1. Home
  2. Voice-Over-IP
  3. Linksys PAP2 hack?

Linksys PAP2 hack?

The PAP2 usually comes preset with the provider's IP, and seeks it itself. Only after the provider gives its connection, does the dial tone appear on the PAP2.

Can the PAP2 be hacked to seek another Asterix box for example? I'd be interested in a setup where I have the two POTS ports of the PAP2 available, and I could dial from one to another. I'm sure the PAP2 has no pbx capabilities, but would be nice to get it to talk to a linux-based pbx at home.... unless its communication protocol (SIP?) is too proprietary.

I'm also not sure if the firmware of the PAP2 is located in a different spot from the configuration, or is everything configured, compiled and burned? If the config is in a different place, making it point elsewhere should be trivial..

If it speaks standards-based protocols, I could even fake the IP it seeks, pointing to a local asterix box for the job.

Any thoughts?

This also allows me to roll out my own VOIP joint... or at least skype-type joint where people can use their standard phones + PAP2, without the use of a computer. Legal issues in reconfiguring the PAP2 if at all possible?

Reply to
Ghazan Haider
Loading thread data ...

Why not just get a Sipura box that you don't need to hack????

Mike Schumann

Reply to
Mike Schumann

The PAP2 usually comes preset with the provider's IP, and seeks it

Who's your PAP2 provider, i.e Vonage?

Can the PAP2 be hacked to seek another Asterix box for example? I'd

be

has

(SIP?)

I haven't seen one hacked, yet.

I'm also not sure if the firmware of the PAP2 is located in a

it

I hear from other forums that resetting the PAP2 to its factory

original will certainly remove the lock; however, during the process

of resetting, it will ask you the password if the PAP2 has been

registered to some provider.

If it speaks standards-based protocols, I could even fake the IP it

AFAIK, PA2 along with most ATA devices on the market are SIP

compliance; thus, it speaks some standard-base protocols.

This also allows me to roll out my own VOIP joint... or at least

PAP2

How would you do that since Skype is not SIP compliance?

Reply to
mazilo

Ive been told you can sniff out the connection stream for the Pap2 and the other linksys vonage routers.

No firmwares have been posted to convert to the NA models so far as i know.

I personaly would like to make my asterisk box the vonage ATA device.... and to use my Linksys rtp "vonage" router as a phone adaptor for my network.

I may have to convert to another phone providor that is more asterisk friendly.... but i would still have this linksys gear .... unusable.

Reply to
VISION

formatting link
It is an idea. Why doesnt someone call up vonage with their pap2 device

(using the old firmware) and have vonage "flag" an update to their

device. The way i look at it is this. If vonage can force feed a

firmware update to the boxes, why cant we? If they flag one of the

boxes, and we have ethercap running, we capture the traffic, we analyse

it, and most likely we get the magical admin password to the pap2. If we

dont get the admin password atleast we figure out how they feed firmware

and we can copy the firmware the same way (through faked dns entries and

such)

Its a valid idea, and i have a VIRGIN pap2 to try your ideas on. (i am

currently trying to brute force the username and password which is

frankly impossible even at 1000 attempts per second, it will take

1million years, no joking, to force the password)
Reply to
mcamino

formatting link

It is an idea. Why doesnt someone call up vonage with their pap2

device (using the old firmware) and have vonage "flag" an update to

their device. The way i look at it is this. If vonage can force feed

a firmware update to the boxes, why cant we? If they flag one of the

boxes, and we have ethercap running, we capture the traffic, we

analyse it, and most likely we get the magical admin password to the

pap2. If we dont get the admin password atleast we figure out how

they feed firmware and we can copy the firmware the same way (through

faked dns entries and such)

Its a valid idea, and i have a VIRGIN pap2 to try your ideas on. (i am

currently trying to brute force the username and password which is

frankly impossible even at 1000 attempts per second, it will take

1million years, no joking, to force the password)
Reply to
mcamino

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.