What is AIS/3BB Fiber router super-admin password? Want to make HG8145X6N back into an AP

[lsemprini]

 

Does anyone know the super-admin password for an AIS-branded Huawei HG8145X6N fiber ONU/router?

 

Some friends of mine have 3BB fiber (fomerly AIS in this location near Hua Hin) and they have a main ONU/Router (3BB branded HG8145X6) plus 2 AIS-branded HG8145X6N wired to the main router by gigabit ethernet that act as APs.  Note all routers are essentially the same Huawei model number despite the AIS or 3BB branding and firmware (we even use the Huawei-specific magic feature to automatically configure the SSIDs of all APs from the central router).

 

All was working ok until yesterday an IT worker (who came to redo some of the ethernet wiring) used a pin to hit the reset button on one of the HG8145X6 APs and sadly it reverted from identifying itself as:

 

Device Type:    HG8145X6N
Description:    OptiXstar HG8145X6N Repeater Terminal (PRODUCT ID:2150085145LDP4026893/CHIP:00000220351230)

 

to now identifying itself as:

 

Device Type:    HG8145X6N
Description:    OptiXstar HG8145X6N Ethernet Terminal (PRODUCT ID:2150085145LDN4009101/CHIP:00100220220206)

 

and now ALL of the menu options related to being an AP (or a repeater) have vanished.  The "mode switching" menu up top no longer has an AP mode option and the "Basic Setup...WLAN... Smart network connection" option (which was the secret trick to enabling AP mode as well as the Huawei-specific config stuff) is gone without a trace.

 

I'm guessing that the act of hitting reset with a pin either reverted the HG8145X6N to default settings, or maybe even a default firmware.

 

I've been using the usual admin/aisadmin login, but it's clear that there must be a super-admin password to regain access to the full menu and hopefully re-enable the repeater functionality.

 

I KNOW IT IS POSSIBLE FOR SURE because the other HG8145X6N is still functioning 100% as an AP and it is exactly identical in terms of all stickers, make/model numbers, AIS branding, and firmware versions.  EVERYTHING matches.  So the missing piece is a password or other trick to re-enable "Repeater" (AP) mode.

 

Anyone know the super-admin password?  Or is there another trick?

 

Older Huawei modems had a combo awnfibre/fibre@dm!n and interestingly if I use that on the HG8145X6N it clearly DOES recognize the user/pass combo but then complains during log in with the cryptic message "You IP address cannot be used for a login." (maybe it was hard coded to only allow this back door from AIS worker IP addresses?  who knows).  Nothing in the User Log is helpful about why login fails with awnfibre/fibre@dm!n

 

Thanks!

 

[lsemprini]

WHEW after a LONG search of mostly Thai posts from AIS customers on random Facebook Groups, I was able to crack this one.

 

The old username/password super-admin combo 

username: awnfibre

password: fibre@dm!n 

still works, but they have thrown another bit of security by obscurity into their totally insecure system of ISP backdoors compared to earlier Huawei AIS/3BB modems.  Like many Chinese modem brands shipped and configured by South-East Asian ISPs, the unit is riddled with plenty of other insecure backdoors too, like TR-069 with a hardcoded password. 

 

Anyway, let's say you just reset your HG8145X6N (and it looks like you may need to have the reset button pushed down already when plugging in the power, and hold it for say 20 seconds after turning on the power and before releasing it in order to get a true reset that really restores default configuration, rather than just poking the reset button while the unit is running) and it has lost AP mode capability.

 

Or, let's say you have a HG8145X6N that was being used before as your main router/ONT with the fiber connection (or used to connect to a fiber modem over the LAN4 ethernet port via PPPoE) and you want to re-purpose it as an AP to extend your network (hopefully via wires from the main router: wireless repeaters are universally terrible).

 

To get the unit (back) to AP mode:

 

1. first, without the HG8145X6N connected to anything else, connect your computer to the HG8145X6N by an ethernet cable and log in to the HG8145X6N's admin GUI using the less powerful admin/aisadmin user/password combination.  You access the admin GUI with a browser and you can get the HG8145X6N's admin IP address by running 'ipconfig' in a cmd.exe window or seeing what gateway your computer has gotten by DHCP from the HG8145X6N (typically 192.168.10.1 in my experience, but could be other).  In the admin GUI, go to the LAN configuration tab.  You need to change whatever admin IP address it chose (e.g. 192.168.10.1) to an IP address of 10.207.247.1 and change the netmask to 255.255.255.0.  Click OK/Save/Configure and allow the router to reboot and allow your computer time to get a new IP address on that subnet via DHCP.  This combination assures that your computer's client IP address will be 10.207.247.x.  From experimentation, it appears that only 10.207.x.x or perhaps even only 10.207.247.x will allow the next step to work (sigh, security by obscurity).

