Notice：To ensure the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but not limited to politically sensitive content, content concerning pornography, gambling, drug abuse and trafficking, content that may disclose or infringe upon others' intellectual properties, including commercial secrets, trade marks, copyrights, and patents, and personal privacy. Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see“.”.

Please ignore my comment above about Windows I was being lazy! I booted up a Linux VM and I can decrypt the passwords However, while some of the passwords decrypt to their text equivalent as expected, others decrypt to a long string of characters. I attach two examples below: > PASS EXAMPLE: Encrypted: “zVW2qyh3XwXBqlMhVlzG5w==” Decrypted: “vodafone” Should read: “vodafone” > FAIL EXAMPLE: Encrypted: “TkT1xDhMpzlvnBVtrnE9nG0Q8r6uPcCC8UZIUEqPA7YBOODgjMPMdz1ZGQ6GN5qsFJR66ZLH9BycjaACYrjAG1FwMh+kgscas52NVp8hefw=” Decrypted: “ac96085e35b9d3e3e8bed88cb3434828b43b86fc0596cad4c6e270” Should read: “admin1234” Am I doing something wrong here? Do I need to use a different key for certain passwords? Is there any chance to get a hint were to get those keys? I’m ‘forced’ to use a Huawei-‘based’ Router (in it’s Firmware it is called VE886 – b880-based). After digging in my unppacked Firmware and the released Sources it seems to use AES-Encryption (encrypted in flash with 32Bytes, encrypted export with 32Bytes, encrypted Parameter with 16Bytes).

But until now i couldn’t find any keys or encryption-patterns. (normally the keys should be in the sources – but were?) Any Idea would be great – thanks in advance. So now I have a startingpoint 😉 ‘libcfmapi.so’ exists – so i’ll give it a try. But until now, I couldn’t find anything (tried objdump and radare2 – there are no ‘Sections’ like.data or.rodata) and I’m quite new to this Reverse-Engineering-Stuff 😉 Do you know of any ‘Markers’ I could search for?

Now that you have configured your router for OpenDNS, we highly suggest that you flush your DNS resolver cache and web browser caches to ensure that your new DNS configuration settings take immediate effect. The update comes straight from Huawei and will bring your smartphone to the latest Android built: Marshmallow 6.0. The firmware will also update the EMUI system, which will now reach the 4.0 version.

Would make my life a little easier. The function ‘the RkyAdtp’ however is not existent. But I think ‘ATP_CFM_ExtExportEncryptedCfgFile’ and ‘ATP_CFM_ExtImportEncryptedCfgFile’ could be the right ones.

Thanks, Marcus Like. It would be awesome if you could help! I created an archive with Firmware and a clean Config: BTW: I also tried to decrypt with the Router-API (from the Source-Package) but it seems that my Sources are to old – or i tried the wrong Functions 😉 (my Router is half-mips – half-arm, so I have some Functions twice. Mips-Funktions yield to errors, ARM-Funktions to Segfaults.) Then i tried to use the Libs I extracted from the Firmware-Package, but they seem to be coruppted (don’t know if it’s BINWALKs fault or a problem with Little-/Big-Endianness). –> so i asked my ISP for recent Sources no answer ’til now 😉 Thanks in advance, Marcus Like.

Found libcfmapi.so, and couldnt really find anything useful, but for those who can’t find the.so file its here //////lib/libcfmapi.so decompile this file to C+ so you can read it easily. I think the HG630 is locked out and this exploit doesn’t really cover it. All I found in my.so file was the following, have tried numerous ways of shuffling them around in your script, messing with it ect, but still no luck here, unless I’m missing something (which is most likely). Is there any other way to decrypt the //////config/currentcfg or the //////etc/defaultcfg.xml Like.