1. Hi, Guest,

    Currently we have three official hacks running. CSGO, Battlefield Hardline and Audition America. Be sure to check them out!

    CSGO - "50 Shades of Gaben" - CSGO Cheat

    Battlefield Hardline Cheat - FREE

    Audition Redbana Hack [ARH Modz]

    More to Come!
    Dismiss Notice
Dismiss Notice
CSGO VIP Cheats now available!! Click here to get a copy!
Dismiss Notice
Want to Shorten Your Long URL? Check out our sister website Tiniurl to solve your needs!

Cable Modem Uncapping Kit 6.3

Discussion in 'Networking and Security' started by Citizin, Dec 5, 2005.

Thread Status:
Not open for further replies.
  1. djvirus

    djvirus

    Messages:
    2
    Likes Received:
    0
    Joined:
    Jan 14, 2007
    soory to be dumb but i am no table to follow these intructiosn.. i have beetle 220vx asdl2+ modem where i connect my net through that. so how do i got about this.

    i got a256kbps connection.

    thanks in advance
     
    Last edited: Jan 16, 2007
  2. Tripd

    Tripd

    Messages:
    60
    Likes Received:
    0
    Joined:
    Jul 13, 2007
    It's cool to know this, but I wouldn't dare risk going to jail over saving a few seconds on the internet
     
  3. llvllaster_8513

    llvllaster_8513

    Messages:
    1
    Likes Received:
    0
    Joined:
    Jul 23, 2007
  4. Lavats

    Lavats

    Messages:
    26
    Likes Received:
    0
    Joined:
    Aug 15, 2006
    Does that mean that comcast's "speedboost" is just uncapping the connection?
     
  5. sicninja

    sicninja

    Messages:
    25
    Likes Received:
    0
    Joined:
    Jul 1, 2007
    My friend did this long ago, the company showed up within 2 days, disconnected his service, terminated his contract, banned him from there service, fortunately he had AT&T before it became dictated which companies could be where by district, and comcast took over our area. so he hasnt done it since... there is a way to spoof your mac address and location. but you dont wanna do this without knowing you can spoof your specific modems mac
     
  6. uppertk

    uppertk

    Messages:
    5
    Likes Received:
    0
    Joined:
    Nov 9, 2007
    lol i just used this and like 10 minute later they called me and said have you uncapped your modem? i just said what's that? i'm at mcdonald right now, can you call me like 10 minutes later when i get home? and they said sorry, i must have made a mistake.(time warner cable road runner internet)
     
  7. kiran_n444

    kiran_n444

    Messages:
    164
    Likes Received:
    0
    Joined:
    Jun 19, 2006
    well this is a great tutorial, but it doesnt work for me. of all the Surfboard Modems I got stuck wiht the SB 5100 the only one that can't be cuncapped.
     
  8. Citizin

    Citizin Retired Staff Member

    Messages:
    1,570
    Likes Received:
    36
    Joined:
    Nov 23, 2005
    Lol, it should work with that version, I havn't touched the kit in a long time, its been awhile.
     
  9. #Triplex

    #Triplex

    Messages:
    351
    Likes Received:
    3
    Joined:
    Apr 20, 2008
    Hmm... Maybe i should try this sometime, but i dont want my cabel removed :O
     
  10. wiwiw10

    wiwiw10

    Messages:
    35
    Likes Received:
    0
    Joined:
    Jun 28, 2007
    hey bro im having problem with my zyxel modem
    before my speed is 2mb now 900kbps after a lineman got here and ticking something with the setup. Do you think i can adjust my speed by ticking something there.

    thanks
     
  11. Citizin

    Citizin Retired Staff Member

    Messages:
    1,570
    Likes Received:
    36
    Joined:
    Nov 23, 2005
    I'm not fimilar with a Zyxel modem, but chances are it isn't going to work with this kit because it is for Motorola Surfboard modems. As far as you're speeds go, if you really want to raise them, buy a better package, or go out and buy a Motorola Surfboard 4xxx and try to uncap it then.
     
  12. security98

    security98

    Messages:
    1
    Likes Received:
    0
    Joined:
    Jun 19, 2008
    hey i cant get the config file from the isp any sugestions? maybe get it from the modem somhow im stuck on getting the config file i have cablevision www.optonline.net
     
  13. Citizin

    Citizin Retired Staff Member

    Messages:
    1,570
    Likes Received:
    36
    Joined:
    Nov 23, 2005
    Read the instructions.
     
  14. dL-Faceless

    dL-Faceless

    Messages:
    34
    Likes Received:
    0
    Joined:
    Nov 5, 2006
    Can the ISP do a scan to see if anyone is doing that?
     
