Page 2 of 2

Re: Nighthawk M5 MR5100

Posted: Fri Apr 29, 2022 2:58 pm
by Rich Hathaway
Some specifics would be good like which generator are you using, lock, cnd or mep
AT!OPENLOCK="54D5E3060C0A72D5"
AT!OPENCND="54D5E3060C0A72D5"
AT!OPENMEP="C4F9A0E0A3FADDF0"

Re: Nighthawk M5 MR5100

Posted: Sun May 01, 2022 3:07 pm
by dfkinca
Apologies for my lack of specifics; your AT!OPENLOCK worked to unlock my device. So, THANK YOU!

Having said that, after I successfully changed the password with AT!OPENCND="[mypwd]" command, I accidentally unplugged my device before I could save changes and reboot with an AT!RESET command (I assume that that is the command that saves and reboots, and that no changes are made until that command has been entered - confirmation would be appreciated), so I am back at square one with a (likely stock) password, a "babe" (see below - :) ) of a challenge and a humble request for repeated assistance in please calculating my challenge answer:

Device: MR5200
Challenge (to AT!OPENLOCK? command): BABEB1F731EB95F5

Thanks in advance.

Re: Nighthawk M5 MR5100

Posted: Sun May 01, 2022 6:16 pm
by Rich Hathaway
AT!OPENLOCK="9986D27C2F53443B"
With AT commands, you will either get an OK or ERROR, if you get OK then whatever you were doing
is completed, error of course means it did not work for whatever reason, you don't need to do any AT!RESET for
completed commands sent to work, OK means your device received the command and ran it to completion
with no reported problems.

Re: Nighthawk M5 MR5100

Posted: Sun May 01, 2022 9:06 pm
by dfkinca
Rich Hathaway wrote: Sun May 01, 2022 6:16 pm AT!OPENLOCK="9986D27C2F53443B"
With AT commands, you will either get an OK or ERROR, if you get OK then whatever you were doing
is completed, error of course means it did not work for whatever reason, you don't need to do any AT!RESET for
completed commands sent to work, OK means your device received the command and ran it to completion
with no reported problems.
Thank you for the challenge answer. And, for the updated information about AT!RESET not actually saving the changes to the device. Much appreciated!

Now that I have my MR5200 accessible via root telnet shell (port 23), and the SETCND pwd reset, I get to play with terminal commands. Thoughts on what are up to 5 great ways to optimize performance? (currently running on TMobile/Sprint)

Re: Nighthawk M5 MR5100

Posted: Wed May 04, 2022 1:28 pm
by kip.lawson
@Rich Hathaway Just curious... Is there a "tutorial", for lack of a better term, for a better understanding of band locking on the MR5100? I've owned a MR1100 for a couple years now and know that one quite well and now have an MR5100 that I've already done some work on. What I don't get just yet is the band locking part.

One extra thing I'm curious of is finding out just exactly what 5G band(s) I get in my area...if any. I've read about the Field Test Mode and have ran it on my sons iPhone 12 but now can't recall if it showed what 5G bands were coming in.

Re: Nighthawk M5 MR5100

Posted: Thu May 05, 2022 8:47 am
by Rich Hathaway
kip.lawson wrote: Wed May 04, 2022 1:28 pm @Rich Hathaway Just curious... Is there a "tutorial", for lack of a better term, for a better understanding of band locking on the MR5100?
Not that I know of but its simple, just make a new slot for the band you want to lock to and use the mobile app to select the device to use that slot, then it will be locked to the band in that slot

kip.lawson wrote: Wed May 04, 2022 1:28 pm One extra thing I'm curious of is finding out just exactly what 5G band(s) I get in my area...if any. I've read about the Field Test Mode and have ran it on my sons iPhone 12 but now can't recall if it showed what 5G bands were coming in.
There are a million apps you can use for ios or droid devices to see what being broadcasted in your area, or alot of devices will show you what they see in the admin page if you select manual network then search it

Re: Nighthawk M5 MR5100

Posted: Mon May 09, 2022 12:45 am
by Newbie101
speakerhead wrote: Mon Aug 09, 2021 9:15 am I'm using AT&T unlimited phone plan. I use tmobile myself for me and my families phones but I live in a very rural area and only get 10-15 with them. The next town over though I'm getting 300 on my phone and it's amazing!

