Government Security
Network Security Resources

Jump to content

Photo

Hack Your Modem And Increase Your Download Speed


  • This topic is locked This topic is locked
36 replies to this topic

#1 coderman

coderman

    Private First Class

  • Sergeant Major
  • 36 posts

Posted 16 September 2004 - 10:50 AM

Hack Your Modem and Increase Your Download Speed from 64Kbps to any Speed You Wish

Most of us will be feeling that the surfing speed which is allocated by our ISP is not enough. People with 64Kbps will think 128Kbps will be cool speed. People with 128Kbps will think 256Kbps will be cool and so on

This tutorial will teach you how to increase your 64Kbps link to 512Kbps or what ever speed you like.

It is very much possible to do this. With a bit of luck if your Cable Internet Service Provider are very uneducated on how this very new technology works and leave some key loopholes open for you to grab vital information on how to accomplish this task. But this tutorial will no guarantee you 100% success.

Okay here we go. I'm going to try to explain you as best as I can to accomplish re-configuring your SB5100, SB4100 or SB3100 cable modem

Theory of cable modem working

All the cable modems when it boots up it will search for an “Image file” where in all configuration like your upload speed limit and download speed limit is defined. This “Image file” is stored in ISP`s TFTP server. Modem will be pre-configured with the ISP`s TFTP server IP address and the Image file name to be downloaded. When the modem boots up it query TFTP server and download Image file from TFTP server according to this this our speed limits will be set.

Our Mission

Get this Image file from ISP`s TFTP server, reconfigure it according to our need and force our modem to download this file from our Computer rather than downloading it from our ISP`s TFTP server.

Steps to accomplish

1). Get cable modems MAC address
2). Get your ISPs TFTP server IP address
3). Get name and path of the “configuration file” or Image file stored in the ISP`s TFTP server.
4). Download Image file from ISP`s TFTP server.
5). Decrypt the Image file which you downloaded from ISP`s TFTP server
6). Modify the Image file
7). Encrypt the modified Image file
8). Change your computer’s TCP configuration same as ISP`s TFTP server (i.e. IP address same as ISP`s TFTP server)
9). Host TFTP server in your computer
10). Put Image file in the base directory of your TFTP
11). Restart your modem
12). Changer your PC's IP back as given by ISP
13). OOPS Done. Start surfing with your new speed


1). Get cable modems MAC address

You can either look at the back of the modem to get this MAC Address or you can logon to your Cable modem with your Web Browser http://192.168.100.1/ . This is internal HTML pages stored within your DOCsis cable modem (SB5100, SB4100 and SB3100) that gives you even more vital information on configuration. Unless it is turned off by your ISP. This feature might be totally turned off by your ISP.


2). Get your ISPs TFTP server IP address
3). Get name and path of the “configuration file” or Image file stored in the ISP`s TFTP server.

For getting this vital information you have to do an SNMP walk over your modem. For doing this you can use any one of the tools below

a) There’s a program called QUERY.EXE from Weird Solutions which is a BOOTP packet request program that will tell you everything you need to know, without all these extra steps. It will display the Image Filename, TFTP server address, which is really all you need to get started. To use this BOOTP QUERY tool, you need the MAC address of your cable modem
You can download this from:
http://www.weird-sol..._bin/bootpq.exe

Or

B) Experts can use Solarwinds SNMP program
You can download this from:
http://www3.solarwin...-EE-V7-Eval.exe

Or

c) Beginners can use DOCSIS Diagnosis utility
You can download this from: http://homepage.ntlw...ag/docsdiag.zip

Or

d) Beginners can use SNMPWALK Tool
You can download this from:

http://www.bradford-...download&gul=13

use command “snmpwalk 192.168.100.1 public”

NOTE: Use modem’s IP address as “192.168.100.1” (SB5100, SB4100 and SB3100) when it asked to provide by any of the above tools. SNMP community is “Public”

Using the above tools you will get the information of your ISP`s TFTP server IP and the name of your “Image file” stored in that TFTP server
All your vital information is stored in this file, One of which is the MaxRateDown 2621440; MaxRateUp 393216;. (This was my ISP settings. Which you can see is similar to what speed I was getting. 40KB/s up and 250 KB/s down)

