Nice Video! Its a bit ironic, that we in Germany has a "Free Router Choice" per law. So the ISP has to allow to use our own router. Best law in Germany for an Networkadmin! :)
Yeah, and they try to weasel around it every chance they get - sometimes you have to call multiple times until you find a service agent who knows that this is the law. Fun times! Would all be fine if they didn't tie the ONT's serial to your WAN uplink.
@@pe1pqx321 Well, not quite - in German it's Endgerätefreiheit, so "free end-device choice". If you tell an ISP you want to use your own router, they'll say sure, you can add a router to the ONT we're trying to force you to use. Don't give them this opportunity.
If its customer provided equipment you own... feel free to hack it! Watch out hacking against equipment that belongs to a telco though. It can be a felony or crime to even attempt hacking on communication provider routers
@@morsikpl I'm pretty sure you'll find Draconian laws in the EU regarding Telco equipment which is operated directly by the provider... Onsite CPE is probably excluded
@@xephael3485 I would call it pretty bad when I'm answering with helpful comment... :/ And just because there might be IP address or long text doesn't mean it's bad... Damn what a c!rap...
Here in the US, I somehow convinced my local ISP to give me a sfp+ module. They are a small provider that only serves one city. Nevertheless I was getting close to doing this with the crappy ont units driving me crazy. They are the one isp I can say nice things about because they pick up the phone and don’t immediately blame me when something is wrong. Here’s to having more local ISPs and not huge companies running the internet.
@@manitoba-op4jxCGNAT isn't very common in the USA. There's a lot of reserved IPv4 addresses, and some ISPs (especially for mobile internet) made the good decision to go IPv6-only, using 464XLAT for connectivity to legacy IPv4-only servers. Way better than CGNAT.
It actually is, in fact, illegal! Specifically if you're renting it. This is only legal if you provided the device, which means the title is incorrect. ISP routers are typically only rented/loaned, so hacking those would be strictly a felony or crime
@@SadKris lol. I know. But if you were to buy your own equipment and all you were doing was spoofing a serial number in the powershell, it wouldn't be defacing the rented product. But probably still illegal in terms of violating some fine print somewhere. Lol
@@SadKris although, don't mess with cable modems because theyre also protected under radio frequency laws, and those get handled way harder than just lying to your ISP. We're talking federal charges.
@@sandordugalin8951 ye i wasn't trying to like correct you on anything or smth, i just thought the wording of your comment was funny given context lmao
As a former ISP technician for 5+ years I must say, good job. In my country if you know "how to ask" (at least mainly correct terminology which shows them that you are not a complete tool and actually know what you want) ISP will let you (providing needed parameters) and in some cases if needed even help you set up your own device.
The latter kind of comments you mentioned at the start of the video... it's always great to disprove them with a video proving them that you're right and they were wrong. Vindication, hell yeah.
Great video. Unfortunately there's no SFP in the ISP Routers in Portugal. For some years now not even ONTs. Its fiber directly to the router and you get only copper twisted pair out.
We have that in Poland, and that's not a problem. You can buy media converter directly from GPON fiber (without SFP cage - built-in like in ISP routers) to RJ45 ;)
@@SEOng-gs7ljsad I can't put any photo here :( First you must understand that In our new buildings in Poland it's required by law to have fibre and copper (RJ45) connection from building patchpanels to the apartments. This is for big multi-apartments multi-store buildings I mean. Then ISP gets into that building (or your home, since this moment it's very similar) puts their routers/patchpanels/whatever in basement of building and in case of multi-aparment building, patches fiber from their patchpanel to building patchpanel that has one end of your fiber. The other end is in your apartment near entrance door. There are always 2x RJ45 and 2x fiber. Now, ISP gives you their router with fiber connection and fiber cable and just connects it to the wall. Remember that their router is *also* ONT. Just not separate one, but integrated into the router. So the only thing you have to change is just replace their router with your ONT+your router and that's all ;) In terms of hardware I bought ONT LXT-010H-D by polish - ironically ISP - LeoLabs. It's 2,5G so I can have my 2G down/600Mbit up fully accessible. And I just set serial number on ONT to the one written in ISP's router label - so that was easy. In terms of password: now it really depends on your ISP. In my case, they don't provide passwords for fiber installs (I have Orange Poland). But guy on Chat gave me unofficial hint "we will give you password if you have problems with internet for example connection to our router is not working" so... I just disconnected it from the power so it "was not working", guy send me SMS with my PPPoE password (login was already available on their web portal) so I could just enter credentials into PPPoE connection on my DIY Debian-based router. I hope this comment won't be blocked because previous was... :/
Usually, you either get an SC-APC or SC-UPC terminated cable. So all you have to do is get one of those transcievers (I recommend fs.com), then put it in a media converter, and connect the other side to the router. Of course, then you have to figure out how your ISP-provided router authenticates to the ISP. Could be with serial (like mine), with MAC, or with a LOID password.
My isp forces me to use their ONT but it's configured like a bridge to Ethernet in my house. The good thing is that it works well and doesn't interfere but I keep asking about higher speeds or adding a second line. Their own ONT even has a second port they could just provision since it's not being used for IPTV or anything. But the customer support is overseas and aren't very helpful. There was one guy named Cederich on the online support, very cool guy because I ran into him twice in one week 😂. the good news is another company has installed their own lines in our neighborhood recently and are just waiting on the city to approve the rest of the permits. Hopefully soon there'll be more competition here in my neighborhood.
The AVN Fritzbox is actually a great device. The only downsides AFAIK, it is proprietary and you don't control it. @2:00 That depends on what you want to hack and how experienced you are. @2:38 It is not just a router. It is an "internet box". Everything you might need is stuffed in a box. There is a switch, a DSL modem, a WLAN module, etc. @12:19 The "minus" is a flag, not an operator, my dude. 😉
Meanwhile my provider literally sent me a step by step description on how to set the correct VLAN and other settings for pfSense/OPNsense to configure it...
Great video for all networking enthusiasts. I myself am very satisfied with my Fritzbox for home usage (it is a very current model). Nevertheless, I was able to learn something because I now know that the Fritzbox is able to capture network traffic 🙌 I just love content like this
I'm all for using your own equipment, but this is the GPON equivalent of finding your PPPoE/SIP credentials and VPI/VCI. At least on the Fritzbox you can disable TR.069 manually. Unfortunately your ISP chose to use the router instead of the ONU to authenticate you on their network otherwise you probably wouldn't have noticed. Although I don't think they went above and beyond, they're probably very lazy and scan the big barcode on the box they send you. Cool addition to be able to run it in a switch, most SFP programming I've seen was directly connected to a CPU, definitely not DHCP. Nice to see you succeeded, hacking can be very frustrating ;)
I would agree it's a lazy way to do it, but on the other hand, it makes replacing the SFP module simple. And everything the customer might ever need to see is right there on the label of the router.
great video might use this as a basis for mine, but more congratz for having what could be called sponsor even if its just for one video :), i wish i will get to that level one day but i have a long way to go with my crappy 360 subs. also fun fact hacking has multiple meaning and one of them mostly used in IT is someone who achieves their goals in non standard way. there is also the phrase Hack something together which means to finding quick workaround or solution that isnt standard.
