Hacking a Billion 800VGT router and other stuffs

Garson007

Honorary Master
Joined
Jan 26, 2007
Messages
11,838
I'm wondering if someone has hacked a Billion 800VGT router. All I really need to do is force a setting it doesn't want to allow - so I just need to edit a config file, without error checks, if such a thing exists.

Let's start at the beginning. I've recently received a newer modem from Telkom - that Netgear one nobody seems to like (DGN2200m). I live in a pretty big house and the wifi doesn't cover all rooms, most annoyingly it doesn't cover the TV room. Now I figured I could maybe use my old router as a repeater through something like DD-WRT, but no Billion routers are even mentioned (if anyone here has managed to flash this software, or any other firmware that will help me here, with the Billion it would be greatly appreciated.)

That's when I noticed that such a technology exists on both routers anyway, through WDS. There I was trying to configure WDS on both routers until I hit a stumbling block. The WIFI MAC address on the Netgear does not start with 00 and the Billion refuses to accept any MAC address that doesn't start with 00. So here I am asking for help. I'd even be okay if I can somehow force a different MAC address on the Netgear. Please help me. To get so close and to be prevented by a simple javascript if statement feels so... I'll be glad if someone just tells me how I can change the javascript file and save it back on the router.
 

Peon

Expert Member
Joined
Sep 28, 2006
Messages
3,668
Excellent post. As i recall one needs to hack the firmware. Most routers run busybox, dont know if the billion is running busy box. have you tried enabling ssh on the router attempting acess using WinSCP? Then you can edit files, however its most likely only read only. Somehow i understand you need to mount the filesystem in rw mode.

Concerning WDS, i understand it doesnt work so well if your devices are running different chipsets. Even if you get the wds to work it might not work so well if they not same chipsets.

i would love to learn how to work and edit the firmware on routers
 

RoganDawes

Expert Member
Joined
Apr 18, 2007
Messages
1,262
If it is purely a javascript check that is preventing you from entering your MAC address, use an intercepting proxy like WebScarab, Burp Proxy, ZAP, etc, to edit the request as you submit it to the server, and insert the correct MAC address.

That is, you access your router through the intercepting proxy, which allows you to trap requests and responses between your browser and router, and modify them as desired. Navigate to the page where you need to submit the MAC address, and fill in a totally bogus one that still meets the critera.

Then, trap the request before it reaches the server, replace the bogus one with your real MAC address, and see if the server accepts it or not.

If it does, you should be golden, if it doesn't, you have more work to do :)

Good luck!
 

RoganDawes

Expert Member
Joined
Apr 18, 2007
Messages
1,262
Excellent post. As i recall one needs to hack the firmware. Most routers run busybox, dont know if the billion is running busy box. have you tried enabling ssh on the router attempting acess using WinSCP? Then you can edit files, however its most likely only read only. Somehow i understand you need to mount the filesystem in rw mode.

Concerning WDS, i understand it doesnt work so well if your devices are running different chipsets. Even if you get the wds to work it might not work so well if they not same chipsets.

i would love to learn how to work and edit the firmware on routers

Most consumer level routers these days are running Linux under the hood, and can often be coerced into running OpenWRT with a little effort. Billion, on the other hand, is running VXWorks, if I recall correctly, and there are no drivers for Linux to be found.

If you want to learn about hacking router firmware, take a look at this link for some ideas:

http://hackaday.com/2011/05/30/reverse-engineering-embedded-device-firmware/
 

Pada

Executive Member
Joined
Feb 18, 2009
Messages
8,189
WDS isn't a set standard, so the different manufacturers/firmware has different implementations of it. So if you're considering connecting 2 routers with WDS, then I'd suggest that you use the same brand (and possibly even the same model and firmware) routers.
 

Hansolo

Senior Member
Joined
Aug 7, 2006
Messages
650
I hack routers all the time, I don't know if this will help? But you can save as a webpage and manually edit settings from there, amongst other things.
 
Top