Waking up...

Thursday, March 21, 2019

Hacking Huawei HG8245Q / HG8245Q2 ONT (from Batelco) to get Administrator access

Only low privilege access using default username password. Superuser access credential unknown...

Aim: To get superuser access.


Superuser Access 

Superuser password hash (Cracked to get full access)

Read more!

Wednesday, February 13, 2019

Hacking Infinova V1772N-T series PTZ camera (for remote restart)

Hacking Infinova V1772N-T series PTZ camera to solve irritating hanging issue, where web interface becomes unresponsive.

Issue: Camera web interface becomes unresponsive after running for few days. Can't access the camera through web browser even though port 80 is open. Telnet daemon port 23 open but username & password are unknown. Contacted Infinova support several times but no solution.

The only solution to get the camera up and running is to physically power off / cut the power to camera and then power up.

Dumped the passwd/shadow file and cracked the root DES encrypted password.


Login via telnet using root credential and reboot the camera remotely or restart webs service.

After getting root:

root@INFINOVA # cat /proc/mtd
dev: size erasesize name
mtd0: 000c0000 00020000 "mboot1"
mtd1: 00320000 00020000 "kernel1"
mtd2: 00320000 00020000 "kernel2"
mtd3: 00220000 00020000 "initrd1"
mtd4: 00220000 00020000 "initrd2"
mtd5: 04680000 00020000 "rootfs"
mtd6: 0ae40000 00020000 "data"

Read more!

Saturday, September 2, 2017

Now In Stock: Fluidmesh Volo FM1200V radio with Unlimited Bandwidth plugin

Fluidmesh Volo FM1200V radio + Unlimited Bandwidth (100 Mbits) plugin for sale


for other plugins like FM-AES, VLAN, Mobility, etc contact me

Read more!

Sunday, January 3, 2016

Zain Wimax Routers Collection

Zain Wimax Routers
(Huawei BM635 & BM636e)
Bypassed security measures to get free internet!

Read more!

Tuesday, July 21, 2015

Hacking G-Share2 (Satellite Card Sharing Client) Subscription

Expiry date: 2017-03-18

Expiry date: 2016-06-27

Expiry date: 2016-08-20

Changing SPI flash programmed with working OTP memory area

Read more!