I have just bought the ONT LXT-010H-D ONT from Poland, it shipped really fast here in Greece. I read the content of my ISP's ONT and with telnet (Putty client) pasted the serials etc from my ISP's ONT to the Leox ONT and this is how I use my own mini-pc with intel N100 cpu and 4x2.5gbps ports and pfsense as a router
@@tomazzaman You are welcome. Ask them in the support since they do not list prices but I can tell you how much was mine. I got the one one that gives 2.5gbps ethernet port so I can get a little bit extra speed from TCP/IP overhead. They have one that is 1gbps ethernet. Not sure the price difference, I went only for the 2.5gbps. The fiber as medium runs at 2500mbps downstream and 1250 upstream, at least here in Greece. Soon in my area we are going to get an ISP which will provide 10gbps symmetric, basically they will put it up to the customer how fast he wants to go depending on the gear the customer has. So I might change my ONT to a 10gbps. Please correct me where I am wrong. Leox I think is an ISP in Poland and they are making their own equipment which to their credit is "hackable" without too much trickery. So kudos to them! Price was: 56.58 EUR. Including shipping and all. They also included a nice mousepad and a pen!
@@tomazzaman also they are selling an SFP+ module that is "hackable" like the ONT. So in the router you will be making and most likely I will be buying, if you add an SFP+ 10gbps port, we might be able to just use 1 module from them directly without the need of a switch or even ONT!
The main idea why it is useful: you can have access to ont vlan’s directly in your equipment, usually it reduces devices and wires in complex setups. Same thing is much more complicated with huawei replacements, which is highly popular in some Eastern Europe regions.
On previous video what found most interesting was commentators says an EU directive (in place or in making) for ISP to have an open network option, that is, you use your own ont router of FW and ISP provide basic/generic instructions how to setup. However can’t find anything online.
My fiber ISP uses AON instead of GPON, I don't know if that makes it different but at the moment I can just use my own SFP module with a transparent "dumb" media converter and just plug that into my router of choice. Nice for now. Rumors were flying they stop this, but has been fine for years. In the beginning you needed to use MAC cloning, but if you request bridge mode, you can remove the isp modem as well for some reason. Now they have the fritz 5530 and no longer offer bridge mode, but it still works with your own equipment out of the box. The ISP modem does have a serial number but for now it seems to be irrelevant. I feel lucky because here in Austria we dont have "router freedom law" like they do in Germany.
The "problem" with GPON, if one wants to call it that way, is that the technology makes use of passive optical splitters, which are one of the reasons for the p = passive in GPON. That means that the ISP splits the same data stream to multiple customers which then need to filter out the relevant data without gaining access to all the date destined to other customers. AON on the other hand usually consists of one (or more) dedicated fibre runs from your home to the ISPs point of presence in which the fibre is terminated. Building the network this way the ISPs active equipment can directly send the relevant date to the corresponding customer. This is why you as the customer do not need to "authenticate" yourself via a serial number or MAC address to the ISP.
I have read too many comments about how it is illegal because technically we are renting the equipment. If they do not offer an option to OWN, the equipment, then it is wrongly forced upon us to be rented. At least that is how I justify the fact these should be hacked and bypassed. I am having issues getting past my Calix for my provider, but I offered to spend a couple hundred bucks to buy a replacement one that doesn't have a back door from the ISP, if they would just allow it on their network. They tell me that is absolutely not possible. Which is a lie, it is possible, they just don't want to do it. I get that I am living in an apartment and when I leave it would be super inconvenient to have to send a technician out to swap it back out... But I am willing to pay the price for both those services.
Thank you, Tomaz. Nice and quick, no fluff. Instant subscribe. I have a Fritz in the UK, but they're expensive, I don't want to brick it. It's frustrating that they nuked ssh/telnet, I'd have been happy with that.
My god, yes you're right that this is technically "hacking", but you were given a pretty nice deal of cards from your ISP: - Your ISP's modem ship with a firmware containing an actual packet capture tool (yes it's not linked anywhere but it is available on the modem at least, which is not the case for most of them) - The SFP module is actually exposed on the same network, and not communicating in a separate network not exposed by the modem to the outside (which I believe is what most other ISPs do) - Your SFP module is easily physically accessible on the modem, instead of not being hidden inside the modem and accessible in a non-destructive way Sadly, this is not as "easily" doable on other ISP's modems :(
I am glad that I have the opportunity to use my router for my Internet connection. This Fritzbox thing reminds me my last vacation in Germany, there I rented an apartment with a Fritzbox modem / router. I was only allow to use port 80 and 443 for outgoing traffic. So I could only get my VPN to my home server working by using port 443, which was a bit annoying.
You don't need to hack their router. Just drop your own router downstream of it that you have full control over. Now you have an edge router that is yours, you own, and only you can control. Pretty simple really. Add your own WAPs, and turn off the wifi on your cable provided router. Setup your own LAN, and route your network traffic through your edge router. Any and every business who has decent IT, does this no matter what their ISP/IP/Handoff consists of.
13:42 it's not just about FUN.. Simply putting router to bridge mode may not be an option for many, my ISP disabled bridge mode and only allow it if I buy a Static IP, so this 'hack' is pretty useful!
Finally I know how did you do that. You mentioned in previous video that on German forum, that I also followed, there is a firmware for Fritzbox that allows packet capture that by default is not available. But even with a Wireshark you can just connect any router via RJ-45 (of course you have to connect only a router that is not connected to any other device) choose the ethernet interface to capture the data sent and received between the computer and a router or modem and look for a payload. I am just wondering is is doable with Huawei HG8245X6-10 that in fact can alos work in bridge mode and then on your router eg. Mikrotik you have to configure PPPoE as I did currently. I just would like to replace this Huawei with a TP-Link converter that exists on the market a really long. The only one thing you need to know it this case - do you have a multimode or single-mode optical fiber and buy a proper gbic SFP module.
My ISP in the USA provides 10Gbps fiber using XGS-PON. They provide an ONT, but customers are allowed to use their own router (using a TP-Link Omada ER8411 with mine). Works much better than some other ISPs that provide a combined ONT and router with some proprietary authentication scheme, that they force you to use.
Fun Fact--most ISP provided routers never change the default password. Usually the password default has a "random" generator that changes the password a fixed intervals but if you know the original, which they don't change, you can usually lookup online what the current password is based on the default seed.
