Nokia G-2425G-A - Unlock/Root ~ Step by Step detailed guide

Disclaimer : I'm not responsible if you brick your router in-between the process.

1. Open 192.168.1.1 in any browser
default username password both is admin

2. Go to Maintenance->backup and restore->export config file on your desktop
it will be saved as config.cfg

3. Download & install python on your pc
also download this file(python script) on your desktop

Source

4. Open cmd
type
python C:\Users\XXXXX\Desktop\Nokia-router-cfg-tool.py (replace xxxxx with your windows user)

(4b) now lets decrypt your cfg file first
type
python nokia-router-cfg-tool.py -d OYdLWUVDdKQTPaCIeTqniA==
(4c) now unpack you cfg file to xml
type
python nokia-router-cfg-tool.py -u config.cfg

5. A new file is created on your desktop .xml format
right click & select edit.

(5a) press control+f and type TelnetSshAccount in searchbox then hit enter

now change the values same as below

<TelnetSshAccount. n="TelnetSshAccount" t="staticObject">
<Enable rw="RW" t="boolean" v="True"></Enable>
<UserName ml="64" rw="RW" t="string" v="admin"></UserName>
<Password ml="64" rw="RW" t="string" v="OYdLWUVDdKQTPaCIeTqniA==" ealgo="ab"></Password>

press control s to save the file & close it

6. Go back to cmd & check for repack command to encrypt the edited xml file back to cfg
it will look like this something like this :
type
python nokia-router-cfg-tool.py -ple config-XXXXXXX-XXXXXX.xml 0x4924ea42

(6a) a new cfg file will be created on your desktop.

7. Now go back to router login page 192.168.1.1
(7a) go to Maintenance->backup and restore & click "select" then browse newly created cfg file from your desktop then click import
wait for the router to reboot itself.

8. Now login again 192.168.1.1
Go to Security->Access control and allow both telent & ssh(Wan & Lan)

9. Download MobaXterm_Portable_v21.5 link below

MobaXterm free Xserver and tabbed SSH client for Windows

The ultimate toolbox for remote computing - includes X server, enhanced SSH client and much more!

mobaxterm.mobatek.net

10. Open Mobaxterm & click on Start local terminal
type
telnet 192.168.1.1
user: admin
password: admin

11. After that lets first copy this in your clipboard: '; /bin/sh; #
(11a) go back to mobaxterm
type
enable

type
shell

it will ask for password2, press shift+insert button on your keyboard and hit enter
BOOM now you've root access

(11b) to take the current backup of airtel settings
type
cfgcli dump

type
ritool dump
& save the file by going terminal->save terminal text.

(11c) now to unlock settings
type
ritool set OperatorID ALCL

12. Go back your router login on your browser 192.168.1.1 and BOOOOOOM everything is unlocked, you'll see changes right away

Important : If you plan to stick with everything unlocked using airtel fiber then let it as it is.
Important: If you plan to use this router with any other fiber connection just do a factory reset.
Doing a factory reset will erase, reset & unlock everything. The default router login address will change to 192.168.1.254 with username AdminGPON and password as ALC#FGU

I've personally myself tested this whole process & successfully unlocked 3 routers.

I wish you all good health.

 

[nionindia]

Great! 😊

3SbVWOPcwO1PtOTi4KkNPg== this is the password that worked for you right? Is would be great if you could share me your configuration file after Airtel configures/provisions your router? Do encrypt it with you serial number so that no one else gets to see the contents inside. This will allow me to reverse the compiling process and make sure that everything is working on two devices (mine & yours)

Also I was wondering why you factory reset the router? One can enable all the disabled or grayed out web settings just by entering this command scfgtool set OperatorID ALCL. You don't even have to reboot the router, just refresh the WebUI and everything will be enabled.

---

For everyone else; who has had problems with thedriodgeek's script with the zlib error & fw_magic as 0xffffffff. Nokia encrypted the configuration file differently in newer versions then before, which means that the script only works if your software version has not been upgraded. I think that version is HK46 looking at the comments around the forum.

I dont have airtel ISP so. i wont be able to share config when airtel configures it. i can share you cfg file after factory reset is done if you need one.

Also, i factory reset it and remove the default xml configs on all router that we use.

 

[Epoch101]

@alexb Thanks a lot man!! Got everything done and working. Getting public IPv6 now.

@kernelpanic Do you know the PPPoE Credentials of Airtel? I'm unable to access the internet after full unlock.

 

[Axer]

Thanks @Maxx_369 I have created new config file

Trying to access router via MobaXterminal
Telnet 192.168.1.1
User:admin
Password:admin

I get the following error after entering password as "admin" and click enter.

Login incorrect

Can you help to solve this issue...

Thanks in advance..

 

[KaKaRot820]

I dont have airtel ISP so. i wont be able to share config when airtel configures it. i can share you cfg file after factory reset is done if you need one.

Also, i factory reset it and remove the default xml configs on all router that we use.

Hey, can you share the config file with me too please.

 

[Soumil]

The password does not look like a real "password" as such..., it looks like the old authentication script was a poorly written one, which had some arbitrary code execution vulnerability. Most likely the new software update has fixed that issue, and hence, the code injection to get a shell does not work now.

 

[noinnepal]

Has your HK46 version been cracked @nionindia ? It seems like i got the same error as you. Can you share the password

Also seems like @partyship is no longer existing here, I was able to get the link before he removed his account, we can contact him there t.me/partyship :telegram:

 

---

[noinnepal]

@nionindia partyship provided me the password of the configuration zip file, will it be ok to share it here?

@KaKaRot820 contact him via telegram

 

[shuvendu]

I have been able to follow all the instructions and unlock my G-2425G-A router.
But after that I am not able to connect to internet. I am getting ISP time out while connecting.

Let me explain my scenario. I have got this router from one of my friend who was using the router with Airtel Xstream fiber. I also have a Airtel fiber connection but some other brand router. Now I want to use this Nokia router (which was actually issued to my friend) on my Airtel fiber line.

Post unlocking the router I have updated the DSL account username and password in the Wan settings. But still it is not connecting to the ISP, getting timed out.
Here are the errors i found in the logs:

syslog 5112 - - open /tmp/brasinfo.txt failed in reading bras entry
syslog 3951 - - Web: invalid account authorization failed
dhcpd 2157 - - DHCP-Comm:dealRequestMessage() deal DhcpInform Resp- failed.DHCP request port-1, A0😀3:C1:71:03:A6 RequestIP-2501A8C0 XID-83ef7b5b

So in-short, I am trying to use the airtel Nokia router issued to someother user on my airtel fiber connection. Is this possible? Do I need to clone the MAC, S/N? Any help on this is highly appreciated.

 

[nishantt6969]

clone GPON serial number then it will work.

 

[shuvendu]

@nishantt6969 how to clone GPON serial number?

 

[Slimshady]

@nionnepal were you able to get root access for hk46 firmware. The old password isn't working .

 

[Rohan123]

Cant able to type AONT Password

 

[nishantt6969]

@shuvendu you can clone only if the router allows you to do so. In Huawei ONT there is an option to change serial number but as far as I know Nokia does not have any such thing, and even if it has, its probably locked for customers.

 

[Slimshady]

Cant able to type AONT Password

Yeah admin:admin works for me

 

[Slimshady]

If anyone has any updates regarding hk46 shell password then plz do share....