Among these, the one we need are:
Configuration TFTP Server = 194.*.*..90 (replace this with yours throughout in the doc)
Configuration filename = isrr.bin (replace this with yours throughout in the doc)
And
IP fragments created = 0
IP address.10.xxx.xxx.xxx = 10.xxx.xxx.xxx
IP address.192.168.100.1 = 192.168.100.1 (the IP address of the cable modem, (replace this with yours throughout in the doc)
IP-to-If-index.10.xxx.xxx.xxx = 2

Suggestion: You can do this step by sniffing the modem i.e. “192.168.100.1” when modem boots up. I never tried this method. Try your luck.


4). Download Image file from ISP`s TFTP server.

For doing this got to your command prompt and use below commands with out quotes and bracket.


“C:\tftp -i <ISP`s TFTP server IP> GET <Image filename> <local filename>”

Okay now you got Image file from your ISP`s TFTP server.


5). Decrypt the Image file which you downloaded from ISP`s TFTP server
6). Modify the Image file
7). Encrypt the modified Image file

Use docsis tool which you can download from

http://sourceforge.net/projects/docsis

using this program you can decrypt image file change the upload speed and download speed ,save it and encrypt back. Rename this newly created file same as your original image file.


8). Change your computer’s TCP configuration same as ISP`s TFTP server (i.e. IP address same as ISP`s TFTP server)

Go to my network place and right click ->properties
Select your LAN Card right click ->property->Internet Protocol (TCP-IP) double click on it and change it to as following values
Configure your TPC’s TCP settings as below
IP: 194.*.*.90 (replace with the ISP’s TFTP server)
Netmask: 255.255.255.0
Gateway: 192.168.100.1 (replace with your cable modem’s IP address)

Note: Gateway should be 192.168.100.1 then only your modem can communicate with computer.


9). Host TFTP server in your computer
10). Put Image file in the base directory of your TFTP
11). Restart your modem

Download TFTP Server software and host TFTP server in your computer
You can download TFTP server from:
ftp://ftp.ida.net/pub/wireless/tftpd32.exe

Start TFTPD32 server. Go to Settings and set the Security to None. Increase the timeout to 20secs and the Max Retransmit to 6. Choose to translate UNIX filenames. Make sure it's base directory point to where the isrr.bin is (i.e. the image file which you modified). If you need to replicate a directory pathname along with the image file, then make a directory from root that corresponds to the image file pathname.

Restart your modem, and AS SOON as the SEND light goes solid, you should see a receive on your TFTP server i.e. your PC


12). Changer your PC's IP back as given by ISP
13). OOPS Done. Start surfing with your new speed

Now you change your TCP settings of your PC back to normal as given by ISP. (I.e. Put your original IP address and gateway)

Oops you hacked your modem. Test out by downloading some files using DAP (Download accelerator plus)

Note: This speed will remain same until you restart your cable modem. So each time you reboot your modem you have to follow the steps 8,9,10,11 and 12


Enjoy

By
CoderMan

#2 Kynroxes

Kynroxes

    Staff Sergeant

  • Members
  • 263 posts

Posted 16 September 2004 - 11:36 AM

huhu coderman, really interesting, I can't test this way, so great post one more time :)
I will go to buy a modem's 64kbps tomorrow in order to test this ...

#3 heroin

heroin

    Private First Class

  • Members
  • 44 posts

Posted 16 September 2004 - 11:52 AM

is from cable modem hacking guide, right?

i do not have a cable modem but think adsl-modems are same deal. there is a hard hurdle to beat:

3). Get name and path of the “configuration file” or Image file stored in the ISP`s TFTP server.
4). Download Image file from ISP`s TFTP server.



impossible to get a file from a tftp server where u dont know the name of coz tftp does not list directorys.

regards,

-h

#4 Erra

Erra

    Staff Sergeant

  • Members
  • 263 posts

Posted 16 September 2004 - 12:05 PM

So far as I know, its only valid with Cable modems. And, people I know that have tried it, havent had their connection with that ISP for long afterwards. The ISP wil shut you down pretty quickly

#5 coderman

coderman

    Private First Class

  • Sergeant Major
  • 36 posts

Posted 16 September 2004 - 12:27 PM

I tried it on Motorola SB5100 cable modem it works fine.But I never tried on adsl-modems.Try it out yourself. Good luck.