13:43 actually, and ironically, as far as I know FritzBoxes do not have a real bridge mode setting. The closest you can get to it is to connect the router you wanna use as the sole network device on the FritzBox (and on one subnet, the FitzBox subnet), set it as an "Exposed Host" in the port forwarding settings (and you probably want to disable the FritzBox DHCP server as well as other services you no longer need), and then connect the rest of your network devices to the router you chose to use (and set it up as a different subnet than the FritzBox). But in my experience this sometimes causes some weird routing issues, although rarely enough not to be a real problem. Most importantly it probably affects network performance a little bit.
Thanks for a great presentation! Even when you butchered the English words you came out on top of it. People forget how hard it is for bon English people to speak English. Well done sir 🎉
Is this GPON or XGS-PON? With the more modern Fritzboxes (5530/5590) the SFP+ is “dumb”. The SOC in the router does all the processing. So only AVM SFP+ modules work and you can’t use their SFP+ in your own router. I am amazed that with your FB it worked.
Man, having to do this sort of stuff just to get rid of an old, shitty router makes me so glad my ISP just lets me use my own Mikrotik router, and so all I have in my home network is a simple media converter / modem going from optical to copper. The rest is up to me.
1. Get a laptop with an rj45, I hate it when customers call and doesnt have a proper laptop with rj45 port or an converter. 2. ISPs doesnt mind if people doing this stuff. Just have the ability to have the stock router setup when calling in if you lost connection for trouble shooting purposes.
I got the same FS module you mentioned in the past video and tried to use it with my FRITZ!Box 5590 but the device keeps telling me that "No SFP module found" and gets really hot after triyng to configure it, I tried with a different ZTE module I got from AliExpress and at least it shows as "Unknown SFP module" Is this a problem with the SFP module itself? Does the 5590 support the FS module? I am missing something? Please I'll appreciate any help, I am struggling with this since past year
Nice job. My Jurassic Fibre Nokia PON has the web config locked down so I can't even access it. Bridge mode was my only choice to secure my network. Mesh FritzBox setup from the prior DSL connection slotted straight in.
I hate the idea of "just putting your old router in bridge mode", because I hate the idea of locked-down hardware, and anyone at the ISP having access to it.
Great video! Technically it's not a modem, because it doesn't modulate/demodulates analog signals, there is only digital signals. Also, a PON stick being utilized in such a manner, directly locked down to customer premises equipment (CPE), is not a common practice observed in ISP setups here in the Nordic. ONT's instead of pon sticks so the customer can bring their own hardware if would like. also there is L3 switches I get that these are oversimplification of the technology and that most of the people that will probably watch this video doesn't care :) -jr network engineer c:
Yep, These videos would have 0.5% of the views if I go hardcore :) I honestly have no idea why my ISP gives out PON sticks without the serial stored on the device, and a couple of pages of documentation.
Hi Tomaž, did you sell the Fritzbox 5491 or is it collecting dust because you have to give it back to your ISP once the contract is terminated? Did your every tried if your own SFP module works in the Fritzbox 5491? It's not supported by AVM, so of course I'm curious if it would work anyways.
Your all wrong. The term hacker or computer hack orgninated at MIT in the 60's. A hacker was someone who did cool and unintended things with a compute, peripheral, or with code. Hacking was the act its sef. It it was paying a complemment to say "hey nice hack" and had ABSOLUTELY nothing with how "hacking" is viewed today. In my opinion "hack" is one of the most bastardized words on the internet today.
I don't use my ISP router, I'm using my own opnsense box.
7 місяців тому+1
Glad it's optional for using the ISP router in my country. 😂 I just buy what I want, configure and done. Only drawback we do have are the tv setup boxes that are ISP locked (on MAC address). But no big deal because I only use the internet and streaming services.
Soo hacking an ISP router to bypass it is quite simple and the basic premise is that ISP security consists of 2 parts, WAN MAC address validation and then a key exchange for creating the connection or tunnel to the ISP. First part is creating a tap on the WAN side and capturing packets and with fiber this is ultra easy. Next is finding the, intercepting or extracting the key used to encrypt outbound data. Then you intercept the outbound key exchange request. Then you capture the entire exchange and then implement the key exchange on a router where you either use their transceiver or you spoof the WAN MAC on the WAN connection side. There is a 3rd part that may be implemented which would be VLAN, there may be VLAN used for reaching the ISP but this can also be easily emulated.
My ISP in Switzerland: we don’t give you a router but we suggest a fritzbox fiber. But if you need help with pfsense, feel free to contact our nerd employees by phone or mail. This should be standard procedure
I have a Calix Systems ONT from my ISP, I imagine I might have to go on a similar path. You rightly presumed in another comment it has the green connector, is that important?
I need to learn how to do this because my ISP has the public share opened, and it can't be disabled, which is a security risk. Also when people use the ISP Hotspot I'm the one who loses speed, even after paying a premium to get those speeds.
would this also be applicable to Innbox routers? afaik, they have built-in sfp module so i don't know if replaying the payload is even necessary here. just cloning the mac address of the innbox modem should be fine?
Telekom doesn't use MAC address to authenticate with the OLT - they use the serial. So you could get yourself one of the FS.com PON sticks I link to in the description (and a media converter, if you don't have a SFP-compatible switch), and copy over the serial from Innbox router.
i wonder how important or confidential is serial number? its for me just number identify the device with no user data or identification associated with it
Recently my ISP switched my router. The new one: - Has 2 ports (excuse me, what year do we live in?) - Has about 5m usable Wi-Fi range. - Shuts off the internet access regularly for a few seconds because the public IP expires (like what?) I'm lucky enough to have a separate gigabit switch and an AP in my office. Oh and while we're at it. They shut off my internet for an entire bloody day before switching out my old router, because we got assigned an IPv6 address (god why) at 2am and the old one was v4-only. Arghhhh...
@@tomazzaman The other one is even worse. Sadly. I just looked around the "IPMI" - if you coulc call it like that - of my ISP's router, and they don't even let me set up a bridge and change the DNS addresses... WTF?!
Been really enjoying both videos! I only got coax gigabit internet, so the upload sucks with only 50mbit and i cant really use any other router than a fritzbox or a ISP provided box, since there are no real alternatives in the EU/Germany other than the technicolor tc4400 which is really overpriced as a modem :(
close your eyes and remember that [noise/symphony] when your computer was trying to connect using the phone line. then remember how long images of pretty ladies took to load. THEN remember the $300 bill for a xxx phone call that you never made. p.s. the phone company dropped the charge. my mom never believed that i didn't make that call and 30 years later i still wonder about those 1-900 numbers. it's part cringe, feeling sorry for the person on the other side BC making me speak is very difficult, and holding back the urge to critique her performance. say this. not that. I CAN'T believe you said _____ it almost made me gag. lol sorry had to much fun typing this.
Had quite a frustrating experience recently when i tried to update a Fritzbox. Turns out only the ISP could do that and they were several versions late already. and also they could do this at any given time so... Meh. Upgraded my connection to a better one shortly after that, got a new Fritzbox so that was no longer an issue, at least momentarily.
