Home | Community | Message Board


High Mountain Compost
Please support our sponsors.

General Interest >> Science and Technology

Welcome to the Shroomery Message Board! You are experiencing a small sample of what the site has to offer. Please login or register to post messages and view our exclusive members-only content. You'll gain access to additional forums, file attachments, board customizations, encrypted private messages, and much more!

Jump to first unread post. Pages: 1
Offlineamyloid
Stranger
Registered: 03/08/03
Posts: 980
Last seen: 2 years, 10 months
w00t, cable modem hacking back in action
    #2304341 - 02/05/04 12:18 PM (12 years, 9 months ago)

fuck comcast and md5!

modem uncappers create firmware for motorola surfboards

1.5Mbps here i come mother fucker. hold onto your panties.


--------------------
"A human being is part of a whole, called by us the Universe, a part limited in time and space. He experiences himself, his thoughts and feelings, as something separated from the rest--a kind of optical delusion of his consciousness. This delusion is a kind of prison for us, restricting us to our personal desires and to affection for a few persons nearest us. Our task must be to free ourselves from this prison by widening our circles of compassion to embrace all living creatures and the whole of nature in its beauty."
-Al Einstein


Post Extras: Print Post  Remind Me! Notify Moderator
Invisiblefunkymonk
Get's down, withthe get-down.
 User Gallery

Registered: 11/29/02
Posts: 8,160
Loc: saskatchewan
Re: w00t, cable modem hacking back in action [Re: amyloid]
    #2305460 - 02/05/04 04:29 PM (12 years, 9 months ago)

:laugh::D:D:D:D:D:D:D:D:D


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineHidingInPlainSight
Male User Gallery
Registered: 01/27/03
Posts: 2,076
Loc: Portland, OR
Last seen: 1 year, 6 months
Re: w00t, cable modem hacking back in action [Re: amyloid]
    #2305606 - 02/05/04 05:02 PM (12 years, 9 months ago)

Where can I find resources/software for DSL modem uncapping?


Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleLanaM
Head Banana
Female

Registered: 10/28/99
Posts: 3,078
Loc: www.MycoSupply.com
Re: w00t, cable modem hacking back in action [Re: amyloid]
    #2305881 - 02/05/04 06:00 PM (12 years, 9 months ago)

Very neat  :grin:

I'll have to do some homework on this one!  If anyone has some links/more info, please post it.

Lana


--------------------
Myco Supply - Distributors of Mycological Products
http://www.MycoSupply.com

The Premiere Source for Mushroom Growing Supplies.
Visit us online or call us toll free


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineHidingInPlainSight
Male User Gallery
Registered: 01/27/03
Posts: 2,076
Loc: Portland, OR
Last seen: 1 year, 6 months
Re: w00t, cable modem hacking back in action [Re: Lana]
    #2305911 - 02/05/04 06:09 PM (12 years, 9 months ago)



Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleSHiZNO
-

Registered: 03/14/03
Posts: 1,467
Re: w00t, cable modem hacking back in action [Re: HidingInPlainSight]
    #2306332 - 02/05/04 08:34 PM (12 years, 9 months ago)

ya until your ISP finds out and youre getting disconencted and/or fined


--------------------
...


Post Extras: Print Post  Remind Me! Notify Moderator
Invisiblezeta
Stranger

Registered: 05/25/02
Posts: 3,972
Re: w00t, cable modem hacking back in action [Re: amyloid]
    #2306643 - 02/05/04 10:13 PM (12 years, 9 months ago)

Cable modem hackers conquer the co-ax
By Kevin Poulsen, SecurityFocus
Posted: 05/02/2004 at 22:31 GMT
http://www.theregister.co.uk/content/55/35377.html

A small and diverse band of hobbyists steeped in the obscure languages of embedded systems has released its own custom firmware for a popular brand of cable modem, along with a technique for loading it -- a development that's already made life easier for uncappers and service squatters, and threatens to topple long-held assumptions about the privacy of cable modem communications.