For getting the name and path of the Image file stored in your ISP tftp server do a SNMPWALK it is explained under steps 2 and 3. Use any of the tools listed. It will show your full modem configuration which is preset by your ISP. It will be having 100s of lines from it you can get image file name and its directory path.

This is not copied from any modem hacking guide. Today I prepared it for GSO.

Regards

Coderman

#6 heroin

heroin

    Private First Class

  • Members
  • 44 posts

Posted 16 September 2004 - 12:29 PM

im pretty sure our dsl modems here gets configured on the same way, they request the config file from a triv.ftp server, i have figured out this things when i first time read the guide in 2001. we have same modems and different tarrifs, i have changed my with a friend and my dsl dosnt runs on a higher speed.

there is the discribted tftp server up on my isp but no one i asked knows about a name for the configfile.


regards,

-h

#7 Tyrano

Tyrano

    Staff Sergeant

  • Members
  • 296 posts

Posted 16 September 2004 - 12:44 PM

This can be very risky. A lot of service providers do monitor for unauthorized speed changes, and they can charge you with theft. Just a warning. ;)

#8 BeNiNuK

BeNiNuK

    Specialist

  • Members
  • 135 posts

Posted 16 September 2004 - 12:59 PM

same method as , http://www.netwide.n...CableModems.htm some 1 posted yesterday!

#9 setthesun

setthesun

    Sergeant First Class

  • Sergeant Major
  • 574 posts

Posted 16 September 2004 - 01:08 PM

This is an old document, but the important question is some different cable modems.

I have a Askey modem, any idea ?

setthesun me = new setthesun();

#10 JDog45

JDog45

    Staff Sergeant

  • Members
  • 257 posts

Posted 16 September 2004 - 01:28 PM

This can be very risky. A lot of service providers do monitor for unauthorized speed changes, and they can charge you with theft. Just a warning. ;)

Couldn't agree more. They'll eventually notice a spike in your speed. I'd say you'll either end up with losing your ISP, getting a HUGE bill for your new speed usage or a letter saying they're pressing charges against you for theft... :ph34r:

#11 chrispen

chrispen

    Private First Class

  • Members
  • 88 posts

Posted 16 September 2004 - 01:31 PM

but isn't speed capped by the DSLAMs ? meaning by the phone company ? even if the isp wants to give some it has to notify (and pay therefore) to the phone company to get higher speeds

#12 BinaryHero

BinaryHero

    Private

  • Members
  • 10 posts

Posted 16 September 2004 - 05:16 PM

couldnt you like day by day slowly increase your speed? that way they wont notice a change very quickly?

#13 mandawar

mandawar

    Private First Class

  • Members
  • 40 posts

Posted 16 September 2004 - 07:20 PM

YEHAAAA
I have got a cablemodem, and only a small village provider, so think i will try this out. There are 30 user on 1 100MBit Server, each 1MBit, so i think i will change Speed to 70MBit *g*
Thanks Man for this tut, you really have skill ;-)
Mandawar

#14 coderman

coderman

    Private First Class

  • Sergeant Major
  • 36 posts

Posted 16 September 2004 - 09:10 PM

Edited my post

Added step no 12 which is very important ie changing your TCP IP property back to your original given by ISP.Added a Note ie when you restart your modem you will have the orginal speed given by your ISP.

I never tried it on Askey modem.please try it and post the result
CoderMan

#15 tommmmmm

tommmmmm

    Private First Class

  • Members
  • 29 posts

Posted 16 September 2004 - 09:12 PM

My modem is made by Thomson company, so it propably won't work.....
but i won't cheat you guys


I'm excited




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users