kcyyk
join:2005-11-02
Scarborough, ON | [PAP2] I have question?
what is purpose of unlocking/???...anyone can tell me unlock PAP2 what for? |
|
McWizzard
join:2001-06-01
Plymouth, MI
| While the PAP2 VoIP adapter hardware is designed and capable of being used with a number of VoIP phone providers (or internal PBX system), access to the internal configuration information is required.
If you purchase a PAP2 directly from some sources there are no passwords installed so the owner can easily configure the unit (maybe).
These would be considered "un-locked" units. No restrictions on getting to internal setup parameters.
Now, some VoIP providers, as a condition of using their service, install an "admin" or other password to the unit when the unit is configured with their parameters. This prevents end-users from gaining access to modify parameters. It also means that if you discontinue service with that VoIP provider, you PAP2 unit is worthless unless you can get it unlocked.
Some VoIP providers have their PAP2 devices pre-configured. These are sold at retail stores, sometimes at a discount, because the VoIP provider assumes the locked units are only of value and use on their VoIP network.
If these units can be unlocked, they can be used anywhere.
Hope that better explains why people are interested in having an unlocked device. |
|
kcyyk
join:2005-11-02
Scarborough, ON | reply to kcyyk
But My Voip provider already set different admin password inside...So how can I unlock and get inside information? If I doing factory reset all information will lose. |
|
pepiton
@217.71.x.x | If you wanto to change voip provider, no matter wath old one think and you don't ned their configuration. |
|
kcyyk
join:2005-11-02
Scarborough, ON | reply to kcyyk
So If change provider...why need unlock PAP2 ...just doing factory reset all password will gone la..how come still need unlock?...I still don't understand!!!! |
|
RonR
join:2003-10-10
Downey, CA
| said by kcyyk  :So If change provider...why need unlock PAP2 ...just doing factory reset all password will gone la..how come still need unlock?...I still don't understand!!!! If Vonage was your provider, your PAP2 will have the Interactive Voice Response (IVR) system as well as the web interface turned off and the unit will be protected by an Admin password that you don't know and Vonage won't give you. Consequently, you can't do a factory reset (or anything else). |
|
killbill831
join:2005-02-16
80147
| After this post I posted in the forum a problem that I have here in Italy with a voip service provider, they don't want to give me the password that let me access to the voip line and I can't configure another voip acces like Fritz box. I have the user id and password to access to the pap2 and also I see the advanced menù with all parameters but the only thing that I can't see is the password marked with all *********, I tried with those tools like revel, asterisks etc.etc. but nothing I need something much stronger.
Thank for everybody that will help me |
|
rizzo2dial
Premium
join:2004-08-05
| The asterisks (****) displayed by the PAP2 web interface are merely cosmetic. If you set your USER, ADMIN, or LINE1/LINE2 SIP password to one (1) or more asterisks and hit SAVE, the password won't change.
If you look at the raw HTML on the web page, you'll see only asterisks there.
Thus, the PAP2 / Sipura adapters don't actually return password values to the web interface, they only allow passwords to be set.
If you can get your hands on your VoIP provider's PAP2 provisioning file, and if that file is in plain text (or can be decrypted w/ a tool like VuckFonage), you can obtain your SIP credentials that way.
Rizzo |
|
mazilo
From Mazilo
Premium
join:2002-05-30
Lilburn, GA
| reply to kcyyk
said by kcyyk :what is purpose of unlocking/???...anyone can tell me unlock PAP2 what for? A very simple and down to earth answer to this kind of question is so that PAP2 is not locked to only work with the specific VoSP. |
|
killbill831
join:2005-02-16
80147 | reply to rizzo2dial
I only can get in the configuration page of the pap2 as I have said before I can see all the parameters but really don't know how to get that provisioning file you mentioned.
Can explain what that tool does? |
|
rizzo2dial
Premium
join:2004-08-05
2 edits | said by killbill831 :Can explain what that tool does? I assume you mean VuckFonage. If you input your VoIP provider's TFTP server name, TFTP server PORT, MAC ADDRESS and ENCRYPTION PASSPHRASE, it connects to that TFTP server, downloads the encrypted file, decrypts the file (to a new file w/o deleting the old file), and lets you view both files. It also lets you save "profiles" of TFTP & encryption settings used to download the files.
This of course requires you to know your VoIP Provider's TFTP server settings, the filename format/location on that server, etc.