  15. Hacks_Roots

    Hacks_Roots

    Messages:
    303
    Likes Received:
    0
    Joined:
    Feb 18, 2008
    Is there a way to prevent being caught? Like faking the internet connection usage?
    For example:
    I am currently downloading: 5MBPs (Uncapped)
    But in their logs I only using: 1kbps
    Just an example.
     
  16. Majii Guy

    Majii Guy

    Messages:
    1,914
    Likes Received:
    8
    Joined:
    Nov 8, 2008
    No, that is not possible through the resources you have.

    Sincerely,
    Vincent
     
  17. stellsfan

    stellsfan

    Messages:
    263
    Likes Received:
    3
    Joined:
    Feb 5, 2008
    btw capping ur internet is practically obsolete now due to the speeds isp's provide u with now. for example i have verizon fios and i get incredible speed without uncapping, but i understand tht ppl dont feel like gettin fios or cant afford so u uncap ur modem, i usually download like maybe around 6+ mbps. to me it makes more sense just to change ur isp to a better one than to possibly faces greater charges becuase u uncapped ur modem (i understand fios isnt advailable in every location), so there is my opinion...
     
  18. Hacks_Roots

    Hacks_Roots

    Messages:
    303
    Likes Received:
    0
    Joined:
    Feb 18, 2008
    Yeah, I think your right.
    Im pretty scared of using this cause of extra charges or the "force disconnection".
    Thanks for the advise.
     
  19. feraligatr8

    feraligatr8

    Messages:
    1
    Likes Received:
    0
    Joined:
    Jan 23, 2009
    I live in Vanuatu, If the ISP is as useful as the police, I wont get caught XD

    feraligatr8 added 2 Minutes and 16 Seconds later...< --- Please use the edit button in the future--- >

    link seems to be dead, can u plz email me a mediafire mirror? My DL speed is 12kb/s, I NEED THIS!
     
    Last edited: Jan 23, 2009
  20. thalungz

    thalungz

    Messages:
    10
    Likes Received:
    0
    Joined:
    Feb 7, 2009
    Hey guys, I have been practicing thishobby for years now, and I am well know in the scene. I just wanted to chime in here and give some info to you guys.


    FIRST:
    THIS IS ILLEGAL. THIS IS A GREAT HOOBY, AND IT IS VERY FUN. BUT IT IS STILL ILLEGAL AND YOU SHOULD NOT DO IT IF YOU DON'T WANT TO TAKE THE RISK OF GETTING FINED ETC. Even though the ISPs do not hunt for testers. You can still be caught, do not think you can't.
    ALSO MOST IMPORTANT DO NOT HACK YOUR RENTED OR SUBSCRIBED MODEMS!!!! ALSO DO NOT RUN A SUBSCRIBED MODEM AND A HACKED MODEM IN THE SAME HOUSE!!!! OR YOU WILL GET CAUGHT VERY EASILY. LASTLY; EVERYTHING I SAY THAT PERTAINS TO THIS HOBBY IS FOR EDUCATIONAL AND PROOF-OF-CONCEPT PURPOSES ONLY. I take no responsibility for those who decide to break the law.

    Anyways, nw that is out of the way...

    THERE is ways to stay stealth, but they are not 100% such as releasing your IP filters, disabling the embedded telnet server and changing your CPE mac regularly. But you cannot change you intranet address. So technically you are always visible. Anyways, ths hobby has gotten a lot harder than it used to be. Before BPI+, we could scan for mac addresses and then just paste them into the HFC mac field on the modem's webpage. But since people decided to sell clones all over the place and even got caught. It got the attention of cisco and other big ISPs, and they looked for a way to stop it. They didn't have to look hard all they had to do was implement baseline privacy, and then modems not only needed a valid HFC mac addresses, but they needed matching certificates. The certs need to match the mac, serial etc. in order for it to be granted access to the network.

    Ok simple right? Just figure out a way to grab the modems certs as well as the mac, right? Well YES! That would work!!! BUT there is no way of grabbing the certs remotely. Unless, the modem is in facotry mode. But in order for the modem to be in factory mode, you need it to be on your local network. Then you need to send a bitfile to it, which will enable factory mode. Then you can use snmp to grab the certs off of it. Then you need to edit them and inject them into your other modem. But you see, you need the modem to be local to do this. There is other ways, but they are not ways to get the modem into factory mode. It is a way to find modems that are already in facotry mode. Anyways.. Now that you have been brought up to date, continue on. lol...


    Most isps are now docsis 1.1 so mostly all 41xx and 42xx series surfboards no longer work. As they were made for on d10.

