Timeline for ZTE encrypted backup config file
Current License: CC BY-SA 3.0
23 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Dec 30, 2020 at 17:36 | comment | added | HE9CbITb | Is anyone member of this topic alive?:) Sir Vido, I see you suceeded in decryption of your modem configuration file. I have same problem as you: modem ZTE F609 with encrypted config. Unfortunately, I was not so good trying to decrypt this file:) But I need just one thing from this file: telnet login/password. I think in my modem they are kinda non-standard. I tried different variants: root/Zte521, root/rоot, root/Telkom135 and another - noоne worked. If it doesn't bother you - could you please tell me (I swear I'm not a hacker:D) what are standard telnet login/password on your modem? This is a | |
| Oct 7, 2020 at 19:08 | history | protected | CommunityBot | ||
| Oct 7, 2020 at 17:30 | comment | added | Ioannis Oikonomou | I have a ZTE H288A. Is there any change to decrypt the config.bin, provided that I don't have SSH access to the router and thus cannot retrieve file tagparam_m? Thanks. | |
| Jul 26, 2020 at 14:05 | comment | added | Vido | @danca how did you dumped flash from SE2i I also have same device and I wont to dump my firmware over bootloader ? | |
| Jun 26, 2020 at 20:13 | comment | added | jimpapi | i have a zte h267a router. i have access to ssh and telnet. How can i dump the function CSPDBGetFileEncryKey to extract my key...(i know the key already but i want to find it in kernel). I binwalk my mtdblocks and i can see some kernel commands in hexview...but how to find the key? i also searched in bin and tftp in my compyter the cspd file but i don't know how to find the function or the key! Please help...thanks!! | |
| Jun 9, 2020 at 18:43 | answer | added | user33502 | timeline score: 3 | |
| Jun 3, 2019 at 14:45 | comment | added | Vido | @danca can you give me your mac address, I thinks that key for config is md5 mac addres | |
| Jun 28, 2018 at 12:16 | comment | added | danca | I succeeded to dump flash of Speedport Entry 2i using bootloader. Tried to find encryption key but with no luck. I uploaded cspd and the decompilation with retdec here. The result contains lots of pseudo calls, which i didn't understand and some of the important functions are empty. Maybe you can figure out what the key is. I uploaded whole rootfs too. Web interface is quite complex, it's encrypted lua. I enclosed decrypted lua files. You can download them from here. The files are from a | |
| Apr 13, 2017 at 12:49 | history | edited | CommunityBot | replaced http://reverseengineering.stackexchange.com/ with https://reverseengineering.stackexchange.com/ | |
| Mar 11, 2017 at 19:07 | answer | added | Vido | timeline score: 1 | |
| Oct 24, 2016 at 22:36 | answer | added | mkst | timeline score: 11 | |
| Oct 17, 2016 at 7:42 | comment | added | J91321 | I think ZTE sells these only as CPE. I even tried to buy one online but couldn't find it anywhere. | |
| Oct 16, 2016 at 18:38 | comment | added | NirIzr | Firmware link seems to provide no firmware versions to download | |
| Sep 24, 2016 at 21:22 | history | tweeted | twitter.com/StackReverseEng/status/779793055788457985 | ||
| Sep 24, 2016 at 20:38 | comment | added | J91321 | Not really, I would probably need to obtain a sample of firmware and reverse engineer it to find out what is happening with config.bin. But if you are willing to share your config.bin sample I'll take a look. Just remember to remove any confidential information before exporting it. | |
| Sep 24, 2016 at 18:13 | comment | added | Juicy | Did you ever make any progress on this? I'm also looking at the config.bin from my new home router, from ZTE as well. | |
| May 29, 2016 at 23:40 | history | bumped | CommunityBot | This question has answers that may be good or bad; the system has marked it active so that they can be reviewed. | |
| Mar 1, 2016 at 21:58 | comment | added | J91321 | Thanks, I downloaded your config and the entropy looks very similar to mine that's true. Unfortunately I still haven't found any more info or ideas on how to solve this problem. | |
| Feb 17, 2016 at 22:19 | comment | added | lukas kiss | I am not answring you question, but maybe this can help you. I have the same problem and i think we have same ecryption algoritm but diferrent keys. This is my config.bin I also find out, that a number 0x57 is often there maybe it can decide the sections. In my config file is 0xb6. Maybe it can be helpful for you to solve it. | |
| Dec 26, 2015 at 15:08 | history | edited | J91321 | CC BY-SA 3.0 | new information added |
| Dec 24, 2015 at 20:07 | history | edited | J91321 | CC BY-SA 3.0 | fixed typo in title |
| Dec 24, 2015 at 16:31 | review | First posts | |||
| Dec 24, 2015 at 16:52 | |||||
| Dec 24, 2015 at 16:19 | history | asked | J91321 | CC BY-SA 3.0 |