Skip to main content

Obfuscation will never work.

Hello again, sweet readers !

OpenRG is an embedded OS for routers.
It's based on Linux and it's inside many ISP
routers out there.

Inside OpenRG configuration file,
passwords appear in a way that can seem
to be crypted, but it's just obfuscated.

For example:

Above you can see a simple deobfuscator.

You can try it with:




  1. Nice find Zibri!
    My router works fine except for the flaky wifi part.. Will look into this!


  2. Italian speaking people can read the explanation here:,

  3. Great, you saved me lot of trouble with my Pirelli modem :) Thanx soooooooo much!

  4. Hey Zibri! How about the new ziphone version? Any informatione about it?

  5. so this basically de-encodes the password to access a wireless modem? and what do I need to see the encoded password?

  6. you should put an eye on the motorola droid! I would love it if you were the one who unlocked it! Still have plenty of faith in you man! keep it up!

  7. Hey Zibri, I have a question: Why did you leave the JB Community and stop creating jbs?

  8. John.. hmm for the moment.. yes..
    I could come back in a near future or on the next product (tablet?)

  9. Another question directed a Zibri... Why don't you make a Custom Firmware for PS3 or PSP... The scene for PS3 hacking/back-up loading hasen't even begun... Everybody's waiting for the new PSP to get hacked..... Hope you reply...

  10. +1 on the ps3 custom firmware, hate that I have to convert .mkv files to .mpg :(

  11. Send me a ps3 then... I still have my faithful ps2 .. yah I know.. I'm not a gamer :)

  12. I'm sure if you post on your blog that you want a PS3 to do some testing/hacking somebody will give you one. After all your Zibri, famous iPhone hacker. :) I hope you take my advice seriously.

  13. i do believe there is a product coming your way to jailbreak.... so keep an eye out...

  14. @Joe:
    Like what?

    I won't do that.. I have too many things now.
    And I usually don't ask.
    As I said I'm not into gaming so much.

  15. @Zibri & @Joe Are you referring to the Apple Tablet rumour??

  16. (password(&ce;hW&c9;&9e; Y&d3;))
    how can me know hash and how decrpt this

  17. Sorry.. the "cat" was out of order. Now it's fixed. :D

  18. hi bro how or what this hash type
    (password(&ce;hW&c9;&9e; Y&d3;))
    how u know hash type
    md5 or what
    if u can help me what tools u use

  19. it's NOT a hash. It's an obfuscated string.


Post a Comment

Popular posts from this blog

TP-LINK Configuration file encrypt and decrypt.

Here we go! TP-Link is another company that thinks that security by obscurity could ever work. If you "backup" the configuration from most TP-Link routers, you will get a .BIN file which is "encrypted". Use this utility below, to decrypt it (so you can edit it) and encrypt it again. Have fun. Drop files here or

Powerline Ethernet fun and secrets.

Many 200 Mb/s powerline adapters nowadays are based on the INTELLON 6300 chipset. Despite what can be thought looking at them, they are all using the same hardware and firmwares. I heard many people with Netgear XAV101 or Linksys PLK 200 or PLE 200 having problems after firmware updates and many other people with other brands having much more problems because of lack of support or configuration/upgrade utilities. So let me explain a few things I learnt studying them. Many of 200 Mb/s powerline ethernet adapters follow the "HomePlug AV" standard. (85 Mb adapters use HomePlug 1.0 standard which is completely different). This standard uses ethernet broadcast packets using the HomePlug AV protocol. The interesting thing is that their firmware is made of two different parts: a .PIB file (Parameter Information Block) and a .NVM file (the code itself). In the P.I.B. there are many interesting things: The branding (mac address, device name, etc) and the tone map. I test


Hello again! Many of you probably hate as I do CORS because it hinders the very nature of internet, which is SHARING. There are some services to circumvent this commercial  restriction, one of these is the famous "cors anywhere". So yesterday I decided to make my own and allow you to make your own in only 2 minutes. To do so you just need a cloudflare account (can be set up in 1 minute). The you can upload my worker on it and have your personal very fast cors proxy! So, enough talk, just head to: The is also a demo online at: Enjoy! Zibri