"...just put the ISP router in the bridge mode...". (The ISP device is in that case only being used for its ONT.) Well, that is not always possible. In my case, I have a fancy communications cabinet which the architect built into my wall where all the in- and out- going cabling is placed. That cabinet is unfortunately very small and the ISP device is bulky - I cannot manage to fit that device, my router and the corresponding power bricks in the tiny space available. So, if instead I use my own ONT (a pretty small box) and my own router than I'm fine. Of course, that approach requires specific knowledge and (in some cases) some "hacking". And if in addition you want to retain the IPTV and the telephone service (I don't), the project becomes a bit more complex. A silly reason to get rid of the ISP device altogether, I know, so I thought I would share it with you. And BTW my greatest compliments and admiration to you Tomaž for your excellent presentation of an excellent work! Iskrene čestitke! 😉
Hey I have an internet issue basically my games don’t feel right when I’m online but when I disconect to offline they feel fine and I’m not talking about lag or anything like that because I get my speed I pay for it’s like a weird Desync sort of delay that makes my inputs not feel snappy 😢 so I cannot play competitively online it completely ruins the experience if anyone can help im any way please your input would mean a lot
Hacking is more about the spirit of tinkering and protecting your right to own. You dont have to break into systems or protections to hack. Anyway, whatever you feel like doing.
i think if you land a job at a ISP it's no longer hacking it's "gaining experience[by tinkering] to insure you're able to be prepared no matter the task. sir i doing it for the company!
Step #1...Buy your own...would never use an ISP that requires you to use their equipment. I have cable...I use my own cable modem and I use my own router/networking equipment.
My ISP router doesn't even have a bridge mode, and recently they "locked" all access to the interface (its all remote with their own tools), F that! I'll try this someday~
This is I guess for Telekom Slovenia TS? Eliminating Modems on A1, is quite easy also. However I don't think you can eliminate OLT unit on GPON Fiber also, ... ?
in my country isp using pppoe to authenticate so i don't have to do that but how i can out isp router in bridge mode when isp hidden the choice in menu
I received updated fritz 7530ax modem/router for fibre which I put in bridge mode network /mesh with old fritz 7530 downstairs router mode enough fun for me! Interesting. Not a hack though.
What annoys me with ISPs is that they tie the WAN access to the serial number of the ONT. On my setup, the PPPoE connection is handled by the router, but I still need an ONT sending its serial number along, which is just unnecessary. A media converter would do the same thing. Is it possible to spoof the ONT's serial to the OLT on the ISP's side so people running their own routers can skip the fibre modem entirely? It would save people a couple of bucks (the cheapest ONT costs about twice what you pay for a media converter) and streamline their setups (I need to keep my ONT up to date - a media converter not so much). And before anyone asks - I checked, this would be perfectly legal, at least in Germany. They can't force anyone to use specific equipment according to § 73 TKG (3). They also don't have to support you to set up your own, though. You may use whatever device you seem fit, as long as you don't disturb the public network.
I pestered my ISP so much they caved and gave me the username and password, said they would do no more support if I fucked up, but I haven't yet. I was sick and tired of contacting them to set up port forwarding and shit like that, which I did a lot due to messing with servers.
Glad my ISP just uses plain fiber ethernet, and with no 802.1x or weird vlans. Just stuff in any compatible $10 SFP module and it just works - unlike this GPON based stuff which requires at least a bit of hackery, ISP assisted provisioning (which they will usually refuse to do) or both.
Hi... Why is this sort of brilliant videos should be thought of as hacking??? My "wild" 😜 interpretation of that Oxford definition indeed makes me think that the ones who do hacking in the first place are the ISP themselves. When they use and abuse the information they carry to their own extra profit, and I for one, would like to know, inquisitive as I am, what determined use cases are our data are subject to. Does anyone know the full extent of those explorations? I don't think so. I do know that those who hold and explore the information, should be accountable for that activity. Besides, the video is extraordinary!!! One great UA-camr!!! Thank you!!!
Please don't ever cut out the parts where you make mistakes in speaking. The video sounds more casual and natural. Love your videos, keep them coming!
Agreed. Very human conversation. At least it feels like a conversation between the two devices,😅
Nice Video! Its a bit ironic, that we in Germany has a "Free Router Choice" per law. So the ISP has to allow to use our own router. Best law in Germany for an Networkadmin! :)
Even if there was no Law, I always prefer a router without backdoors like those provided by ISPs, and nobody can do nothing
Yeah, and they try to weasel around it every chance they get - sometimes you have to call multiple times until you find a service agent who knows that this is the law. Fun times! Would all be fine if they didn't tie the ONT's serial to your WAN uplink.
Same in NLD, and as far as I know it could be even a EU law. "Free Router Choice".
@@pe1pqx321 Well, not quite - in German it's Endgerätefreiheit, so "free end-device choice". If you tell an ISP you want to use your own router, they'll say sure, you can add a router to the ONT we're trying to force you to use. Don't give them this opportunity.
@@pe1pqx321 Man the EU is nice (all in all)
Amazing work! @8:39 you mask your serial, but the hex is still in the left - unmasked to 383A - and later on the full packet you replay with ncat.
Ha! I was wondering whether someone will notice :D
You sir, have a keen eye! 🙌
If its customer provided equipment you own... feel free to hack it! Watch out hacking against equipment that belongs to a telco though. It can be a felony or crime to even attempt hacking on communication provider routers
Law depends on country. In UE it's legal to hack/crack something to make it interoperable. I think this should fall into that law.
@@morsikpl I'm pretty sure you'll find Draconian laws in the EU regarding Telco equipment which is operated directly by the provider... Onsite CPE is probably excluded
Wtf... Again my comment is hidden/removed? Stupid UA-cam...
@@morsikpl UA-cam has a pretty good censorship AI... Will even detect using @ instead of a and things like that 🙁
@@xephael3485 I would call it pretty bad when I'm answering with helpful comment... :/
And just because there might be IP address or long text doesn't mean it's bad... Damn what a c!rap...
Here in the US, I somehow convinced my local ISP to give me a sfp+ module. They are a small provider that only serves one city. Nevertheless I was getting close to doing this with the crappy ont units driving me crazy. They are the one isp I can say nice things about because they pick up the phone and don’t immediately blame me when something is wrong. Here’s to having more local ISPs and not huge companies running the internet.
ISPs in North America: "Wait, that's illegal!"
@@manitoba-op4jxCGNAT isn't very common in the USA. There's a lot of reserved IPv4 addresses, and some ISPs (especially for mobile internet) made the good decision to go IPv6-only, using 464XLAT for connectivity to legacy IPv4-only servers. Way better than CGNAT.
It actually is, in fact, illegal! Specifically if you're renting it. This is only legal if you provided the device, which means the title is incorrect. ISP routers are typically only rented/loaned, so hacking those would be strictly a felony or crime
@@SadKris lol. I know.
But if you were to buy your own equipment and all you were doing was spoofing a serial number in the powershell, it wouldn't be defacing the rented product. But probably still illegal in terms of violating some fine print somewhere. Lol
@@SadKris although, don't mess with cable modems because theyre also protected under radio frequency laws, and those get handled way harder than just lying to your ISP. We're talking federal charges.
@@sandordugalin8951 ye i wasn't trying to like correct you on anything or smth, i just thought the wording of your comment was funny given context lmao
As a former ISP technician for 5+ years I must say, good job.
In my country if you know "how to ask" (at least mainly correct terminology which shows them that you are not a complete tool and actually know what you want) ISP will let you (providing needed parameters) and in some cases if needed even help you set up your own device.
"if you know how to ask" I had a similar experience with Vodafone Germany
The latter kind of comments you mentioned at the start of the video... it's always great to disprove them with a video proving them that you're right and they were wrong.
Vindication, hell yeah.
You got an easy one to bypass, in France, bypassing ISP's boxes is not that easy 😋 but it's a great educational video 👍
Thank you!
Great video.
Unfortunately there's no SFP in the ISP Routers in Portugal.
For some years now not even ONTs. Its fiber directly to the router and you get only copper twisted pair out.
We have that in Poland, and that's not a problem. You can buy media converter directly from GPON fiber (without SFP cage - built-in like in ISP routers) to RJ45 ;)
@@morsikpl how would you connect up such a converter? connect wall fibre to converter? what about the ONT? i like to sniff the VoIP password
@@SEOng-gs7ljsad I can't put any photo here :(
First you must understand that In our new buildings in Poland it's required by law to have fibre and copper (RJ45) connection from building patchpanels to the apartments. This is for big multi-apartments multi-store buildings I mean.
Then ISP gets into that building (or your home, since this moment it's very similar) puts their routers/patchpanels/whatever in basement of building and in case of multi-aparment building, patches fiber from their patchpanel to building patchpanel that has one end of your fiber. The other end is in your apartment near entrance door. There are always 2x RJ45 and 2x fiber.
Now, ISP gives you their router with fiber connection and fiber cable and just connects it to the wall. Remember that their router is *also* ONT. Just not separate one, but integrated into the router.
So the only thing you have to change is just replace their router with your ONT+your router and that's all ;)
In terms of hardware I bought ONT LXT-010H-D by polish - ironically ISP - LeoLabs. It's 2,5G so I can have my 2G down/600Mbit up fully accessible. And I just set serial number on ONT to the one written in ISP's router label - so that was easy.
In terms of password: now it really depends on your ISP. In my case, they don't provide passwords for fiber installs (I have Orange Poland). But guy on Chat gave me unofficial hint "we will give you password if you have problems with internet for example connection to our router is not working" so... I just disconnected it from the power so it "was not working", guy send me SMS with my PPPoE password (login was already available on their web portal) so I could just enter credentials into PPPoE connection on my DIY Debian-based router.
I hope this comment won't be blocked because previous was... :/
Usually, you either get an SC-APC or SC-UPC terminated cable. So all you have to do is get one of those transcievers (I recommend fs.com), then put it in a media converter, and connect the other side to the router. Of course, then you have to figure out how your ISP-provided router authenticates to the ISP. Could be with serial (like mine), with MAC, or with a LOID password.
@@tomazzamanwhere's my comment here... ugh :/ Why it's hidden? :/ Why I just can't help people with answers because my comments are hidden/removed? :/
My isp forces me to use their ONT but it's configured like a bridge to Ethernet in my house. The good thing is that it works well and doesn't interfere but I keep asking about higher speeds or adding a second line. Their own ONT even has a second port they could just provision since it's not being used for IPTV or anything. But the customer support is overseas and aren't very helpful. There was one guy named Cederich on the online support, very cool guy because I ran into him twice in one week 😂.
the good news is another company has installed their own lines in our neighborhood recently and are just waiting on the city to approve the rest of the permits. Hopefully soon there'll be more competition here in my neighborhood.
The AVN Fritzbox is actually a great device. The only downsides AFAIK, it is proprietary and you don't control it.
@2:00 That depends on what you want to hack and how experienced you are.
@2:38 It is not just a router. It is an "internet box". Everything you might need is stuffed in a box. There is a switch, a DSL modem, a WLAN module, etc.
@12:19 The "minus" is a flag, not an operator, my dude. 😉
There's no DSL modem in the Fritzbox 5491, but I totally get your point
Meanwhile my provider literally sent me a step by step description on how to set the correct VLAN and other settings for pfSense/OPNsense to configure it...
Dutch?
That's actually awesome
Great video for all networking enthusiasts. I myself am very satisfied with my Fritzbox for home usage (it is a very current model). Nevertheless, I was able to learn something because I now know that the Fritzbox is able to capture network traffic 🙌
I just love content like this
Thank you! There will be plenty more! :)
I'm all for using your own equipment, but this is the GPON equivalent of finding your PPPoE/SIP credentials and VPI/VCI. At least on the Fritzbox you can disable TR.069 manually. Unfortunately your ISP chose to use the router instead of the ONU to authenticate you on their network otherwise you probably wouldn't have noticed. Although I don't think they went above and beyond, they're probably very lazy and scan the big barcode on the box they send you. Cool addition to be able to run it in a switch, most SFP programming I've seen was directly connected to a CPU, definitely not DHCP. Nice to see you succeeded, hacking can be very frustrating ;)
I would agree it's a lazy way to do it, but on the other hand, it makes replacing the SFP module simple. And everything the customer might ever need to see is right there on the label of the router.
great video might use this as a basis for mine, but more congratz for having what could be called sponsor even if its just for one video :), i wish i will get to that level one day but i have a long way to go with my crappy 360 subs.
also fun fact hacking has multiple meaning and one of them mostly used in IT is someone who achieves their goals in non standard way. there is also the phrase Hack something together which means to finding quick workaround or solution that isnt standard.
I have just bought the ONT LXT-010H-D ONT from Poland, it shipped really fast here in Greece. I read the content of my ISP's ONT and with telnet (Putty client) pasted the serials etc from my ISP's ONT to the Leox ONT and this is how I use my own mini-pc with intel N100 cpu and 4x2.5gbps ports and pfsense as a router
What more did you need to do to use the mini PC as your router? It's a cool idea
I haven't heard of them before. Will order one and test it myself, sure looks like a great idea! Thanks!
@@tomazzaman You are welcome. Ask them in the support since they do not list prices but I can tell you how much was mine. I got the one one that gives 2.5gbps ethernet port so I can get a little bit extra speed from TCP/IP overhead. They have one that is 1gbps ethernet. Not sure the price difference, I went only for the 2.5gbps. The fiber as medium runs at 2500mbps downstream and 1250 upstream, at least here in Greece. Soon in my area we are going to get an ISP which will provide 10gbps symmetric, basically they will put it up to the customer how fast he wants to go depending on the gear the customer has. So I might change my ONT to a 10gbps.
Please correct me where I am wrong. Leox I think is an ISP in Poland and they are making their own equipment which to their credit is "hackable" without too much trickery. So kudos to them!
Price was: 56.58 EUR. Including shipping and all. They also included a nice mousepad and a pen!
@@tomazzaman also they are selling an SFP+ module that is "hackable" like the ONT. So in the router you will be making and most likely I will be buying, if you add an SFP+ 10gbps port, we might be able to just use 1 module from them directly without the need of a switch or even ONT!
@@tomazzaman this is the GPON I am talking about (GPON STICK LXT-010S-H)
Excellent video, Tomaz! Not too long, precise, easy to understand. I really enjoyed it. Cheers from USA!
The main idea why it is useful: you can have access to ont vlan’s directly in your equipment, usually it reduces devices and wires in complex setups. Same thing is much more complicated with huawei replacements, which is highly popular in some Eastern Europe regions.
On previous video what found most interesting was commentators says an EU directive (in place or in making) for ISP to have an open network option, that is, you use your own ont router of FW and ISP provide basic/generic instructions how to setup.
However can’t find anything online.
My fiber ISP uses AON instead of GPON, I don't know if that makes it different but at the moment I can just use my own SFP module with a transparent "dumb" media converter and just plug that into my router of choice. Nice for now. Rumors were flying they stop this, but has been fine for years. In the beginning you needed to use MAC cloning, but if you request bridge mode, you can remove the isp modem as well for some reason. Now they have the fritz 5530 and no longer offer bridge mode, but it still works with your own equipment out of the box. The ISP modem does have a serial number but for now it seems to be irrelevant. I feel lucky because here in Austria we dont have "router freedom law" like they do in Germany.
The "problem" with GPON, if one wants to call it that way, is that the technology makes use of passive optical splitters, which are one of the reasons for the p = passive in GPON. That means that the ISP splits the same data stream to multiple customers which then need to filter out the relevant data without gaining access to all the date destined to other customers. AON on the other hand usually consists of one (or more) dedicated fibre runs from your home to the ISPs point of presence in which the fibre is terminated. Building the network this way the ISPs active equipment can directly send the relevant date to the corresponding customer. This is why you as the customer do not need to "authenticate" yourself via a serial number or MAC address to the ISP.
@@Middicom thanks!
@@Middicom When the P is not there, it's just GON! (gone, ok I'll see myself out)
I have read too many comments about how it is illegal because technically we are renting the equipment. If they do not offer an option to OWN, the equipment, then it is wrongly forced upon us to be rented. At least that is how I justify the fact these should be hacked and bypassed.
I am having issues getting past my Calix for my provider, but I offered to spend a couple hundred bucks to buy a replacement one that doesn't have a back door from the ISP, if they would just allow it on their network. They tell me that is absolutely not possible. Which is a lie, it is possible, they just don't want to do it. I get that I am living in an apartment and when I leave it would be super inconvenient to have to send a technician out to swap it back out... But I am willing to pay the price for both those services.
Thank you, Tomaz. Nice and quick, no fluff. Instant subscribe.
I have a Fritz in the UK, but they're expensive, I don't want to brick it. It's frustrating that they nuked ssh/telnet, I'd have been happy with that.
If you got to see the modems we got here in Australia, you'd be thankful for the one you are dising on.
My god, yes you're right that this is technically "hacking", but you were given a pretty nice deal of cards from your ISP:
- Your ISP's modem ship with a firmware containing an actual packet capture tool (yes it's not linked anywhere but it is available on the modem at least, which is not the case for most of them)
- The SFP module is actually exposed on the same network, and not communicating in a separate network not exposed by the modem to the outside (which I believe is what most other ISPs do)
- Your SFP module is easily physically accessible on the modem, instead of not being hidden inside the modem and accessible in a non-destructive way
Sadly, this is not as "easily" doable on other ISP's modems :(
I am glad that I have the opportunity to use my router for my Internet connection. This Fritzbox thing reminds me my last vacation in Germany, there I rented an apartment with a Fritzbox modem / router. I was only allow to use port 80 and 443 for outgoing traffic. So I could only get my VPN to my home server working by using port 443, which was a bit annoying.
You don't need to hack their router. Just drop your own router downstream of it that you have full control over. Now you have an edge router that is yours, you own, and only you can control. Pretty simple really. Add your own WAPs, and turn off the wifi on your cable provided router. Setup your own LAN, and route your network traffic through your edge router. Any and every business who has decent IT, does this no matter what their ISP/IP/Handoff consists of.
13:42 it's not just about FUN..
Simply putting router to bridge mode may not be an option for many, my ISP disabled bridge mode and only allow it if I buy a Static IP, so this 'hack' is pretty useful!
Finally I know how did you do that. You mentioned in previous video that on German forum, that I also followed, there is a firmware for Fritzbox that allows packet capture that by default is not available. But even with a Wireshark you can just connect any router via RJ-45 (of course you have to connect only a router that is not connected to any other device) choose the ethernet interface to capture the data sent and received between the computer and a router or modem and look for a payload. I am just wondering is is doable with Huawei HG8245X6-10 that in fact can alos work in bridge mode and then on your router eg. Mikrotik you have to configure PPPoE as I did currently. I just would like to replace this Huawei with a TP-Link converter that exists on the market a really long. The only one thing you need to know it this case - do you have a multimode or single-mode optical fiber and buy a proper gbic SFP module.
What a nice video, part laptop ad, part educational hacking video. Great!
I liked the the final part, of it not being so practical, but where is fun in that?
Thanks for the video!
I very much like the acknowledgement of bridge-mode and how it is mostly also acceptable.
My ISP in the USA provides 10Gbps fiber using XGS-PON. They provide an ONT, but customers are allowed to use their own router (using a TP-Link Omada ER8411 with mine).
Works much better than some other ISPs that provide a combined ONT and router with some proprietary authentication scheme, that they force you to use.
Uf XGS-PON. Spoke with one of the ISPs around here. They offer it, but no sales in residental customer base. Too expensive.
Amazing video quality and trully underrated chanell. Keep it up Tomaž, i will definetely watch other videos aswell. Br from Maribor :D
Excellent! Your demonstration was clear and concise, well done!
Fun Fact--most ISP provided routers never change the default password. Usually the password default has a "random" generator that changes the password a fixed intervals but if you know the original, which they don't change, you can usually lookup online what the current password is based on the default seed.
The correct technical name for the SFP module is "čikoladica" (smal chocolate). I got a name for looking like kinder chocolate.
That's cute :) I have a mental image now everytime I see an SFP module
13:43 actually, and ironically, as far as I know FritzBoxes do not have a real bridge mode setting. The closest you can get to it is to connect the router you wanna use as the sole network device on the FritzBox (and on one subnet, the FitzBox subnet), set it as an "Exposed Host" in the port forwarding settings (and you probably want to disable the FritzBox DHCP server as well as other services you no longer need), and then connect the rest of your network devices to the router you chose to use (and set it up as a different subnet than the FritzBox). But in my experience this sometimes causes some weird routing issues, although rarely enough not to be a real problem. Most importantly it probably affects network performance a little bit.
Thanks for a great presentation! Even when you butchered the English words you came out on top of it. People forget how hard it is for bon English people to speak English. Well done sir 🎉
Is this GPON or XGS-PON? With the more modern Fritzboxes (5530/5590) the SFP+ is “dumb”. The SOC in the router does all the processing. So only AVM SFP+ modules work and you can’t use their SFP+ in your own router. I am amazed that with your FB it worked.
This is GPON. I guess I'm lucky then? :D
Not all of the SFP's with larger shells are 'smart', or ONTs. Some are just oversized to support SC/APC connectors
Man, having to do this sort of stuff just to get rid of an old, shitty router makes me so glad my ISP just lets me use my own Mikrotik router, and so all I have in my home network is a simple media converter / modem going from optical to copper. The rest is up to me.
Beautifully done, brilliant!
Odlično, si izpeljal in predstavil 💯
Absolutely brilliant. Thanks for the detailed explanation....
1. Get a laptop with an rj45, I hate it when customers call and doesnt have a proper laptop with rj45 port or an converter. 2. ISPs doesnt mind if people doing this stuff. Just have the ability to have the stock router setup when calling in if you lost connection for trouble shooting purposes.
this is perfect. am i also able somehow to discover that serial when i have external ONT? like huawei small one?
It's a 4090 Mobile. That is a castrated AD103 GPU. If you run it in 120W mode it's performance is around that of a GeForce RTX 3080 Ti.
I got the same FS module you mentioned in the past video and tried to use it with my FRITZ!Box 5590 but the device keeps telling me that "No SFP module found" and gets really hot after triyng to configure it, I tried with a different ZTE module I got from AliExpress and at least it shows as "Unknown SFP module"
Is this a problem with the SFP module itself? Does the 5590 support the FS module? I am missing something?
Please I'll appreciate any help, I am struggling with this since past year
Nice job. My Jurassic Fibre Nokia PON has the web config locked down so I can't even access it. Bridge mode was my only choice to secure my network. Mesh FritzBox setup from the prior DSL connection slotted straight in.
Why not just set the provided router in Bridge Mode and call it a day?
I hate the idea of "just putting your old router in bridge mode", because I hate the idea of locked-down hardware, and anyone at the ISP having access to it.
Great video!
Technically it's not a modem, because it doesn't modulate/demodulates analog signals, there is only digital signals.
Also, a PON stick being utilized in such a manner, directly locked down to customer premises equipment (CPE), is not a common practice observed in ISP setups here in the Nordic. ONT's instead of pon sticks so the customer can bring their own hardware if would like. also there is L3 switches
I get that these are oversimplification of the technology and that most of the people that will probably watch this video doesn't care :)
-jr network engineer c:
Yep, These videos would have 0.5% of the views if I go hardcore :)
I honestly have no idea why my ISP gives out PON sticks without the serial stored on the device, and a couple of pages of documentation.
@@tomazzaman haha, that sounds like "work" so Yeahh they won't.
But I'm more curious why they don't use ONTs instead really.
Hi Tomaž, did you sell the Fritzbox 5491 or is it collecting dust because you have to give it back to your ISP once the contract is terminated?
Did your every tried if your own SFP module works in the Fritzbox 5491? It's not supported by AVM, so of course I'm curious if it would work anyways.
My ISP bridged the router and I control my network now.
Good for me. Bad for Murica people.
Your all wrong. The term hacker or computer hack orgninated at MIT in the 60's. A hacker was someone who did cool and unintended things with a compute, peripheral, or with code. Hacking was the act its sef. It it was paying a complemment to say "hey nice hack" and had ABSOLUTELY nothing with how "hacking" is viewed today. In my opinion "hack" is one of the most bastardized words on the internet today.
I don't use my ISP router, I'm using my own opnsense box.
Glad it's optional for using the ISP router in my country. 😂
I just buy what I want, configure and done.
Only drawback we do have are the tv setup boxes that are ISP locked (on MAC address). But no big deal because I only use the internet and streaming services.
Soo hacking an ISP router to bypass it is quite simple and the basic premise is that ISP security consists of 2 parts, WAN MAC address validation and then a key exchange for creating the connection or tunnel to the ISP. First part is creating a tap on the WAN side and capturing packets and with fiber this is ultra easy. Next is finding the, intercepting or extracting the key used to encrypt outbound data. Then you intercept the outbound key exchange request. Then you capture the entire exchange and then implement the key exchange on a router where you either use their transceiver or you spoof the WAN MAC on the WAN connection side. There is a 3rd part that may be implemented which would be VLAN, there may be VLAN used for reaching the ISP but this can also be easily emulated.
My ISP in Switzerland: we don’t give you a router but we suggest a fritzbox fiber. But if you need help with pfsense, feel free to contact our nerd employees by phone or mail. This should be standard procedure
I have a Calix Systems ONT from my ISP, I imagine I might have to go on a similar path. You rightly presumed in another comment it has the green connector, is that important?
Incredible video, it was a pleasure to watch
I need to learn how to do this because my ISP has the public share opened, and it can't be disabled, which is a security risk. Also when people use the ISP Hotspot I'm the one who loses speed, even after paying a premium to get those speeds.
Curious what you have to say about AT&T's hellish gateway box.
I wouldn't mind if you made a Slovenian version
thanks a lot - if you got more in-depth videos like that, i'm looking forward you upload more stuff like that. cheers from right around the corner ;)
Anyone that turns a lawnmower into a vacuum cleaner is also a hacker.
where can i read the full guide
would this also be applicable to Innbox routers? afaik, they have built-in sfp module so i don't know if replaying the payload is even necessary here. just cloning the mac address of the innbox modem should be fine?
Telekom doesn't use MAC address to authenticate with the OLT - they use the serial. So you could get yourself one of the FS.com PON sticks I link to in the description (and a media converter, if you don't have a SFP-compatible switch), and copy over the serial from Innbox router.
I really learn about how stuff works from this! Cool
Yeah I doubt this would work in the USA but glad you could get a workaround working.
Do Fritzbox's allow you to run a VOIP server? I am thinking of changing ISP's they use Fritzbox.
i wonder how important or confidential is serial number? its for me just number identify the device with no user data or identification associated with it
You should hold it a against them about not having rj45, Love your videos Btw.