As far as antennas I'm just using the internals. I have a few yagis and other antennas lying around but haven't tried them on this yet but I plan on trying them out and seeing how they do. I'll post results if anyone is interested.

Also yesterday they pushed out a firmware update on it and I'm now getting 150-170 with a slight upload bump. For the price point I certainly think it's a worthy upgrade over the M1, especially if I ever get a 5g singal.

Thanks for this helpful info I’m new to all of this stuff I currently have a nighthawk m1 with the AT&T unlimited plan and want to upgrade to the m5 but have read other forums saying there is a difference in SIM card size

Re: Nighthawk M5 MR5100

Posted: Mon May 16, 2022 8:30 pm
by Phreak480
Rich Hathaway wrote: Tue Dec 07, 2021 1:47 pm
SuttonX wrote: Tue Dec 07, 2021 8:02 am I just want to make sure that on AT&T's end it just looks like I'm browsing directly on my "phone" all day and not hotspotting it
That has nothing to do with the apn, to keep them from seeing you are sharing data with other devices you need to adjust the time to live value not the apn, and then set the other values they see with every data packet request which is the meid/esn and fid.
Every time your device request's data from the switch it sends these in its request so all they have to do is look to see what device you are using.
you can adjust the apn if you wish, it is adjustable via userland controls in the ui.
If you can't set it, you may be on the new update just pushed a few days ago it now blocks ports and hides the modem (no telnet) I just saw one with it yesterday that someone mailed in, had to get around it to do anything with the M5 now, my devices here have not taken that update yet, so good advice for anyone who's device has not had that update is to disable ota so it won't update to it. I don't remember the version I am not by that pc at the moment but if your ports are still working then you have not gotten it yet.
Is there a method for us regular folks to gain access to telnet if a device has taken the update?

Re: Nighthawk M5 MR5100

Posted: Wed Jul 06, 2022 7:19 pm
by mmicall
I am looking to add some bands to my MR5100 - how do you do it? Can someone point me in the write direction - I am computer literate -can work telnet and programming....

M

Re: Nighthawk M5 MR5100

Posted: Fri Jul 08, 2022 3:36 pm
by Rich Hathaway
Phreak480 wrote: Mon May 16, 2022 8:30 pm
Is there a method for us regular folks to gain access to telnet if a device has taken the update?
AT!TELEN=1
AT!CUSTOM="RDENABLE", 1
AT!CUSTOM="TELNETENABLE", 1
mmicall wrote: Wed Jul 06, 2022 7:19 pm I am looking to add some bands to my MR5100 - how do you do it? Can someone point me in the write direction - I am computer literate -can work telnet and programming....

M
This device comes with a slot that has all bands enabled on it, you can use the mobile app to see the
device's default band slots. It is named as such, I can't remember for sure what it is but its something like
"ALL-BANDS" you can reverse the bitmask and see what bands it is set to handle if you wish to know.

Re: Nighthawk M5 MR5100

Posted: Mon Jul 25, 2022 12:20 am
by suprguy
Rich Hathaway wrote: Fri Jul 08, 2022 3:36 pm
Phreak480 wrote: Mon May 16, 2022 8:30 pm
Is there a method for us regular folks to gain access to telnet if a device has taken the update?
AT!TELEN=1
AT!CUSTOM="RDENABLE", 1
AT!CUSTOM="TELNETENABLE", 1
mmicall wrote: Wed Jul 06, 2022 7:19 pm I am looking to add some bands to my MR5100 - how do you do it? Can someone point me in the write direction - I am computer literate -can work telnet and programming....

M
This device comes with a slot that has all bands enabled on it, you can use the mobile app to see the
device's default band slots. It is named as such, I can't remember for sure what it is but its something like
"ALL-BANDS" you can reverse the bitmask and see what bands it is set to handle if you wish to know.
Apologies I'm a noob but wouldn't you need telnet enabled to send those AT commands to reenable telnet? Also, how to disable OTA updates?

Re: Nighthawk M5 MR5100

Posted: Mon Jul 25, 2022 6:52 pm
by Rich Hathaway
You can send them to the modem port to re-enable telnet on port 5510

Re: Nighthawk M5 MR5100

Posted: Tue Jul 26, 2022 8:42 am
by suprguy
Rich Hathaway wrote: Mon Jul 25, 2022 6:52 pm You can send them to the modem port to re-enable telnet on port 5510
Ah, I think I was just confused. you mean using edl. I'll have to fiddle with it more.