 

2. Now, log into the HG8145X6N admin GUI again (this time at 10.207.247.1) and this time use the super-admin username/password combination awnfibre/fibre@dm!n so that you gain access to a lot more options.  If you did step 1 properly, you should be in.  If you didn't do step 1 properly, you will get a login error message "You IP address cannot be used for a login." (or you'll get a blank screen due to their buggy software, and if you hit the browser back button then you'll see that error message in red).  Once you're in, spend some time seeing all the useful options your ISP was hiding from you.  Now, when you click the "mode switching" menu at the top right, you will see that there's an option for AP mode that you can choose.  Choose that and this will cause the HG8145X6N to reboot again. 

 

3. Now the next step depends on whether your home/business setup uses all Huawei routers with their magical auto-configuration of APs, or not:

 

3a. if you're using all Huawei routers, then plug your HG8145X6N via ethernet cable to the main router and it should magically join the big network and automatically configure its own IP address as well as automatically use the same wireless SSIDs as other routers on your network (this happens because of the default-enabled option "Basic Setup...WLAN... Smart network connection" on the HG8145X6N).  In theory you should be done.  Now you mostly use the Admin GUI of your main router, though from that GUI under "Home Network Status" you can click to access the (now much reduced) admin GUI of the HG8145X6N that you just set up.  But you'll probably never need to configure any of the APs individually.

 

3b. if you're not using all Huawei routers, then you'll need to configure your HG8145X6N as an AP manually.   Use 'ipconfig' again to find the current router IP and log into the router admin GUI using the less powerful admin/aisadmin username/password combination. From here, you may or may not have enough access to configure everything you want.  For sure, you will be able to choose LAN address and wireless SSIDs.  But when I looked through the menus, I didn't see a way to make the HG8145X6N fetch a WAN IP address via DHCP from an upstream router (the unit ALWAYS wanted to treat either its optical port as the WAN or look for an optical device on LAN4 ethernet that it could connect to using PPPoE and then treat that as the WAN).  And I also didn't see any NAT/Firewall options.  However, it could simply be that "AP Mode" does exactly this already (NAT to an upstream WAN whose IP it fetches from DHCP) and so there is nothing to configure.  If you don't have enough control, you might have to repeat step 1 again to change the admin IP back to 10.207.247.1 again to regain access to awnfibre/fibre@dm!n so you can make the settings you need.   I'm not 100% sure that the HG8145X6N is even capable of operating as an AP (with an ethernet WAN, as opposed to an optical WAN) without the proprietary Huawei stuff in (2a) above.  However, I didn't spend time exploring the expanded setup menu choices offered by awnfibre/fibre@dm!n.

 

Either way, now your router is up running in AP mode (looking in "Status...Device Information" you will see the device again identifies itself as "OptiXstar HG8145X6N Repeater Terminal").

 

Good luck!

[lsemprini]

Oh, for step 1 it also occurred to me that the router might only accept the awnfibre/fibre@dm!n login if the client IP is exactly 10.207.247.2 (and not any other 10.207.247.x).  I didn't experiment to make sure, but it seems plausible.  If you follow the instructions in step 1 the router will give out the IP address 10.207.247.2 to your computer, so it will work.  But if there are any other devices on the network at the time of login then it's possible you might need to manually set your computer to 10.207.247.2 in order to assure you get that address, and prevent other devices from connecting.  It's actually a little suspicious that the router gives our computer the address 10.207.247.2 in the case of setting up the network 10.207.247.x, because normally this router will give DHCP clients addresses starting at .100.  It supports the theory that this is all a hardcoded hack for security by obscurity. 

 

Turns out many/most Chinese routers as configured by South-East Asian ISPs have an unbelievable number of hardcoded passwords, insecure telnet servers, insecure TR-069, and other intentional backdoors built in.  For a good summary of the situation for another similar router vendor, google "Multiple vulnerabilities found in FiberHome HG6245D" (this board won't let me link it).  But it's most definitely not only the FiberHome brand.

[topt]

18 hours ago, lsemprini said:

Multiple vulnerabilities found in FiberHome HG6245D

Interesting thanks.

Yet another reasons why I was happy to finally get True to change my Huawei modem/router to a GPON modem only with my own routers behind it using OpenWrt doing all the firewall/dhcp stuff.