Nokia G-2425G-A - Unlock/Root ~ Step by Step detailed guide

Disclaimer : I'm not responsible if you brick your router in-between the process.

1. Open 192.168.1.1 in any browser
default username password both is admin

2. Go to Maintenance->backup and restore->export config file on your desktop
it will be saved as config.cfg

3. Download & install python on your pc
also download this file(python script) on your desktop


4. Open cmd
type
python C:\Users\XXXXX\Desktop\Nokia-router-cfg-tool.py (replace xxxxx with your windows user)

(4b) now lets decrypt your cfg file first
type
python nokia-router-cfg-tool.py -d OYdLWUVDdKQTPaCIeTqniA==
(4c) now unpack you cfg file to xml
type
python nokia-router-cfg-tool.py -u config.cfg

5. A new file is created on your desktop .xml format
right click & select edit.

(5a) press control+f and type TelnetSshAccount in searchbox then hit enter

now change the values same as below

<TelnetSshAccount. n="TelnetSshAccount" t="staticObject">
<Enable rw="RW" t="boolean" v="True"></Enable>
<UserName ml="64" rw="RW" t="string" v="admin"></UserName>
<Password ml="64" rw="RW" t="string" v="OYdLWUVDdKQTPaCIeTqniA==" ealgo="ab"></Password>

press control s to save the file & close it

6. Go back to cmd & check for repack command to encrypt the edited xml file back to cfg
it will look like this something like this :
type
python nokia-router-cfg-tool.py -ple config-XXXXXXX-XXXXXX.xml 0x4924ea42

(6a) a new cfg file will be created on your desktop.

7. Now go back to router login page 192.168.1.1
(7a) go to Maintenance->backup and restore & click "select" then browse newly created cfg file from your desktop then click import
wait for the router to reboot itself.

8. Now login again 192.168.1.1
Go to Security->Access control and allow both telent & ssh(Wan & Lan)

9. Download MobaXterm_Portable_v21.5 link below

10. Open Mobaxterm & click on Start local terminal
type
telnet 192.168.1.1
user: admin
password: admin

11. After that lets first copy this in your clipboard: '; /bin/sh; #
(11a) go back to mobaxterm
type
enable

type
shell

it will ask for password2, press shift+insert button on your keyboard and hit enter
BOOM now you've root access

(11b) to take the current backup of airtel settings
type
cfgcli dump

type
ritool dump
& save the file by going terminal->save terminal text.

(11c) now to unlock settings
type
ritool set OperatorID ALCL

12. Go back your router login on your browser 192.168.1.1 and BOOOOOOM everything is unlocked, you'll see changes right away

Important : If you plan to stick with everything unlocked using airtel fiber then let it as it is.
Important: If you plan to use this router with any other fiber connection just do a factory reset.
Doing a factory reset will erase, reset & unlock everything. The default router login address will change to 192.168.1.254 with username AdminGPON and password as ALC#FGU

I've personally myself tested this whole process & successfully unlocked 3 routers.

I wish you all good health.
 
J

JSMFPPJK

Messages
48
Location
JK
ISP
BSNL , Airtel Xstream
I have sucessfully unlocked my Nokia g-2425G router and change the operator as well.
But after that my internet is stopped working. I did pppoe configuration and getting ISP timeout (not using airtel internet)any solution?
Is auth blinking , also is your previous patch cord blue colour or green if blue you need to change it to green so as to get it running
 
Brahma

Brahma

Messages
3
Location
Hyd
ISP
Hyd
Hi @Maxx_369 / all,

Can you please post/attach the direct XML/unlocked cfg file here? I'm new to python and unable to decrypt the cfg.

So, I can import the file to the router and see if it can unlock my router.

Thank you.
 
Brahma

Brahma

Messages
3
Location
Hyd
ISP
Hyd
@hunnyhkr May I know what ISP are you using? Is your ISP using VLAN? If yes then you need to configure VLAN also. If possible, share a screenshot of your WAN setup page. But before everything, you should first check the PON link status.
@gmaster I am also facing the same issue
I have unlocked my router. But
Pon status is down
My ISP is railwire
 


vinay vanka

vinay vanka

Messages
1
Location
vuyyuru
ISP
BSNL
Desktop/Nokia-router-cfg-tool.py -d OYdLWUVDdKQTPaCIeTqniA==
Desktop/nokia-router-cfg-tool.py -e admin


C:\Users\vinay>Desktop/nokia-router-cfg-tool.py -u config.cfg
'Desktop' is not recognized as an internal or external command,
operable program or batch file.

C:\Users\vinay>python/Desktop/nokia-router-cfg-tool.py -u config.cfg
python: can't open file 'C:\\Desktop\\nokia-router-cfg-tool.py': [Errno 2] No such file or directory

C:\Users\vinay>python Desktop/nokia-router-cfg-tool.py -u config.cfg

Traceback (most recent call last):
File "C:\Users\vinay\Desktop\nokia-router-cfg-tool.py", line 85, in <module>
cf = open(sys.argv[2], 'rb')
FileNotFoundError: [Errno 2] No such file or directory: 'config.cfg'



i stuck here plz help
 
A

ashuka1993

Messages
1
Location
Bangalore
ISP
ACT
Got the root access btw. I changed the username in TelnetSshAccount from admin to ONTUSER and used admin hash as password and got the root access via SSH.


Btw even after changing OperatorID to ALC, I can edit values on WAN page but still can't apply them.
It says- 'error set XPON_STRUCT'.🤔

Hello. Im also facing same issue. Can you please tell me where to change the TelnetSshAccount to ONTUSER in the unpacked config.
 
R

Rehan ahmad

Messages
3
Location
NA
ISP
Airtel Xstream
I have tried most of the things mentioned in this thread but still unable to unlock Nokia G 2425G A. I am mentioning here what I've tried.
1) Changed the telnetsshaccount to True, Imported the modified config file, login with admin:admin (1st login successful) --> enable --> shell then password2 --> '; /bin/sh; # --> invalid password.
2) Changed the ONTUSER value to true, imported the config file again tried login with ONTUSER:admin (invalid password) / ONTUSER:SUGAR2A401 (invalid password) / ONTUSER:OYdLWUVDdKQTPaCIeTqniA== (someone discussed here to use admin hash, but it is still a invalid password).

From what I can understand from here is you can change username and password for 1st level (user level) but still there is no shell access by any of these methods.
My router software version is: 3FE49362IJHK46
 
pritamcharan

pritamcharan

Messages
1
Location
India
ISP
ACT
This Unlock Method Does Not Worked on 3FE49362IJHK46

and it worked on
3FE49362IJHK03
3FE49362IJHK43
3FE49362IJHK42
3FE49362IJHK33
 
G

gmaster

Messages
14
Location
Kolkata
ISP
Airtel
It seems that after firmware upgrade to the version 3FE49362IJHK46, the password2 for shell has been changed. Now '; /bin/sh; # doesn't work any more. If anyone is able to find the password2 from logs or anything else?
 
KaKaRot820

KaKaRot820

Messages
33
Location
dehradun
ISP
bsnl
It seems that after firmware upgrade to the version 3FE49362IJHK46, the password2 for shell has been changed. Now '; /bin/sh; # doesn't work any more. If anyone is able to find the password2 from logs or anything else?
any updates of the password?