Originally Posted by Dr_GrEeN
Thank you for your advice, I was just looking on the forums for such an answer and you gave me the answer I was looking for. Great trick with the SSL cert. I examined my SSL cert and ran into a problem.
When you stated "I think you have to add cp before the serial to login", what did you mean by "cp"? Did you mean the letters "cp", or did you mean "CN" (Common Name)? Because I can not find anything called "CP" within the SSL Cert.
I tried using:
X=Digit of Serial
But neither work, instead I am prompted with a popup error:
So I went to Google to do some research on this "cp" that I do not understand. I came to this page:
Error establishing an encrypted connection to 192.168.1.254. Error Code: -12217
And found the following:
So, now I know (by looking at the full page on the link above) that the only difference between the serial and the ANT-ID is that the serial just has "cp" (without quotes) as a prefix...just like you said. Sorry Dr_GREen as I just wanted to understand this and thought I would type out my thoughts incase anyone else didnt know where "cp" came from.
The only difference between the ANT-ID parameter and the serial number of the Home Hub is that the serial number is prefixed with ‘CP’
. So in this example, the corresponding serial number - which is the default admin password - would be CP0633EHPSL (see the screenshot for more information)
So back to the problem I had earlier, where I was entering the wrong details. I checked the SSL Certificate and obviously when I viewed it, I seen the word "Serial" and automatically thought that is what it was - the serial. Infact it was not the serial at all, well not the serial of what I was pentesting.
So after doing some reading I figured out that it is actually the Organizational Unit that is used in conjunction with the CP.
Here is the information I was looking at on the SSL Certificate:
Thank to you Dr_GrEen for telling us about the SSL Cert hint. Now I successfully have pwned my BTHomeHub
Common Name (CN) BT Home Hub
Organization (O) THOMSON
Organizational Unit 06XXXXXXX
Serial Number 7E:XX:XX:XX
So for quick reference, the serial of a BTHomeHub is the prefix "CP" + "Organizational Unit":
Do not be mislead by the SSL Certificate stating the "serial" as it is not the serial you will be using, its the Organizational Unit.
This pentest was tested on the BT Home Hub using software version: 6.2.6.E