Main Menu

Home
News
FAQs
Forum
Search
Sitemap
Tutorials
Downloads
Contact Us
Online Store
Links

Login

Welcome Guest.
Lost Password?
No account yet? Register

Your Cart

Show Cart
Your Cart is currently empty.
SB5101 Modification PDF Print E-mail
Written by FERCSA   
Wednesday, 28 November 2007

THIS TUTORIAL IS INTENDED FOR THEORETICAL USE ONLY, USE ON PRODUCTION SYSTEMS MAY VIOLATE YOUR ISP's TERMS OF SERVICE. THEORYSHARE TAKES NO RESPONSIBILITY FOR YOUR ACTIONS. THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. THIS SOFTWARE IS INTENDED FOR EDUCATIONAL USE ONLY AND MAY BE ILLEGAL IF USED IMPROPORLY. USERS ASSUME FULL RESPONSIBILITY FOR THEIR ACTIONS.

 

This tutorial covers the SB5101 / Ambit 250 hack developed by FERCSA. This tutorial has not been tested by Theoryshare, use at your own risk.

Motorola SB5101 firmware upgrade Tutorial V2


What you need:

SB5101 Kit from the Downloads Section
BlackCat programmer
SchwarzeKatze


1. Flashing the full flash
Firslty, uncheck the Verify written data in the options,
then choose the Flash tab and click on the "Write All" , finally browse to the 250hack_dump_telnet.bin.
5101pic1.jpg
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

2.Upgrade the firmware
Ok, the next step you need to flash the sb5101.mod.10.2.by.fercsa.bin into the modem.
Click on the Flash tab then click on the "Write" button and browse to my firmware.

Start address is 0x10000
 sb5101pic2.jpg
 

 

 

 


sb5101pic3.jpg
3.Access to the web interface and the telnet
Web interface login: Infinite password: SetValue

 sb5101pic4.jpg

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Telnet login: admin  password: infinite
sb5101pic5.jpg
 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Thats it! :-)

4.Some useful telnet command

Stop frequency scanning:
cd /cm_hal
scan_stop

Set custom config:
cd /non-vol/docsis
enable force_cfgfile true
dhcp_settings
[just press enter]
[just press enter]
[just press enter]
yes
10.10.10.10 (this your tftp server address - local tftp server NOT allowed, this is a bug..)
config.cfg (config name)
[just press enter]
[just press enter]
write

Change MAC address to 00:11:22:33:44:55
cd /
write_memory 2155776876 0x00
write_memory 2155776877 0x11
write_memory 2155776878 0x22
write_memory 2155776879 0x33
write_memory 2155776880 0x44
write_memory 2155776881 0x55
cd /non-vol
write

5. Flashing problem with ST chip (Download Patch from the downloads section) You need to replace the flashpi.dll in C:\Program Files\TCNiSO\Blackcat\plugins (this is the default dir)

sb5101pic6.jpg#FERCSA
Cablemodemhack.tk

Last Updated ( Tuesday, 27 May 2008 )
 
< Prev   Next >
[ Back ]
Back to the top
Joomla Templates by Joomlashack
Joomla Template Design