1.3.6.1.2.1.69.1.6.4.1.5.66 -> 1 (i32) TLV-11[76]: 1.3.6.1.2.1.69.1.6.4.1.11.66 -> 17 (i32) TLV-11[77]: 1.3.6.1.2.1.69.1.6.4.1.12.66 -> 67 (i32) TLV-11[78]: 1.3.6.1.2.1.69.1.6.4.1.13.66 -> 67 (i32) TLV-11[79]: 1.3.6.1.2.1.69.1.6.4.1.14.66 -> 68 (i32) TLV-11[80]: 1.3.6.1.2.1.69.1.6.4.1.15.66 -> 68 (i32) Time Of Day completed... DefaultSnmpAgentClass::SystemTimeChangeEvent for SB5102 CM Agent w/ BRCM Factory Support SB5102 CM Agent w/ BRCM Factory Support processing TLV-11's SNMP packet sent to 10.51.182.125:161 80 TLV-11's OK. Sending a REG-REQ to the CMTS... Not logging event ID 2291949524, control for level 7 is 0. Not logging event ID 2291949324, control for level 7 is 0. Received a REG-RSP message from the CMTS... 0x0000c198 [CmDocsisCtlThread] BcmCmDocsisCtlThread::RegRspMsgEvent: (CmDocsisCtlThread) ERROR - REG-RSP response code NOT ok! rsp code = 8 (kRejRequiredParamNotPresent) 0x0000c198 [CmDocsisCtlThread] BcmCmDocsisCtlThread::SyncRestartErrorEvent: (CmDocsisCtlThread) reason: 17 (kNegOrBadRegRsp) Not logging event ID 2436694040, control for level 7 is 0. Logging event: Neg Or Bad Reg Rsp - Reinitialize MAC... Deleting DOCSIS 1.0 CoS Settings for SID 0x1178 0x0000c260 [CmDocsisCtlThread] BcmDocsisCmHalIf:  eleteAllServiceFlows: (DOCSIS CableModem HalIf) Deleting all Upstream and Downstream Service Flows, along with associated Classifiers and PHS rules...Stopping DHCP/ToD/TFTP (client requested)... The ToD thread was stopped. DHCPc: Releasing the lease with client id htype=1, value=00:15:c9:aa:0f:10 DHCPc: Sending Release packet; client id htype=1, value=00:15:c9:aa:0f:10 0x0000c26a [DHCP Client Thread] BcmDhcpClientIf::SendDhcpPacket: (DHCP ClientIf for IP Stack1) WARNING - Failed to send packet! 0x0000c26a [DHCP Client Thread] BcmDhcpClientIf::SendRelease: (DHCP ClientIf for IP Stack1) WARNING - Failed to create/send Release packet! Oh, well, no biggie... 0x0000c26a [DHCP Client Thread] BcmEcosIpHalIf::RemoveLeaseImpl: (IP Stack1 HalIf) Removing lease IP address 10.51.182.125 from IP stack 1 0x0000c274 [DHCP Client Thread] BcmEcosIpHalIf::RemoveLeaseImpl: (IP Stack1 HalIf) This is the last address on the stack; shutting the stack down:numberOfAddresses=1 0x0000c274 [DHCP Client Thread] BcmEcosIpHalIf::ShutdownIpStackImpl: (IP Stack1 HalIf) Shutting down IP stack 1 SB5102 CM Agent w/ BRCM Factory Support IpStackEvent: Ip=0.0.0.0, Subnet=0.0.0.0, Gateway=0.0.0.0 DefaultSnmpAgentClass::RestartPendingEvent for SB5102 CM Agent w/ BRCM Factory Support SB5102 CM Agent w/ BRCM Factory Support resetting to default state. SB5102 CM Agent w/ BRCM Factory Support destroying users... Pausing trap thread SB5102 CM Agent w/ BRCM Factory Support destroying notifies... Resuming trap thread SB5102 CM Agent w/ BRCM Factory Support destroying views... SB5102 CM Agent w/ BRCM Factory Support sending deferred traps... Done w/ deferred traps. SB5102 CM Event Log w/ BRCM Factory Support sending deferred async messages... Done w/ deferred msgs SB5102 CM Agent w/ BRCM Factory Support defering traps. SB5102 CM Agent w/ BRCM Factory Support setting V1/V2 view to unrestricted SB5102 CPE Agent w/ BRCM Factory Support setting V1/V2 view to docsisCpeView Non-Vol Settings successfully written to the device. 0x0000c38c [CmDocsisCtlThread] BcmCmDocsisCtlThread::ResetRngState: (CmDocsisCtlThread) @@@@@ In ResetRngState, fRemainingInitRngPowerSteps 17 0x0000c38c [Scan Downstream Thread] BcmVendorCmDownstreamScanThread::ThreadMain: (Scan Downstream Thread) Downstream Channel scan stopped! 