optus-sagemcom-fast-3864-hacks
optus-sagemcom-fast-3864-hacks copied to clipboard
mattimustang
10.54_F@ST3864V3AC_Optus
I have version 10.54 and the "decrypted" backupsettings.conf is indeed producing junk.
I am also unable to log in to 192.168.0.1 with admin privileges.
Is there any investigation I can do on my end to get this working?
I had the same problem (firmware "8.358_F@ST3864AC_Optus", brand new device that's never been used).
I ended up working around the encryption problem by going to http://192.168.0.1/dumpcfgdynamic.cmd, which displayed the XML config in the browser, then I cut and pasted into a text file.
From inspecting the backup file, turns out my firmware had another user called "support" with password "abcd". Seems to have much the same web access as the "admin" user, but cannot login with telnet (at least, not with that password).
On some routers the URL is this instead:
http://192.168.0.1/dumpcfgdynamic.conf
On some routers the URL is this instead:
Interesting, with my latest NBN connection, Optus supplied VOIP modem, I was able to get the config saved, renamed as HTML for easy opening and viewing in browser
- in that I found
<X_BROADCOM_COM_LoginCfg>
<AdminPassword>base64encoded</AdminPassword>
I decoded that, created a link
http://admin:[email protected]/main.html
🤣 Full admin access, so it has gotten easier not harder.👍 @pabs3 I kinda ignored your post when I first saw it as I had pretty much given up on this router. Woke too early and had a play.. Now able to do all the things I need again.. First: Google DNS 😎 and it took it
Second: TR-069 client - Configuration = DISABLED