    Also, somebody said "doing this is obsolete now due to the speeds isps offer" Well I guess.... If you like to have a really fast connection and want to pay; you can subscribe to the 18mbps package that my ISP (and im sure many others too) has.. It is 99.99 a month PLUS 25$ if you go over your monthly bandwidth limit. That is for speds like this;

    [​IMG]



    Anyways..As mentioned above, now a days, the ISP's have implemented NEW security features. Mainly docsis 2.0 and BPI+. My ISP (and lots of others ) however are still d11, but have gone almost full bpi+. What is FULL bpi+?? Well it stands for "Baseline Privacy".. It is a system that ISP's uses to keep clones off of the network. But, some ISPs haven't gone full, and so you can scan snmp fr modems, and then grab the cm_cert, mac, spe mac, serial and then you can get online. But I will cover that in one of my tutorials to follow part 1. .. .Anyways;

    Full bpi+ , is when the modem needs to have ALL of the certificates matching in order to get access to the network.. Remotely grabbing the certs is do-able and I do know of a way. BUT, I decided to keep it private, because with this (teted and working) info, you can bypass BPI+ 100% But I am sure the ISPs can patch it, and so I am keeping it private for now. I want a way to be able to tell the user how to grab certs, etc.Without exposing the exploit.. Get what I mean? I did however discover the exploit, so I CAN release it, if I want. Which would be in the private section if I do, sorry :-(

    Bypassing bpi+ :

    You need to make sure you can still scan SNMP on your ISP. (My ISP blocked it) If you can scan, you need to scan for modems that are already in factory mode. Because you CANNOT grab the certificates off of a modem that isn't in factory mode. BUT, to find modems that are in factory mode you need my tutorial. (which like I said, I might release in the private section here)

    There is NOT a way to put a modem into factory mode remotely (like I already said above) Unless, you can get the modem to take a FATSH (shelled firmware) stock firmware. These have a telnet server in them and once you send it to the modem, you can then telnet into it and view, print or save the certs ;)

    BUT as it stands now, there is no way to do this. There is a program called "Storm watch 2" which is a Motorola app, and it has a firmware upgrading feature..But, it will not let you send un-signed firmware. So you can see how it is hard is these days to get a clone onto networks. Also, remotey flashing a hacked firmware to the modem will NOT work either.. Because in order for the modem to reboot properly, you NEED to update the bootloader to a hacked one, which you can't do remotely unless you have telnet access and you need to reboot to use the telnet on the hacked firm.. ..With the stock FATSH firmware, this is not a problem. Because most of the modems you will find, will ALL have a firmware version of 2.x + These all use the same bootloader. So you don't need to update the bootloader if you aren't using a hacked firmware, get what I mean?




    PS: If the package in the first post is for 4xxx modems, it is more than likely obsolete and most of the files probably old. Although some of the old files still work today.

    One more thing, I read in this post that somebody wanted to know, if they could use the pack to mod a different model modem. They were told no, that is wrong. Although the firmware and appz were initially made for Motorola Surfboard modems, they do actually work on A LOT of other modems. The Manufacturer and Modem model is not what matters, it is the flash chip that matters. For example; Motorola sb5101s have the SAME chip in them as the Ambit 25x series modems. (BCM3349) And so, the hacked ambit firmware works on them. It ALSO WORKS on Certain Webstar DPC/DPX series modems, if they have the same chip. Same with RCA modems, and so on... So when shopping around for your modem, look for ones that have BCM 3349 and BCM 3348 chips. Because BOTH those chips have hacked firmware written for them !! :) The 3349 chip's firmware is for more advanced users, and I recommend that newbs use sigma, or 5100mod and an sb5100 modem to start. BUT there is a NEW firmware for the 3349 chips and it is VERY user friendly.

    For 3348, you use; Sigma, 5100mod or Fersca 13.5 Firmware etc..
    For 3349, you use; Hax0 (latest and HIGHLY recomended by me) or hacked ambit firmware etc.


    Anyways, I think I am done now lol ..... I am going to put together a new pack, it will have ALL the latest and previous versions of hacked firmware in it, for BOTH chips. It will also have tutorials and all the needed apps, tools etc. to get started. So pretty much a lot of what you need to get started testing.. This is a very fun hobby, and I think it has lots of new exploits, secrets and other stuff waiting to be explored by new enthusiasts! I can't wait to see what new appz and firmwares the future of this hobby holds.. lol..See ya around !! ;-) :)

    -thalungz
     
    Last edited: Feb 20, 2009
Thread Status:
Not open for further replies.

Share This Page