Hacking a Youhua PT926G Fiber Optic Modem

This post explains the procedure to obtain such privileges from a Youhua PT926G fiber optic modem, without disassembling the device or using serial port converters. Super Admin users on Web UI (telecomadmin) Telnet's root user access FTP access FYI I obtained the device from China Telecom, Guangdong Shenzhen. Log on as Super Admin If you directly access the modem's IP ( http://192.168.1,1 ), you will see such a login page to the modem: Here you can log in with account name useradmin and the password labeled on the back of the modem, but there's not much you can do once logged in. The only useful thing seems to be Wi-Fi setting. But a Nmap scan reveals much more: $ nmap -v 192.168.1....

An Elegant "Scripture of Safety" Generator

This post is about a meme in China that may require some cultural background to understand. Since the content is related to the specific language used, there are minor differences between the Chinese and English versions. What's "Scripture of Safety"? The Scripture of Safety (平安经) is a book written by He Dian, the (now former) official of Jilin Public Security Department, China. The content in the book is simply a repetition of the phrase "Wish XXX safe" (XXX 平安), yet the book is sold at a high price. The public speculates that publishing and purchase of the book serves as a mean of bribe. The content of The Scripture of Safety is formatted as: (from Wikipedia (Chinese) ) 「眼平安,耳平安,鼻平安」 "Wish eyes safe, ears safe,...

Illustration for Intel and NVIDIA GPU Passthrough on a Optimus MUXless Laptop

Intel and NVIDIA GPU Passthrough on a Optimus MUXless Laptop

Changelog 2022-07-21: Add starting GVT-g on startup. Thanks to comment from Owsmyf (on Chinese version of this post). 2022-01-22: Revisions on NVIDIA driver updates and comments. I successfully passed through an Optimus MUXed GPU on my new laptop. Abstract (Spoiler Alert!) I successfully passed through Intel's GVT-g virtual GPU, as well as the dedicated NVIDIA GPU itself, into a virtual machine on Lenovo R720 gaming laptop. However, due to the limitation of the architecture itself, this GPU passthrough scheme is severely limited. For example, the dGPU is unusable in many games, and the performance is still relatively worse despite the complicated setup it needs. Therefore, you may attempt the passthrough purely for the fun of tinkering,...

Illustration for Graduation Design - Sensor Network Development Log

Graduation Design - Sensor Network Development Log

Welcome to my third development log. In the two previous logs, I discussed the pitfalls I met in the RoboMaster competition and FPGA course final project . This time I will be talking about my graduate design project, an air quality sensor network built by a 3-person group. The whole project is structured as follow: Obtain data from installed sensor modules and upload them to InfluxDB running on a server Sensors we used: MiCS6814, measures NO2, CO, and NH3 Analog output BME680, measures temperature, humidity, atmospheric pressure, and TVOC I2C interface PMS5003, measures particle matters UART serial output Extra modules: ATGM336H, global positioning module with GPS+BeiDou support UART serial output ESP8266, a widely used Wi-Fi module UART serial output MH-CD42,...

Configure BGP Confederation & Fake Confederation in Bird (Updated 2020-06-07)

Changelog 2020-10-01: Add warning to not filter private ASNs within the internal network 2020-06-07: Add limitations of Bird confederation and a way to simulate confederation 2020-05-17: Initial version Comparison of BGP Interconnection Schemes within an ISP Most ISPs, or Internet Service Providers, use the BGP protocol to exchange their route information. Each ISP will obtain an ASN (Autonomous System Number) from the regional NIC (Network Information Center, e.g., APNIC, RIPE), like China Telecom's ASN is 4134 for example. Then, ISPs connect their boundary routers via physical links (copper line, fiber, satellite link, etc.), and configure BGP protocol on the boundary routers, so they will tell the other part that: "I'm AS4134, and I can provide access to the IP block of 202.101.0....

x32 ABI and Docker Containers

History of x86 & x86_64, and x32 ABI Most of the personal computers and servers we use nowadays use the x86_64 architecture, whose specification was released by AMD in 2000 and the first processor released in 2003. Since x86_64 is a 64-bit architecture, in x86_64, each register in the CPU can hold 64 bits of data (or 8 bytes). Before x86_64 went popular, most computers used Intel processors, and the corresponding x86 architecture / ISA, a 32-bit architecture whose registers hold 32 bit of data (or 4 bytes). One significant improvement of the 64-bit architecture is the improved memory addressing ability. Computers usually follow such a routine while accessing the memory: write the memory address to be accessed into a register,...

Writing a Simple Telegram Bot

Based on the requests of DN42 Telegram Group members, I plan to add Telegram Bot support to my Bird Looking Glass , so it is easier for them to look up whois information, testing networks and finding sources of route leaks. The bot is supposed to recognize commands starting with / , and respond to the message. My Looking Glass is written in Go, so at the beginning, I looked for Telegram Bot APIs in the Go language. However, those popular API libraries all use the same scheme for handling requests: Telegram server sends a callback to my own server; My program handles the request and may send multiple requests actively to the Telegram server, authenticated with a locally configured Token; Finally, the program actively sends a request to the Telegram server to send the response....

Remove OpenVPN's Stable-privacy IPv6 Addresses

On my VPSes, the TAP network interface created by OpenVPN has a randomly-generated IPv6 address with scope stable-privacy . This address itself is created randomly to prevent tracking users by their IPv6 addresses. But when building a network in DN42, BGP handshakes may originate from this address (rather than your manually assigned link-local address) and fail for mismatching origin/IP. The solution is to configure the TAP interfaces with sysctl, and disable the automatic address generation options. OpenVPN can be configured to run sysctl automatically when creating the interface: # Add to OpenVPN's config file script-security 2 up "/bin/sh -c '/sbin/sysctl -w net.ipv6.conf. $dev .autoconf=0 && /sbin/sysctl -w net.ipv6.conf. $dev .accept_ra=0 && /sbin/sysctl -w net....

Install/Upgrade to Debian 10 on OpenVZ 6

It's the year 2020. Why are you still using OpenVZ 6 VPSes? Because they only cost one dollar per year. Since the kernel of OpenVZ 6 is extremely old (Linux 2.6.32), newer systems cannot function normally on an old kernel, so I had to stick to Debian 8 with my previous OpenVZ VPSes. But I found a modified Glibc (C language runtime library) that allows running Debian 10 normally on OpenVZ 6. WARNING I don't guarantee that the steps below are suitable for all OpenVZ VPSes, nor do I ensure the safety/integrity of this Glibc (I didn't look into its modifications, but speaking of security, the end-of-life OpenVZ 6 is probably the farthest thing from security). Backup your data , since in worst scenarios, you need to reinstall the OS. Steps The author only provided DEB packages,...

Sharing Network Namespace Among Docker Containers for Bird Anycasting

At exactly one year ago, I set up an Anycast service with Docker in the DN42 network (Chinese only atm) . Back then, I customized the container's image and added a Bird installation to it, then put in a config file to broadcast Anycast routes via OSPF. However, as time went by, a few problems were exposed: The process of installing Bird takes time. Instead of installing Bird with apt-get , since my Dockerfiles need to support multiple architectures (Chinese only atm) , and Bird isn't available in some architecture's repos for Debian. And since my building server is AMD64, and is running images of other architectures with qemu-user-static (Chinese only atm) , a lot of instruction translation is needed in the image building and software compilation progress, which is extremely inefficient....