- #Clone phone mac for internet for mac#
- #Clone phone mac for internet full#
- #Clone phone mac for internet software#
- #Clone phone mac for internet ps3#
Being a TSOP chip, it is easy enough to solder wires to and luckily I remembered NORway from back when I downgraded my PS3 and that it has SPI dumping support. Unfortunately, the FCC does not have the schematics for this device public but a quick inspection showed that the chip labeled Spansion FL128SAIF00 is a 16MiB SPI based flash memory with the datasheet being easily available online. Since it was broken, it is more likely that it’s deactivated. The reason for this model is purely because it was the cheapest one I could find. I went on eBay and bought a broken SurfBoard SBG6580. Now my plan is to get a new set of certificates from an unactivated device. It likely also has to do with protections against “simple” cloning. My guess is that self-signed certificated are used by engineers to test the network and therefore do not allow access to the Internet. Unfortunately, I was not able to access the Internet and even using my old router’s MAC address did not work. Surprisingly, I was able to provision the modem and my ISP accepted the certificate and gave me an IP address.
#Clone phone mac for internet for mac#
As a result of all this, the DOCSIS 1.1 specification established a PKI system of validation for MAC addresses.įirst, I generated a set of self-signed certificates for my new MAC address. As ISPs clamped down and secured their infrastructure, the hackers moved on to “cloning” modems by finding the MAC address of an existing subscriber and reprogramming their modem to use the same MAC address in order to steal service. I learned about how not too long ago, people would modify their modem configuration files in order to unlock higher speeds than what they paid for (if anything at all). Googling “DOCSIS certificate” led me down the rabbit hole of modem cloning, service stealing, bandwidth unlocking, and so on. The first clue was looking around in the NVRAM partition and finding a set of certificates signed for the modem’s MAC address.
The modem refused to establish a connection. The file does not appear to have any checksums, so I just replaced it with a new MAC, rebooted and… nothing. I found a file in a partition labeled NVRAM containing the MAC address. Once I got a shell, I dumped the flash memory and I grepped for the MAC address printed on the label (trying hex, ASCII, and different separators). The whole process took about an hour–the most time being trying to physically open the plastic shell because (and this may be surprising) hackers are not the epitome of physical strength. After soldering some headers to it, I was able to connect it to my Raspberry Pi and enter the root shell without needing any password. In fact, I did too much work here because after opening the device up, I found the word “CONSOLE” printed on the solder mask right next to those ports. Through the schematics, I found the UART console, which was nicely exposed through some unfilled port.
#Clone phone mac for internet full#
In short, I Googled the FCC ID found on the sticker and found the full schematics for the board along with part numbers of all the chips (such information is required in the FCC approval process but most companies request that it be kept confidential). Getting access to a shell was laughably easy so I won’t even go into details. So this post will be my rite of passage into writing a “real” hardware hacking blog. Almost every reverse engineering blog has a post on hacking some router at some point and every hardware hacking “training camp” works on a NETGEAR or Linksys unit.
#Clone phone mac for internet software#
Modems/routers are infamously easy to hack because they always have outdated software and unprotected hardware. I thought I could just reprogram the MAC address and activate it without issue. The technician doesn’t have access to their account so I would have to either wait for it to be inactive or somehow find them and somehow convince them to help me set up the modem they threw away.īut hackers always find a third option. When I called my Internet service provider to activate it though, they told me that the modem was tied to another account likely because the neighbors did not deactivate the device before throwing it away. I was excited because the modem is much better than the one I currently use and has fancy features like built in 5GHz WiFi and DOCSIS 3.0 support.
An neighbor just moved out and they threw away boxes of old junk. Recently, I stumbled upon an old cable modem sitting next to the dumpster.
0 kommentar(er)
