2007-10-08

How to recover dial-in passwords from broadband/dsl/cable routers

Ever got into the situation where you need the dial-in password for your ISP and you either lost or forgot it? And it won't be shown in the router's configuration interface or you lost that password as well? And the router configuration is obfuscated when saved into a file? Well, here comes the solution (at least if you run Linux):
  1. Install rp-pppoe (emerge rp-pppoe on Gentoo, apt-get install pppoe on Debian or the equivalent command on your distro)
  2. Create the file /etc/ppp/pppoe-server-options containing the following lines:
    debug
    require-pap
    show-password
  3. Add the following line to /etc/ppp/pap-secrets
    "your ISP login name" * "some bogus password"
  4. Connect the router's uplink port to your computer's network interface and run the following command as root (assuming eth0 is the name of your interface):
    # pppoe-server -I eth0 -F
  5. Now the server should tell you that it's waiting for incoming connections. Trigger a dial-in on your router. When that happens, the password will be printed to the system log in plain text.
Obviously, if your router has an integrated cable/DSL modem, it needs to be disabled first. If the PPTP protocol is used for dial-up, install PoPToP instead of rp-pppoe (adjust the name of the configuration file and the startup command accordingly).