Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DOCSIS vulnerability

From: Mark <mark () chipme co uk>
Date: Tue, 12 Mar 2002 17:36:34 +0000
On Tue, 12 Mar 2002 07:54:31 -0600, you wrote:


On Tue, Mar 12, 2002 at 06:16:43AM -0500, Chris Chandler wrote:

This is not entirely true. I have only seen a few instances of it
actually working with Some Cybersurfer modems, mainly the SB 3100 and SB
4100. It does NOT always work, I know I have tried it, the whole spiel
of creating the specific binary and key files for it then doing the
reset and what have you.  While I have seen this work on a few, I have a
DOCSIS modem and it doesn't work.


Interesting, it works fine on AT&T's network, as well as Charter communications
with the scripts I wrote it worked every time with no problem.



On both cable operators in the UK it has worked some to a lesser
degree than others. On BlueYonder (all SB 3100/4100 type modems afaik)
you can uncap fully as when you decode the DOCSIS file the key is left
there for all to see. With NTL the other main operator they seem to do
things a different way and don't include the key, but you can login to
there TFTP server, download there 'gold' service and use that.

BY are clued up on it, soon as they detect the modems been uncapped
you get a warning how you breached there AUP.

Thanks,
Mark
Previous By Date Next
Previous By Thread Next

Current thread: