Beruflich Dokumente
Kultur Dokumente
from Haxorware from the Baseline Privacy tab do NOT work, (either from the .tar
or by downloading certificates separately). You will need to extract them from t
he 32 KB nonvol or 2MB dump.
Here's why:
The length of the keys (in hex) when you extract them from haxorware are as foll
ows:
public.key 8B
private.key 289
root.key 10D
cm_cert.key 326
ca_cert.key 403
This is actually incorrect. If you use the nonvol explorer and extract the keys
from your nonvol, the lengths will be as so:
public.key 8D
private.key 289
root.key 110
cm_cert.key 32F
ca_cert.key 409
These inconsistencies will give rise to this error when trying to start BPI:
[ERROR] [DOCSIS.BPI(pid=267)]: Decrypt Auth Key: Couldn't format PKCS#8 private
key into PKCS#1 format!
For those of you who know what you're doing, you already know what to do at this
point. For those of you who don't, I will be kind enough to give you a step-by-
step tutorial on how to both extract the needed keys from your SB5101 running Ha
xorware and import them into your SB6120 with shelled firmware. Most of this inf
o is from other places on the board, so I'm not trying to take credit for it. Bu
t here, it is compiled into one guide from start to finish.
1) Open Haxorware on your SB5101 and go to backup tab. Select download nonvol (3
2 KB). This will download a nonvol.bin file.
2) Get the nonvol explorer program (cmnonexp.exe) by qingpu. Version 1.1.1 -> ht
tp://www.sbhacker....&attach_id=3384
3) Place nonvol.bin and cmnonexp.exe in same folder. Open CMD and navigate to th
at folder. Run "cmnonexp.exe -e -f nonvol.bin". This will extract 5 files and th
ey will appear in the folder with these names:
non01_1_public.key
non01_2_private.key
non01_3_root.key
non01_4_cm_cert.cer
non01_5_ca_cert.cer
4) Rename them as follows:
non01_1_public.key -> mfg_key_pub.bin
non01_2_private.key -> cm_key_prv.bin
non01_3_root.key -> root_pub_key.bin
non01_5_ca_cert.cer -> mfg_cert.cer
No need to rename cm_cert.cer
5) Setup FTP server. Set the directory to whatever has those files you just rena
med.
6) In SB6120 shell, navigate to "cd /nvram/1/security". Use the "ls" command to
list the contents and you should see the certs in there already.
7) Remove the links to the files in there by using:
rm mfg_key_pub.bin
rm cm_key_prv.bin
rm root_pub_key.bin
rm mfg_cert.cer
rm cm_cert.cer
8) Download the new ones (assuming your FTP server has no user/pass and using po
rt 21, adjust accordingly):
wget ftp://192.168.100.2/mfg_key_pub.bin
wget ftp://192.168.100.2/cm_cert.cer
wget ftp://192.168.100.2/mfg_cert.cer
wget ftp://192.168.100.2/cm_key_prv.bin
wget ftp://192.168.100.2/root_pub_key.bin
9) CHMOD the new files
chmod 444 mfg_key_pub.bin
chmod 444 cm_cert.cer
chmod 444 mfg_cert.cer
chmod 444 cm_key_prv.bin
chmod 444 root_pub_key.bin
Regardless if you need the root cert or not this method can be used for all 5 an
d works fine. I have confirmed that BPI+ works using this method with the matchi
ng MAC of course.