The program, called Sigma, was released in its final version last month, and has reportedly been downloaded 350 to 400 times a day ever since. It's designed to be flashed into the non-volatile memory of certain models of Motorola's Surfboard line, where it runs in parallel with the device's normal functionality. It gives users almost complete control of their cable modem -- a privilege previously reserved for the service provider.

The project is the work of a gang of coders called TCNiSO. With about ten active members worldwide, the group is supported by contributions from the uncapping community -- speed-hungry Internet users who rely on TCNiSO's research and free hackware to surmount the bandwidth caps imposed by service providers, usually in violation of their service agreement, if not the law. To them, Sigma is a delight, because it makes it simple to change the modem's configuration file -- the key to uncapping, and, on some systems, to getting free anonymous service using "unregistered" modems. "I've known TCNiSO for two years now and I've done a lot of things with their techniques," wrote a Canadian uncapper in an e-mail interview. "Sigma is the greatest one I've seen."

To make Sigma work, uncappers most commonly use a hardware hack developed by TCNiSO that tricks the Surfboard into accepting the custom code. Under an industry standard called DOCSIS (Data Over Cable Service Interface Specification), cable modems only permit changes to their internal programming that are sent down the pipe by the service provider -- users are prevented, Xbox-style, from running unapproved code, even on a modem they own.

But TCNiSO discovered that the Surfboard modem contains an undocumented vestigial console port, through which the boot process can be controlled. The group published a detailed tutorial for tapping into the serial port, which involves opening the modem and connecting two wires at particular points on the circuit board, then routing them through an inexpensive chip that converts the signal to RS-232 levels-- allowing the user to plug in a PC running a terminal program. Users less handy with a soldering iron can purchase a special conversion cable from TCNiSO's website to simplify the process.

From there, the user simply reboots the modem. A stream of text comes down the port describing the boot process, which the user can interrupt with a keystroke, then redirect by typing in a new boot string. The modem can be told to boot from any FTP server -- in this case, one running on the user's own PC, and serving up Sigma. Once the new firmware is loaded, it becomes part of the modem, and the process need not be repeated.

With Sigma installed, the cable modem lays exposed for what it really is: a versatile computer in its own right. Built on a powerful MIPS processor, the modem's native operating system is VxWorks, the same OS used by the Mars rovers. Sigma unlocks that hidden capability -- users can "rlogin" to the modem and interact with a VxWorks shell, or browse to a custom Web interface that sports easy-to-use and form fields for executing commands, or changing parameters normally controlled remotely by the service provider.

Eavesdropping Risks

While it's a boon to uncappers, the security implications of firmware hacking go beyond mere bandwidth-boosting and theft-of-service. The topography of cable modem networks typically puts between 500 and 1,000 homes in a neighborhood on the same circuit, their Internet traffic all mingled on the same co-ax cable. Subscribers are prevented from eavesdropping on their neighbors' traffic by their own modem, which is programmed to only pass packets destined for them. By building on TCNiSO's hacking technique, a malefactor could write custom code to forward all the raw network traffic to their PC.

Outside security experts have generally dismissed any eavesdropping threat on modern cable systems based on a belief that cable companies are encrypting customer traffic, a capability built into all DOCSIS-certified modems since 1999. But while encryption would indeed thwart any eavesdropping attempt, in the most commonly-deployed version of the DOCSIS standard, version 1.0, the encryption option is just that -- an option, and one that's turned off by default. "The security has to be there" in the modem, says Oscar Marcia, chief security architect at for CableLabs, the industry group responsible for DOCSIS. "But the [service provider] can decide when to turn it on."

And turning it on they are, Marcia says, but slowly, and in bits and pieces, even five years after the option became available. "It's kind of a gradual process... They want to make sure that they have all the kinks worked out of their system." He adds that he expects the process to accelerate as cable companies migrate to newer versions of the DOCSIS specifications, where encryption is "on" by default, instead of off.

