#modem #password-generator #arris #commscope #potd #docsis

rspotd

Generate ARRIS/CommScope Password of the Day for modems

2 unstable releases

0.5.0 May 5, 2024
0.4.0 Apr 24, 2024
0.3.0 Apr 24, 2024
0.2.3 Apr 22, 2024
0.1.7 Dec 31, 2021

#479 in Authentication


Used in rspotd-cli

MIT/Apache

19KB
308 lines

RsPOTD

Rust library to generate an ARRIS-compatible password of the day. Inspired by arrispwgen.

The original author essentially reverse-engineered the algorithm after poking modems. Thank you so much @borfast for this incredible work. I ran into a few niche issues based on my needs/specific seed that I hope this project will rectify.

First, the upstream project seems to lock you to a seed between 8-10 characters. The original ARRIS tooling to generate these passwords actually only allows seeds between 4-8 characters. (I find this strange, considering that the default ARRIS seed is 10 characters in length)

Second, if you supply a seed of less than 10 characters, the upstream project will present a password of the same number of characters. So an 8 character seed will yield the correct first 8 characters of the password, but will not provide the full password.

Third, if you supply a seed of less than 8 characters, the upstream project does not appear to output anything at all. The way ARRIS handles the seeds is to iterate through the seed, appending each character to the end of the supplied seed. For example, a seed of "ABCD" is a valid seed, however in effect it will become "ABCDABCDAB".

Fourth, as much as I would love to contribute upstream fixes rather than a fork/port, the upstream project was written in TypeScript and packaged via NPM. I do not have experience with either of these technologies, and as such a port became much more viable.

Usage

Single date

The generate() function accepts two keyword arguments.

  • date: Accepts a single date in ISO format (i.e., 2021-07-23)
  • seed: Accepts a seed between 4 and 8 characters

Using ARRIS default seed

use rspotd::{generate, vals::DEFAULT_SEED};

generate("2021-07-23", DEFAULT_SEED).unwrap();

Output: O9W2Q1O16V

Using custom seed

use rspotd::generate;

generate("2021-07-23", "ABCDABCD").unwrap();

Output: F32CAZCJLU

Range of dates

The generate_multiple() function takes a start and end date, as well as an optional seed.

Using default seed

use rspotd::{generate_multiple, vals::DEFAULT_SEED};

generate_multiple("2021-07-23", "2022-07-28", DEFAULT_SEED).unwrap();

Output (truncated):

{
    '07/23/21': 'O9W2Q1O16V',
    '07/24/21': '2SEIWWLZL1',
    '07/25/21': 'ZOU3MWRZN0',
    ...
}

Using custom seed

use rspotd::generate_multiple;

generate_multiple("2021-07-23", "2022-07-28", "ABCDABCD").unwrap();

Output (truncated):

{
    '07/23/21': 'F32CAZCJLU',
    '07/24/21': '95L0GFUNCC',
    '07/25/21': 'CSBLM119CH',
    ...
}

Creating DES representation of seed

Creates the required dot-delimited hex string correlating to the provided seed DES-encrypted.

The value provided by this function can be added to a modem configuration file, and a modem with this config will subsequently respond to a password of the day generated by the same seed used to create the DES-encrypted value.

Note: you cannot configure your modem from the subscriber-side. Your modem downloads its configuration typically via TFTP from a server inside your ISP's infrastructure.

The default ARRIS/CommScope value is provided if you use the default seed. I have not yet figured out how they generate the DES-encrypted value with a seed that exceeds a block size of 8, so I have to hardcode the value.

In the official tooling, the DES value is not provided if you select the "Use default seed" checkbox, and as far as I can tell, the software maintains a firm understanding throughout that your seed is between 4 and 8 characters.

Only one such value will exist for any number of passwords of a given seed; the modem infers the seed from this value.

use rspotd::seed_to_des;

seed_to_des("ASDF").unwrap();

Output:

"3F.94.E2.AA.46.63.AA.78"

Dependencies

~4–5.5MB
~96K SLoC