Regarding disabling OTA updates, found this thread: https://wirelessjoint.com/viewtopic.php?t=3435. Is that the best way to accomplish?

Re: Nighthawk M5 MR5100

Posted: Tue Jul 26, 2022 3:49 pm
by Rich Hathaway
I do not use edl for the most part, I only use BK's python script for generating a challenge response.
Its easier for me to just use putty and the serial port as I have it scripted into a one click tool as you can see below.
challenge generator.PNG

Re: Nighthawk M5 MR5100

Posted: Tue Jul 26, 2022 10:00 pm
by suprguy
Rich Hathaway wrote: Tue Jul 26, 2022 3:49 pm I do not use edl for the most part, I only use BK's python script for generating a challenge response.
Its easier for me to just use putty and the serial port as I have it scripted into a one click tool as you can see below.

challenge generator.PNG
ok, I see. Was the thread I linked above the best way to disable OTA updates?

Re: Nighthawk M5 MR5100

Posted: Thu Aug 11, 2022 9:55 am
by M5100
Can you help me rich ? I just want to band lock my M5100 but I’m totally new to this game & have no idea where to start can you please break it down for a newbie ?

Re: Nighthawk M5 MR5100

Posted: Fri Aug 12, 2022 8:36 am
by Rich Hathaway
suprguy wrote: Tue Jul 26, 2022 10:00 pm
Was the thread I linked above the best way to disable OTA updates?
[/quote]
Well, it's a way, anyway you can get it done is good

M5100 wrote: Thu Aug 11, 2022 9:55 am Can you help me rich ? I just want to band lock my M5100 but I’m totally new to this game & have no idea where to start can you please break it down for a newbie ?
I'll tell you how to do it but you will have to do your own research as to the specifics, they are in this forum and on the web.
make a new slot and find or calculate if you can't find, a pre calc'd bitmask for the band you are wanting to lock it to and write it via AT command thru either the modem port or to the IP via port 5510, do not write slot 1,2 or 3 only use slots 4 - 9 then you can go in there thru the mobile app and set it to the slot you just wrote having only your band in it thus locking it to that band.
Beware, while an incorrectly formatted command may be rejected, an incorrectly calculated bitmask can be accepted and when this happens your device in most cases will go into a boot loop and need to be recovered, and there is no public firmware for this model to recover it, so be careful, I am not responsible for anything you do to your device, no one is but you.
Chances are there is a pre-calculated cmd with the bitmask for your band already on the net you can use just make sure it does not write over slots 1,2 or 3

Re: Nighthawk M5 MR5100

Posted: Mon Aug 29, 2022 11:20 pm
by M5100
Hey, can you please help me I'm totally new to this I used putty to telnet I'm on trying to lock to the 5G bands n60 & n66 how would I go about get those to lock in separately?

Re: Nighthawk M5 MR5100

Posted: Tue Aug 30, 2022 8:33 am
by Rich Hathaway
Did you not read the above post?
If you are not willing to do a little searching and learning I would suggest you hire someone to do it for you because like I said there is no public firmware out there to recover this device if you bork it.

Re: Nighthawk M5 MR5100

Posted: Tue Aug 30, 2022 10:33 am
by M5100
can i hire u?

Re: Nighthawk M5 MR5100

Posted: Fri Sep 16, 2022 11:21 pm
by dfkinca
Rich Hathaway wrote: Mon Jul 25, 2022 6:52 pm You can send them to the modem port to re-enable telnet on port 5510
So I researched and tried this process on a MR5100 (ATT) with Putty (Windows) using the following settings:
Serial
COMX (where X was the port number for the WWAN network Port under my Device Manager).
I was able to get a Putty terminal window.

First time, I typed in the Telnet enabling command (AT!TELEN=1); ERROR. I decided to reboot device, and start from the top.

Second time, I typed in AT!OPENCN? , got a challenge, inputted it into the EDL pythonscript I have setup, got a challenge response, then input that in the terminal window as follows (AT!OPENCN="[challenge response]"); ERROR (again). I decided to reboot device, and start from the top.

Did it a couple of more times like the second time, and one time trying AT!OPENLOCK?, all with similar result.

Then, did it one last time and was not able to connect via Putty through the Serial port anymore. I freaked out thinking I might have "broken" something and decided to ask for more info from the forum.