0x0000c3a0 [Scan Downstream Thread] BcmVendorCmDownstreamScanThread::ThreadMain: (Scan Downstream Thread) Scanning for a Downstream Channel... mot_scanList: Setting override freq @ 303000000 Scanning DS Channel at 303000000 Hz... (Initial target freq) Found energy at frequency 303000000Hz! Publishing event kEventEnergyDetected... 0x0000c5ee [CmDocsisCtlThread] BcmCmDocsisCtlThread::StartUsInit: (CmDocsisCtlThread) Locked on the downstream. Waiting for UCDs... ****************************************** DOWNSTREAM STATUS ****************************************** Tuner Frequency = 303000000 Hz Carrier Offset = -2 Hz Symbol rate = 5360537 sym/sec SNR = 36 dB QAM Mode = QAM256 Tuner AGC = 0xfff00000 IF AGC = 0x18c35978 Power Level = -11 dB QAM = LOCKED FEC = LOCKED ****************************************** CM> Selecting UCD for Us Channel 14 0x0000d016 [CmDocsisCtlThread] BcmCmDocsisCtlThread::TestAndLaunchDsTimeSync: (CmDocsisCtlThread) starting ds time sync acquisition... 0x0000d2b4 [CmDocsisCtlThread] BcmCmDocsisCtlThread::SyncDsSyncOk: (CmDocsisCtlThread) downstream time sync acquired... 0x0000d2b4 [CmDocsisCtlThread] BcmCmDocsisCtlThread: sSyncOkResumeUsInit: (CmDocsisCtlThread) pre-REG upstream target case...starting initial ranging.Beginning initial ranging... Using stored initial upstream power = 55.0 dBmV 0x0000d2b4 [CmDocsisCtlThread] BcmCmDocsisCtlThread::SyncDsSyncOk: (CmDocsisCtlThread) rx unexpected kDsSyncOk indication... Not logging event ID 2307948724, control for level 7 is 0. RNG-RSP Adj: tim=1211 power=2 freq=0 Stat=Continue RNG-RSP Adj: tim=0 power=5 freq=0 Stat=Continue RNG-RSP Adj: tim=0 power=5 freq=0 Stat=Success ****************************************** UPSTREAM STATUS ****************************************** Upstream Status = UP Upstream Channel = 14 Upstream Frequency = 23800000 Hz Upstream Power = 55 dBmV Ranging SID = 0x783 Upstream Symbol Rate = 5120000 sym/sec ****************************************** Starting IP Initialization with DHCP... DHCPc: Waiting 1 seconds before sending Discover; client id htype=1, value=00:15:c9:aa:0f:10 Not logging event ID 2307948624, control for level 7 is 0. CM>
27-09-2012, 11:19 PM
Simple solution. Posted at SBH in between the proverbial lines. If you can READ and TEST what you READ then you do not have to spoof anything.
the root part of certs is really need it or not? maybe in some isp don't check that parts? i see haxor made backup of the certs with only private, public, ca and cm certs but not the root public, but there's the upload option for it.. but i don't understand and i guess it really don't use it at all. if i restore a backup i get in my isp registration completed status but not online/operational.. if i insert the 5 complete certs by snmp with a batch file i get operational status.. what i'm missing?
haxorware bug?? if author/coder of haxorware is reading this i will supply from virgin/working model of SBG941 the 5 completed certs , actually the private part is a little bigger (more chars) and haxor won't upload it correctly..could be possible to implement the option to use certs of models like SBG901/941 into models SB5XXX ?? tested with latest Rev. 39 lite i didn't check if root part is common with all mots.. but is better to hear some recommendations from the experts! My Best Regards |
|
« Next Oldest | Next Newest »
|