Such information has been posted publicly about Vonage, so VuckFonage coincidentally works very well for that VoIP provider.  It is however generic in nature and can be configured to work w/ many VoIP providers.
The TFTP server information you need may already be embedded in your PAP2's web configuration pages. If you'd like the BBR community to look at it, do the following:
1) Open up your PAP2's web interface in Internet Explorer
2) Login as "ADMIN"
3) Switch to "Advanced View"
4) In the web-browser, click the "File" drop-down menu
5) Select the "Save As" option
6) Save the ENTIRE WEB PAGE under the name PAP2_ADMIN_ADVANCED.html
7) Whatever folder you save the file above in will also create a folder called "PAP2_ADMIN_ADVANCED_files"
8) Zip up the PAP2_ADMIN_ADVANCED.html file along with the "PAP2_ADMIN_ADVANCED_files" folder and post the ZIP file here.
If you prefer not to post the data above publicly (i.e. it may be safer to limit exposure of this information to select individuals), I'll IM you my e-mail address if you prefer. Then you can e-mail me the ZIP file instead.
Rizzo |
|
killbill831
join:2005-02-16
80147 | FOR rizzo2dial
Send to you a p.m. |
|
rizzo2dial
Premium
join:2004-08-05 | And I sent you a reply 2 days ago.  |
|
mazilo
From Mazilo
Premium
join:2002-05-30
Lilburn, GA
| reply to killbill831
said by killbill831 :... but the only thing that I can't see is the password marked with all *********, I tried with those tools like revel, asterisks etc.etc. but nothing I need something much stronger. If you can see the ****** values on the password field, then chances are you should be able to change the ****** to something else, shouldn't you? What happens after you have changed the password, can you unlock the device? If so, you should be able to see/read the Provision TAB values and also retrieve/decrypt the XML file from your VoSP to find out the password, shouldn't you? |
|
rizzo2dial
Premium
join:2004-08-05 | He's got an unlocked PAP2, and the pw in question is the SIP password. If/when he responds to my e-mail w/ the saved web-page info, I'll see what's available TFTP-wise.
Rizzo |
|
mazilo
From Mazilo
Premium
join:2002-05-30
Lilburn, GA
| said by rizzo2dial :He's got an unlocked PAP2, and the pw in question is the SIP password. Rizzo,
Once unlocked, the XML file can be retrieved. And, with your VuckFonage tool along with the necessary information, the VoSP information can be seen, i.e. account information (username, password, configuration, etc). |
|
rizzo2dial
Premium
join:2004-08-05
| Mazillo,
You're preaching to the choir.
That said, not all providers encrypt config files. Some simply convert the files into BINARY. While the binary files aren't encrypted, they're in a Linksys/Sipura proprietary format. I don't know if the Linksys/Sipura tools for generating such config files can convert the Binary generated files back into plain text.
If killbill831 is in that situation, he may be SOL.
Rizzo |
|
im_chandave
join:2005-07-28
Cleveland, OH
| said by rizzo2dial :Mazillo, That said, not all providers encrypt config files. Some simply convert the files into BINARY. While the binary files aren't encrypted, they're in a Linksys/Sipura proprietary format. I don't know if the Linksys/Sipura tools for generating such config files can convert the Binary generated files back into plain text. If killbill831 is in that situation, he may be SOL. Rizzo If the file was generated with the SPC compiler, then it will be in a binary format as Rizzo stated.
Unfortunately, the SPC compiler does not also work in reverse. It will not convert a compiled binary config file back to original text file...at least I haven't been able to get it to do it.
If your friend is lucky, the Service Provider is not generating a Device Specified compiled provision file. A non-specific provision file has not been encrypted using the MAC address of the device. Therefore, all the strings inside the provision file is still readable using a binary file viewer.
If your friend is rather unlucky, he will have access to only the Device Specific provision file. If I remember right, you should be able to decrypt it to the binary non-specific provision file using the MAC address as the key.
If your friend is really unlucky, then the provision file is encrypted using a key only found within the ATA device (like the Vonage locked devices). Hopefully, they are following the recipe that Vonage uses and you will be able to see the encryption key in one of the Web-viewable keys (GPP_A through GPP_P). If you friend is really, really unlucky, then the Service Provider is using one of the hidden keys (GPP_SA through GPP_SD) to store the encryption key. Then, there is no way of obtaining the key without sticking some probes onto the GPIO pins of the Visba3 microcontroller, counting the pulses, and trying to decode the results.
Have fun!
See ya...
d.c. |
|
