[FEATURE] ZTE F670L FV9 Support
zainarbani opened this issue · 17 comments
Description of new feature
I would like the ZTE F670L v9 router to be supported
Describe alternatives you've considered
I have tried using examples/decode.py config.bin config.xml but I get the following error
< AssertionError on "zcu.zte.read_header(infile)" >
Additional context
Im not sure how this works but similiar utility tools check for this headers
Attach config.bin for your device
I can send it if needed, also got telnet access.
Using 'Felis-Sapiens' script get the following error:
python test.py config.bin conf.xml
first version header magic: 0x99999999, 0x44444444, 0x55555555, 0xAAAAAAAA
second version header offset: 0x14
third version header offset: 0x40000000
ERROR: failed to read the third version header
Traceback (most recent call last):
File "C:\Users\zain\Downloads\Compressed\test.py", line 195, in
main()
File "C:\Users\zain\Downloads\Compressed\test.py", line 192, in main
read_config(args.infile, args.outfile, args.key)
File "C:\Users\zain\Downloads\Compressed\test.py", line 101, in read_config
ver_header_3 = struct.unpack('>2H5I', ver_header_3)
struct.error: unpack requires a buffer of 24 bytes
Another way using telnet access:
https://github.com/zainarbani/ztelnet
Tested on ZTE F670L FV9
Another way using telnet access:
https://github.com/zainarbani/ztelnetTested on ZTE F670L FV9
Hi, what is the exact procedure you followed with this tool. I have a ZTE F660 v9 router, but this tool is not working for that.
Another way using telnet access:
https://github.com/zainarbani/ztelnet
Tested on ZTE F670L FV9Hi, what is the exact procedure you followed with this tool. I have a ZTE F660 v9 router, but this tool is not working for that.
You got telnet access?
Another way using telnet access:
https://github.com/zainarbani/ztelnet
Tested on ZTE F670L FV9Hi, what is the exact procedure you followed with this tool. I have a ZTE F660 v9 router, but this tool is not working for that.
You got telnet access?
I mean the tool you have mentioned above (ztelnet). It's failing 😐. So no telnet access. I asked for the procedure you followed with that tool.
Another way using telnet access:
https://github.com/zainarbani/ztelnet
Tested on ZTE F670L FV9Hi, what is the exact procedure you followed with this tool. I have a ZTE F660 v9 router, but this tool is not working for that.
You got telnet access?
I mean the tool you have mentioned above (ztelnet). It's failing 😐. So no telnet access. I asked for the procedure you followed with that tool.
Not sure, failing like what?
send log
to enable telnet you can use this python project
https://github.com/douniwan5788/zte_modem_tools
Just so you know and for future reference, is possible to encrypt/decrypt the config.bin for F670L router.
As commented by @zhanshi123 in #66
Your key will be the ONT serial number (ZTEGXXXXXXXX - get only last 8 hex characters in uppercase) + MAC address of your ONT (from right to left).
But rather than using the scripts from this repo —at least until payload type 6 gets supported— using the scripts from @ludufre's fork.
to add to @macydnah and @zhanshi123 The key is Last 6 hex characters in uppercase + MAC Address From Right To Left in lowercase
Example:
Serial No: XXXXXX-ZTEGCF28772B => CF4EF6F7
Mac Address: 08:F6:06:D4:38:F4 => f438d406f608
Key: CF4EF6F7f438d406f608
It take me hours to notice that the the mac address supposed to be lowercase, just in case people have the same problem with me
Author
version:3.1
CheckLoginAuth.gch WebRecv Fail!
SendSq.gch WebRecv Fail!
Enter 192.168.1.1 Telnet FactoryMode Fail!
to add to @macydnah and @zhanshi123 The key is Last 6 hex characters in uppercase + MAC Address From Right To Left in lowercase
Example: Serial No: XXXXXX-ZTEGCF28772B => CF4EF6F7 Mac Address: 08:F6:06:D4:38:F4 => f438d406f608 Key: CF4EF6F7f438d406f608
It take me hours to notice that the the mac address supposed to be lowercase, just in case people have the same problem with me
Serial No: XXXXXX-ZTEGCF28772B => CF4EF6F7
Bro how did you convert CF28772B => CF4EF6F7 I just cant understand that....
to add to @macydnah and @zhanshi123 The key is Last 6 hex characters in uppercase + MAC Address From Right To Left in lowercase
Example: Serial No: XXXXXX-ZTEGCF28772B => CF4EF6F7 Mac Address: 08:F6:06:D4:38:F4 => f438d406f608 Key: CF4EF6F7f438d406f608
It take me hours to notice that the the mac address supposed to be lowercase, just in case people have the same problem with meSerial No: XXXXXX-ZTEGCF28772B => CF4EF6F7
Bro how did you convert CF28772B => CF4EF6F7 I just cant understand that....
Try this:
https://gist.github.com/zainarbani/723d1387bec9e1559de7a1029d08aa91
python decrypt.py config.bin config.xml --sn ZTEXXXXXXXX --mac xx:xx:xx:xx:xx:xx
Just put your actual MAC/SN,
This is the same code, just standalone decryptor.
to add to @macydnah and @zhanshi123 The key is Last 6 hex characters in uppercase + MAC Address From Right To Left in lowercase
Example: Serial No: XXXXXX-ZTEGCF28772B => CF4EF6F7 Mac Address: 08:F6:06:D4:38:F4 => f438d406f608 Key: CF4EF6F7f438d406f608
It take me hours to notice that the the mac address supposed to be lowercase, just in case people have the same problem with meSerial No: XXXXXX-ZTEGCF28772B => CF4EF6F7
Bro how did you convert CF28772B => CF4EF6F7 I just cant understand that....Try this: https://gist.github.com/zainarbani/723d1387bec9e1559de7a1029d08aa91
python decrypt.py config.bin config.xml --sn ZTEXXXXXXXX --mac xx:xx:xx:xx:xx:xx
Just put your actual MAC/SN, This is the same code, just standalone decryptor.
Thanks bro, It's working for me. Can you provide a tool to reencode?