Saturday, August 16, 2014

How to capture LTE WAN traffic for diagnostic purposes on Huawei B593u and not so much of security

Found this document on Huawei webpage you might be interested. It's in Microsoft Word .docx format.

http://www.huawei.com/ecommunity/3msimage/download-10060827-10000297-9bca6ae8ffa54796a5245e6650b0e607.bin?type=bbs


Doc shows how to access Qualcomm diagnostic interface of EM920u module inside B593 using QXDM and QPST.

It also shows how to gain root access to device using something called "Huawei deviceLocker V0.1" diagnostics tool. Which I find worrying as there appears to be some magic-packet that can be sent to device to bypass protections. Document also has same hard coded admin password listed that I found out on my previous post.

There's also mass firmware upgrade tool out that will upgrade multiple devices at once. All B593's to upgrade must be connected to same isolated LAN, PC client will then send firmware to devices using multicast. No authentication is required. Seek for document named "LTE CPE B593u Binary Upgrade Guide.doc" and "B593_upgrade.exe" application.

For upgrades Huawei uses multicast address 224.0.0.119 and binary on router side is /bin/multiupg.

1 comment:

  1. Today (07.04.2015) the link provided is covered with https://uniportal.huawei.com/uniportal/?redirect=http%3A%2F%2Fwww.huawei.com%2Fecommunity%2F3msimage%2Fdownload-10060827-10000297-9bca6ae8ffa54796a5245e6650b0e607.bin%3Ftype%3Dbbs requiring login. I did register but failed to login so far. Will try later to get to the document

    ReplyDelete

Got something to say?!