SecurityFocus asked four U.S. cable modem service providers if they protected their customers with the encryption option. Comcast, Adelphia, and CableVision's Optimum Online declined comment; a spokesman for Time Warner's Road Runner service didn't return repeated phone calls on the question. Comcast's terms of service, however, acknowledges a risk of eavesdropping by "other subscribers," and Optimum Online's bluntly admits the company doesn't utilize encryption: "All Subscriber's ethernet traffic ... will be reflected by the cable Modem in an unencrypted form onto the cable network and be subject to eavesdropping."

The architecture of cable modem networks likely prevents eavesdropping of upstream traffic, liked typed passwords and credit card numbers, and websites using SSL would be immune from passive monitoring. "But downstream traffic is certainly visible to lots of people if crypto isn't used," said AT&T security researcher Steve Bellovin, in an e-mail interview.

The potential for spying and other mischief based on TCNiSO's research is not lost on "DerEngel" -- the 23-year-old unemployed programmer who heads the group. In an effort to be responsible, the group programmed Sigma to block execution of the VxWorks functions that change the modem's MAC address, a capability that could otherwise wreak havoc on a network in the wrong hands. And on the group's website, DerEngel offers to provide cable companies with a tool to detect Sigma in use. "If you're going to make the crack, might as well sell the glue," he says. So far, no one's taken him up on the offer.

International Team

DerEngel says he and a friend began hacking cable modems three years ago. Since then, the number of coders and researchers working on TCNiSO projects has grown to ten, each with specialized skill sets, hand-picked by DerEngel with the care of the roguish ringleader in a caper movie assembling a team for a big score. He has a C coder and a Windows programmer in Australia, a programmable memory expert in the U.K., testers in Europe and Canada, and an assembly language coder in Kentucky.

The latter is "Isabella," a 31-year-old programmer who coded Sigma from her home near Louisville. Isabella scratches out a living doing odd software and hardware jobs, like designing an electronic light toy, or writing the embedded code that operates the ghosts and goblins in a local haunted house attraction every Halloween. DerEngel approached her online last year, after hearing she was good with an assembler and might be interested in helping.

Underemployed and intrigued by the possibilities, Isabella wrote Sigma in three months of days-long spurts of creativity. She doesn't have cable modem service. "Everybody, it seems like, messes with PC-based stuff, but nobody that I know does the embedded thing," she says, explaining her interest in the project. "And Der is really nice. Some people think he's kind of crazy, but I figured out how to deal with it."

How crazy? When Isabella mentioned to DerEngel that she was looking for a better MIPS assembler for the job, she expected him to suggest one of the free programs already available. Instead, he wrote a new one from scratch, filling it with features particularly useful to firmware hacking. "He wrote a good assembler," she says. "Der was determined to do it."

Indeed, the accumulated talent of the group's members has begun to dwarf their raison d'?tre, and the coders seem to know it. DerEngel is barely interested in discussing uncapping, and speaks instead of the possibilities of writing plug-ins for Sigma -- extensible by design -- that would transform the capabilities of the Surfboard, turning it into a NAT box and a firewall. Isabella thinks they can program the modem to tune to the channels used by the cable companies' digital music feeds, which -- like TV programming -- share the co-ax with the cable modem service. The hack might let the modem send music to the user's PC, where it could be streamed in real time.

Ultimately, DerEngel and Isabella would even like to go legit, and turn the group into a research shop for cable system providers, or at least make a deal that allows TCNiSO to test their techniques in a sanctioned laboratory setting. But after three-years as the preeminent underground think tank for cable modem uncappers, DerEngel is realistic about the future. "In this industry you can't be the good guy and the bad guy," he says. "So I guess we have to hide for now, for that reason, because everyone will perceive us as the bad guys... I think they look at us as hacking something that we shouldn't, instead of just interested in electronics and trying to get better at what we do."

Of course, the cable industry has it's own impossible dreams, which include preventing smart coders with lots of time and restless passion from hacking the next generation of cable modems. "What you're talking about only affects the DOCSIS 1.0 modems," says CableLabs' Marcia of the Surfboard hack. The DOCSIS 1.1 and 2.0 specifications only accept firmware that's been digitally signed by the cable company. "Once you move to a DOCSIS 1.1, and we already have some cable operators deploying 1.1, this hack is not a viable hack any more.... One mistake, and it turns the modem into a brick."