Questions:
1. When you stated "send [the re-enable telnet commands] to the modem port", is the procedure I outline above (Putty using Serial & WWAN port number) what you meant? Or, if you meant something else, can you provide links and/or input?
2. I read somewhere about an e-fuse for these devices (MR5100, and my newly acquired MR6500); with that last inability to connect by me, did I screw myself by tripping an e-fuse?

Thanks in advance for any feedback (from Rich or anyone else).

Re: Nighthawk M5 MR5100

Posted: Sat Sep 17, 2022 8:22 am
by Rich Hathaway
Just do the factory reset (unless you have something on it you don't want to lose)
then you should have access with putty again, as for your errors in the challenge and response
Not enough info for someone to help you figure this out.
run one again and post the challenge, command you used and your calculated response and maybe you can get some help.

Re: Nighthawk M5 MR5100

Posted: Sat Sep 17, 2022 2:10 pm
by dfkinca
Rich Hathaway wrote: Sat Sep 17, 2022 8:22 am Just do the factory reset (unless you have something on it you don't want to lose)
then you should have access with putty again, as for your errors in the challenge and response
Not enough info for someone to help you figure this out.
run one again and post the challenge, command you used and your calculated response and maybe you can get some help.
Thanks for the prompt response.

Factory reset, and got the following (after connecting using Putty (Windows) via Serial connection (on COMX. where X is port number for WWAN (Modem?)):
AT!OPENLOCK?
18A7934D4CE3095A

Calculated response I get from inputing into EDL python script using the following command (python sierrakeygen.py -C 18A7934D4CE3095A -d SDX55):
AT!OPENCND="3BB2D9717BFAD7BC"

I have not yet inputted the calculated response into my Putty terminal window. My device (MR5100) remains connected to Windows computer via Putty/Serial/COMX.

A few questions:

1. Is the above calculated response accurate (i.e., what you get as well from your python script)?

2. And, why is calculated response AT!OPENCND= (instead of "ATIOPENLOCK=")?

3. How do I input calculated response to device (I still have device connected via Putty/Serial/COMX)? Do I just type into the Putty terminal window:
AT!OPENCND="3BB2D9717BFAD7BC"?
AT!OPENLOCK="3BB2D9717BFAD7BC"?
Single quote or double quotes?

Or, do I type in something else?

4. Assuming all works as expected, please confirm that the following commands are what I type in (still with device connected via Putty/Serial/COMX') to re-enable Telnet:
AT!TELEN=1
ATICUSTOM="RDENABLE", 1
ATICUSTOM="TELNETENABLE", 1

5. Please confirm that after I have re-enabled Telnet via the above process, I can also allow myself future device access without the EDL python script challenge/response by:
A. changing my password to device (via the AT command AT!SETCND="zzzz" where zzzz is my own custom key), and
B. entering at a future time AT!ENTERCND= "zzzz" to unlock AT commands

6. Same questions 4-5 above, but for the MR6500. Also as a gating item, when I type in to the EDL challenge response generator (no quotes) "python sierrakeygen.py -c [challenge trom Putty/serial/COMX] -d SDX65", I get an error message from the EDL challenge response generator saying that SDX65 is not supported, so should what I type in to the EDL challenge response generator be something else?

Thanks in advance for any assistance to the above.

Re: Nighthawk M5 MR5100

Posted: Sat Sep 17, 2022 6:55 pm
by Rich Hathaway
You should send your response back to it as soon as you get it and try not to wait, if you wait to return it to the device then just recalc the challenge first again and discard the first (the old) one.
you generated it correctly.

those 2 commands generate the same response but you still need to return the correct one you are meaning to send
and yes put them in like you have them without the ?
send those 3 commands and reboot then you should have telnet again, check ports 5510 and 23
and dont use any SDX65 key, use the same as you do for the M5's
telnet should stay on for you between reboots.

Re: Nighthawk M5 MR5100

Posted: Sun Sep 18, 2022 2:32 pm
by dfkinca
Rich Hathaway wrote: Sat Sep 17, 2022 6:55 pm You should send your response back to it as soon as you get it and try not to wait, if you wait to return it to the device then just recalc the challenge first again and discard the first (the old) one.
you generated it correctly.
Thank you for your confirmation; everything worked. On 3x different Netgear hotspots (MR5100, MR5200, MR6500).
Rich Hathaway wrote: Sat Sep 17, 2022 6:55 pm telnet should stay on for you between reboots.
Telnet stays on between reboots. Does NOT survive factory reset.

