Keyspace List for WPA on Default Routers
(06-07-2017, 12:21 AM)soxrok2212 Wrote:
(06-06-2017, 05:59 AM)mrfancypants Wrote: P.S. In case anyone ever wants to pick up where I left off, here are some pointers.
Firmwares are at, the web site may be someone's personal Linux PC and it is sporadically on and off, I couldn't find any alternate sources.

Thanks for the link. I do have a bit of MIPS locked away in my head. The server seems to be down at the moment, do you have a copy of it?

Also, I am friends with the guy who did research for the PDF you linked Smile I'll try to touch base with him.

I seem to have deleted the originals, but here's an extracted filesystem for a 589:

Incidentally, The "Jimi Hendrix lyrics" code that I mentioned above is actually well known and very old, it's this: It may have been used to generate WEP keys in the ancient past. I don't think it's used now at all.

I went further back along the 589/599 product line and got as far as a 2013 firmware for Motorola 2247, and couldn't find any relevant algorithms there either. (Binaries look almost identical to 589/599s.)

Right now my interest is in older 2Wire models (2700/01,3600,3800/01.) I got a couple of firmwares, but I can't get in because they are compressed using something nonstandard ("tmdecompress.c" - Google turns up, literally, one relevant hit, from back in 2004). Any chance your guy has either an unpacked version or a working unpacker?

Messages In This Thread
RE: Keyspace List for WPA on Default Routers - by mrfancypants - 06-09-2017, 10:56 PM