But DerEngel doesn't believe any cable modem is going to be immune from customization, and he says his team is ready to prove it. "If you have to, you can just change the [programmable memory chip] -- desolder it, put it back on there," he says. "As long as the customer has the actual hardware in their hands, the customer will always be able to change what he has."


Post Extras: Print Post  Remind Me! Notify Moderator
InvisibleTinMan
Stranger

Registered: 10/01/02
Posts: 2,956
Loc: Russia
Re: w00t, cable modem hacking back in action [Re: Lana]
    #2306723 - 02/05/04 10:36 PM (12 years, 9 months ago)

Being fined/banned for life from your cable ISP is almost inevitable. Maybe certain ISPs can't tell when you're going over the line, but bandwidth is actively monitored. Ever gotten a letter saying you're using too much of an unamed bandwidth? I'm sure they get those results from the same computer they can check your speed settings on.


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineTheDrugStore
Shroomer

Registered: 12/23/03
Posts: 661
Loc: Hawaii Flag
Last seen: 1 year, 9 months
Re: w00t, cable modem hacking back in action [Re: amyloid]
    #2306955 - 02/05/04 11:36 PM (12 years, 9 months ago)

I have the Motorola SB5100 SURFboard modem... IS THAT GOOD?

Will this be possible for me to do this?

I dont think i really need to though. Im already running at 2mbps :smile:


--------------------
Penalties against drug use should not be more damaging to an individual than the use of the drug itself. Nowhere is this more clear than in the laws against the possession of marijuana and mushrooms in private for personal use.


Post Extras: Print Post  Remind Me! Notify Moderator
Offlinellamaboy
the weasel thatsnagged the bee

Registered: 11/08/03
Posts: 563
Loc: Portland PNW
Last seen: 7 years, 1 month
Re: w00t, cable modem hacking back in action [Re: TheDrugStore]
    #2307076 - 02/06/04 12:09 AM (12 years, 9 months ago)

you can actually download at 2mbs?  that's pretty amazing for cable..since they tend to cap you at about 250-300 down and 30-50 up...you must have one kick ass ISP :smile:.  my cable is 1.5mbps but i can only upload at 30, and i can only download at 300 tops.


Post Extras: Print Post  Remind Me! Notify Moderator
OfflineTheDrugStore
Shroomer

Registered: 12/23/03
Posts: 661
Loc: Hawaii Flag
Last seen: 1 year, 9 months
Re: w00t, cable modem hacking back in action [Re: llamaboy]
    #2307130 - 02/06/04 12:20 AM (12 years, 9 months ago)

Oh no... thats just the subscribed speed im at. What i "ordered" i acually only download at 300-350... and never let anyone upload :wink:


--------------------
Penalties against drug use should not be more damaging to an individual than the use of the drug itself. Nowhere is this more clear than in the laws against the possession of marijuana and mushrooms in private for personal use.


Post Extras: Print Post  Remind Me! Notify Moderator
Offlineamyloid
Stranger
Registered: 03/08/03
Posts: 980
Last seen: 2 years, 10 months
Re: w00t, cable modem hacking back in action [Re: TinMan]
    #2309901 - 02/06/04 09:34 PM (12 years, 9 months ago)

in response to everyone saying "blah blah blah they check youll get busted" before they implimented the md5 encrypted docsis crap, i was fully uncapped for 3 months, leaving kazaa up, sharing my mp3s and downloading everything i could think of. ive never had any problems, neither did any of the 50 other people i taught how to do it. do u know someone that was busted?