One question: I saw that you (Rich) provide services related to IMEI, FID and TTL fixes for hotspots. What is "FID"?

Re: Nighthawk M5 MR5100

Posted: Sun Sep 18, 2022 7:09 pm
by Rich Hathaway
FID= Factory ID

Re: Nighthawk M5 MR5100

Posted: Fri Dec 30, 2022 10:41 pm
by hitokiri
Rich Hathaway wrote: Wed Aug 11, 2021 9:48 am This not something that can be done at a userland level it requires some knowledge of baseband level modification. These type of edits on difficult devices and os's is how I make my living so forgive me for keeping it close for a while I will post my tool publicly after this device is older, I will do one free for you if you need it, but it is a service I normally sell, I have it automated now and it can now be done remotely, this tool is several thousand lines of code and was alot of work so I wont be giving the work away just yet. I was just correcting this thread in the fact that it can be done, hit me up and ill do one for you, it works pretty well on verizon prepaid's $60 plan or the postpaid add a line plan for $20 I have also put them on the connected car plan for $20 it is a pretty fast device, it also can be locked to work on 5g unlimited, I do need someone in a ultra wideband area to test it for me, in regular 5g area here it gets around 600mbps down or a little less, upload is alot slower I am still working on that
Hi. I am planning to buy a MR5200 and have it work with a T-Mobile Tablet Unlimited Plan. If I am understanding correctly, I believe you are capable of doing the necessary modifications to make this work. I would like more information on whatever or not this can be done and how much will it cost? I am new to the forum, so I am not yet able to send DMs, but if you could DM me the info I will appreciate it. Thank you!

Re: Nighthawk M5 MR5100

Posted: Sat Dec 31, 2022 8:48 am
by Rich Hathaway
HI if you are going to buy a M5 for use on tmobile, I would suggest to buy a M2000 instead, they are much cheaper and will run much faster on tmobile, see mine in the pic below.

"https://i.ibb.co/HCjNMQR/speedtest2.jpg"

Re: Nighthawk M5 MR5100

Posted: Thu Jan 05, 2023 1:39 pm
by hitokiri
Will it be possible to have it work with the t-mobile tablet unlimited plan?

Re: Nighthawk M5 MR5100

Posted: Thu Jan 05, 2023 3:06 pm
by Rich Hathaway
Yes mine is on the 10$ biz tab plan on tmo. It needs flashed and dethrottled to work and to have speed like this

Re: Nighthawk M5 MR5100

Posted: Thu Jan 05, 2023 9:37 pm
by hitokiri
If I get it, would you accept providing your services to have this setup? Can it be done remotely or would you require the hotspot to be sent to you?

Re: Nighthawk M5 MR5100

Posted: Fri Jan 06, 2023 10:04 am
by Rich Hathaway
This is not the proper place to solicit services, see link below.

viewtopic.php?t=2696

Re: Nighthawk M5 MR5100

Posted: Fri Jan 06, 2023 8:11 pm
by hitokiri
My apologies. Thank you for the link. I should have ask for that instead.

Re: Nighthawk M5 MR5100

Posted: Tue Jan 10, 2023 12:48 pm
by hitokiri
Rich Hathaway wrote: Sat Dec 31, 2022 8:48 am HI if you are going to buy a M5 for use on tmobile, I would suggest to buy a M2000 instead, they are much cheaper and will run much faster on tmobile, see mine in the pic below.

"https://i.ibb.co/HCjNMQR/speedtest2.jpg"
Question. Using tethering with the M2000, instead of WiFi, should not limit this speed, correct?

Re: Nighthawk M5 MR5100

Posted: Tue Jan 10, 2023 1:19 pm
by Rich Hathaway
No, it will prob be somewhat faster than the wifi.

Re: Nighthawk M5 MR5100

Posted: Tue Jan 10, 2023 5:06 pm
by hitokiri
Ok. Thanks.

Re: Nighthawk M5 MR5100

Posted: Thu Feb 29, 2024 7:04 pm
by M5100
what if I wanted to lock to only 5G band example NR5G band 30 can someone give me example better explanation how to accomplish this I'm using my mr6500 with everything unlocked so I can run commands and do whatever.