Recently my ISP switched my router.
The new one:
- Has 2 ports (excuse me, what year do we live in?)
- Has about 5m usable Wi-Fi range.
- Shuts off the internet access regularly for a few seconds because the public IP expires (like what?)
I'm lucky enough to have a separate gigabit switch and an AP in my office.
Oh and while we're at it. They shut off my internet for an entire bloody day before switching out my old router, because we got assigned an IPv6 address (god why) at 2am and the old one was v4-only. Arghhhh...
Oh damn, that's bad. Can you move to another ISP? This sounds ridiculous.
@@tomazzaman The other one is even worse. Sadly.
I just looked around the "IPMI" - if you coulc call it like that - of my ISP's router, and they don't even let me set up a bridge and change the DNS addresses... WTF?!
I don't like saying "I'm hacking ____" I like "I'm reverse engineering _____"
Why did you need a windows laptop?
Been really enjoying both videos!
I only got coax gigabit internet, so the upload sucks with only 50mbit and i cant really use any other router than a fritzbox or a ISP provided box, since there are no real alternatives in the EU/Germany other than the technicolor tc4400 which is really overpriced as a modem :(
close your eyes and remember that [noise/symphony] when your computer was trying to connect using the phone line.
then remember how long images of pretty ladies took to load.
THEN remember the $300 bill for a xxx phone call that you never made.
p.s. the phone company dropped the charge.
my mom never believed that i didn't make that call
and 30 years later i still wonder about those 1-900 numbers. it's part cringe, feeling sorry for the person on the other side BC making me speak is very difficult, and holding back the urge to critique her performance. say this. not that. I CAN'T believe you said _____ it almost made me gag. lol
sorry had to much fun typing this.
@@jounlow i am too young to be able to relate to this, but i have heard many of those stories :)
Good read my dude
Had quite a frustrating experience recently when i tried to update a Fritzbox. Turns out only the ISP could do that and they were several versions late already. and also they could do this at any given time so... Meh.
Upgraded my connection to a better one shortly after that, got a new Fritzbox so that was no longer an issue, at least momentarily.
"...just put the ISP router in the bridge mode...". (The ISP device is in that case only being used for its ONT.) Well, that is not always possible. In my case, I have a fancy communications cabinet which the architect built into my wall where all the in- and out- going cabling is placed. That cabinet is unfortunately very small and the ISP device is bulky - I cannot manage to fit that device, my router and the corresponding power bricks in the tiny space available. So, if instead I use my own ONT (a pretty small box) and my own router than I'm fine. Of course, that approach requires specific knowledge and (in some cases) some "hacking". And if in addition you want to retain the IPTV and the telephone service (I don't), the project becomes a bit more complex.
A silly reason to get rid of the ISP device altogether, I know, so I thought I would share it with you. And BTW my greatest compliments and admiration to you Tomaž for your excellent presentation of an excellent work! Iskrene čestitke! 😉
Mine is a gpon but even with right credentials with bridge mode enabled it could not get authenticated even with same gateway address
Didn’t know the longer SFPs had SoCs in them. Was wondering why they are so expensive.
Hey I have an internet issue basically my games don’t feel right when I’m online but when I disconect to offline they feel fine and I’m not talking about lag or anything like that because I get my speed I pay for it’s like a weird Desync sort of delay that makes my inputs not feel snappy 😢 so I cannot play competitively online it completely ruins the experience if anyone can help im any way please your input would mean a lot
Hacking is more about the spirit of tinkering and protecting your right to own. You dont have to break into systems or protections to hack. Anyway, whatever you feel like doing.
i think if you land a job at a ISP it's no longer hacking it's "gaining experience[by tinkering] to insure you're able to be prepared no matter the task.
sir i doing it for the company!
Step #1...Buy your own...would never use an ISP that requires you to use their equipment. I have cable...I use my own cable modem and I use my own router/networking equipment.
The Bridge-mode comment isn’t applicable with newer hardware - my ISP supplied FRITZ!Box 5530 router has no bridge mode, leaving me with double NAT 🙈
Do a video on att’s, bgw210! I need to rip their certs off so I can replace it with my ubiquiti router
My ISP router doesn't even have a bridge mode, and recently they "locked" all access to the interface (its all remote with their own tools), F that! I'll try this someday~
"Hackers: Heroes of the Computer Revolution" --Steven Levy
This is I guess for Telekom Slovenia TS? Eliminating Modems on A1, is quite easy also. However I don't think you can eliminate OLT unit on GPON Fiber also, ... ?
does router you making now have hardware pppoe offloading? since we need use PPPOE for 100M~2G (mine is 500M/500M) network here
in my country isp using pppoe to authenticate so i don't have to do that but how i can out isp router in bridge mode when isp hidden the choice in menu
I received updated fritz 7530ax modem/router for fibre which I put in bridge mode network /mesh with old fritz 7530 downstairs router mode enough fun for me! Interesting. Not a hack though.
Step 1: build your own router. Done.
What annoys me with ISPs is that they tie the WAN access to the serial number of the ONT. On my setup, the PPPoE connection is handled by the router, but I still need an ONT sending its serial number along, which is just unnecessary. A media converter would do the same thing. Is it possible to spoof the ONT's serial to the OLT on the ISP's side so people running their own routers can skip the fibre modem entirely? It would save people a couple of bucks (the cheapest ONT costs about twice what you pay for a media converter) and streamline their setups (I need to keep my ONT up to date - a media converter not so much).
And before anyone asks - I checked, this would be perfectly legal, at least in Germany. They can't force anyone to use specific equipment according to § 73 TKG (3). They also don't have to support you to set up your own, though. You may use whatever device you seem fit, as long as you don't disturb the public network.
I pestered my ISP so much they caved and gave me the username and password, said they would do no more support if I fucked up, but I haven't yet. I was sick and tired of contacting them to set up port forwarding and shit like that, which I did a lot due to messing with servers.
Glad my ISP just uses plain fiber ethernet, and with no 802.1x or weird vlans. Just stuff in any compatible $10 SFP module and it just works - unlike this GPON based stuff which requires at least a bit of hackery, ISP assisted provisioning (which they will usually refuse to do) or both.
Does your ISP provide an AON connection? Those are rare...
8:44 you forgot to censor the hex part of payload
Hacking sometimes involves material loss.
Hi... Why is this sort of brilliant videos should be thought of as hacking??? My "wild" 😜 interpretation of that Oxford definition indeed makes me think that the ones who do hacking in the first place are the ISP themselves. When they use and abuse the information they carry to their own extra profit, and I for one, would like to know, inquisitive as I am, what determined use cases are our data are subject to. Does anyone know the full extent of those explorations? I don't think so. I do know that those who hold and explore the information, should be accountable for that activity.
Besides, the video is extraordinary!!!
One great UA-camr!!!
Thank you!!!
forum link please