--------------------
"A human being is part of a whole, called by us the Universe, a part limited in time and space. He experiences himself, his thoughts and feelings, as something separated from the rest--a kind of optical delusion of his consciousness. This delusion is a kind of prison for us, restricting us to our personal desires and to affection for a few persons nearest us. Our task must be to free ourselves from this prison by widening our circles of compassion to embrace all living creatures and the whole of nature in its beauty."
-Al Einstein


Post Extras: Print Post  Remind Me! Notify Moderator
Offlinedarkfly
LysergicExperimenter

Registered: 09/17/01
Posts: 1,169
Last seen: 1 year, 3 months
Re: w00t, cable modem hacking back in action [Re: llamaboy]
    #2311378 - 02/07/04 01:10 PM (12 years, 9 months ago)

Your cable is only 1.5Mbps but you can only download at 300KBps? What are you talking about. You do know 1.5Mbps translates to about 197KBps, I think you folks are misunderstanding conversions. Thats MegaBITS and KiloBYTES.


--------------------
Everything Is Blue In This World. The Deepest Shade Of Mushroom Blue.


Post Extras: Print Post  Remind Me! Notify Moderator
Offlinenife
I'm Dead
Male
Registered: 12/26/03
Posts: 225
Last seen: 2 years, 9 months
Re: w00t, cable modem hacking back in action [Re: TheDrugStore]
    #2311432 - 02/07/04 01:36 PM (12 years, 9 months ago)

300 Kbs is almost 3mbits
8 bit is 1 byte


I am waiting until the MAC address can be changed. Then I will be happy. I don't know anyone in real life that has been caught, but many people I know over IRC have been.

Too bad I don't have a surboard modem. DAMNIT


--------------------
Protect Your Rights
Freedom Card


Post Extras: Print Post  Remind Me! Notify Moderator
Offlinellamaboy
the weasel thatsnagged the bee

Registered: 11/08/03
Posts: 563
Loc: Portland PNW
Last seen: 7 years, 1 month
Re: w00t, cable modem hacking back in action [Re: amyloid]
    #2335402 - 02/14/04 08:47 PM (12 years, 9 months ago)

it's funny, just after i read this, i got a letter from comcast...they've now boosted my downstream limit to 5mbps and my upstream limit to 256kps....:D no need to uncap my modem now! that's more than sufficient for me!


the reason taht i can only download at 300kps with my 1.5mbps connection is because of traffic...many computers are clogging the network. most isps do not cap the downstream. so if you are on at like 4 am you can get close to 1.5mb/s

and even if i misunderstandign the conversion...comcast is typically a 1.5mbps connection speed, and i typically obtain 300kps download speeds...but now that they've boosted my connection...i'm downloading at 550kps, and myupstream is about 256kps


Post Extras: Print Post  Remind Me! Notify Moderator
Jump to top. Pages: 1

General Interest >> Science and Technology

Similar ThreadsPosterViewsRepliesLast post
* XP 64 and cable modem problem Aiko Aiko 1,028 11 04/19/06 09:25 PM
by Seuss
* Uncapping cable modems, Free internet services Irradiated_Feces 11,079 11 07/25/05 07:01 PM
by ParanoidAndroid
* question about cable modem w/router youtelephonecall 1,062 3 10/25/02 06:16 AM
by Ythan
* Cable Modem Problem pshawny 756 7 11/13/05 01:37 AM
by Vvellum
* Setting up a cable internet network with Windows 95? Twirling 1,188 9 01/12/05 10:09 PM
by Huehuecoyotl
* Router-Modem Problem... Help??? Shroomerious 707 3 09/25/04 07:12 PM
by discoabe
* Cable IP change? PriitK 735 12 04/06/06 02:19 PM
by funkymonk
* cable question Rin 1,142 7 08/04/02 09:32 AM
by Rin

Extra information
You cannot start new topics / You cannot reply to topics
HTML is disabled / BBCode is enabled
Moderator: Lana, trendal, Diploid, automan
3,174 topic views. 0 members, 3 guests and 0 web crawlers are browsing this forum.
[ Toggle Favorite | Print Topic | Stats ]
Search this thread:
Gaiana.nl
Please support our sponsors.

Copyright 1997-2016 Mind Media. Some rights reserved.

Generated in 0.099 seconds spending 0.005 seconds on 14 queries.