This worked out great! Bought a nighthawk m6 off Amazon and the cheapest cricket 5g phone and followed your video. Took about 4 hours because I had hiccups along the way that I had to fix and to get the correct APN but it all worked out and now I have unlimited unthottled internet on the road.
That's great that you had success with Cricket. I tested Cricket on the M5 and M6 and had an issue with it often booting into a unusual state while having a Cricket SIM card inserted and showing the USB logo in the status bar. I would be interested in knowing which APN settings you used.
The night hawk M6 pro i got off amazon was a refurbished unit that was already unlocked. Only complaint with it is the battery no holding a decent charge so i just leave it plugged in. The APN settings that was provided didnt work for me so instead i went on to the cricket phone and copied the APN settings onto the nighthawk and work instantly @@developer-of-things
@@developer-of-things My m6 pro shows mobile broadband disconnected. It seems that it can't obtain an IP address, I suspect there's a problem with the APN. I've tried various combinations and it still doesn't work. Do you have a way to make Cricket work?
@@1percentsync I have had issues with Cricket. It would work much better with ATT. However you mentioned you got a cheap cricket phone. Would that happen to be the Moto G Stylus 5G? That phone is pretty easy to root and once rooted you could follow another video I have to use hotspot as cellular data and not count it towards hotspot data.
tested on m6 pro for 100+gb,word fine,but require a manual airplane mode on and off or switch apn to register to network,don't know why@@developer-of-things
I have a nighthawk M6 pro and it turns off from the battery getting too hot, but works if I remove the battery and cover for better cooling. Is there a fix for this? I was considering attaching a phone cooler to it because it still gets very hot...Any better options for 5g hotspots you could recommend?
I don't believe there is a good option on the market for a 5G hotspot right now, however if taking a 5G router around with you is something you could live with then the GL iNet Spitz GL-X3000 is the best option I know of. If 4G speeds are acceptable then the GL iNet MUDI V2 does the job if used on ATT or T-Mobile however the MUDI V2 is a no go for Verizon
Does this work with the latest firmware for the MR6500? (NTGX6S_12.01.48.00) I was going to chage the IMEI through DC unlocker but it said that the current firmware isn't supported. Should I try the solution in the video at all or should I just return the M6 while I still can.
Most likely DC unlocker and this script have the same issue. I assume the keygen used is updated with the new firmware. Either a new keygen will have to be reverse engineered for this device or leaked from Netgear to unlock engineering mode on the router. I would say just return it and for now go with something like the MUDI V2 hotspot. I have a video on that and it's easy to set up for unlimited hotspot.
Great job - everything went well using nighthawk m6 att 6500 model but I dont see my visible (verizon) APNs selection in GUI from apns.xml file I created - I only see the automated apn in the gui which I believe it wouldn't have the dun entry. Please advise.
Googleing the APN settings for Visible I see the APN name that came up was VSBLINTERNET, you would create a new APN item in the apns.xml and just set the pid attribute to the next index number apn-x as in apn-1, apn-2, ... You could verify your APN for your SIM card by inserting the card into an Android phone which will display the APN config in the settings.
@@developer-of-things Thanks again - i will look around forAPN setting...As far as the speed goes, it has been great. I used G-NETrak Lite app to identify the best signal location in my house, I place my unit in attic where I noticed strongest 5G signal and my download test result has reached as high as 1.2G download. BUT bufferbloat causing it to be unbearable playing high intense video games due to high latency. If I can fix the latency issue, this unit will be perfect.
@@joshmuluba9091use a VPN to remove throttling restrictions on media content. I have used ExpressVPN and NordVPN and they both drastically speed up video playback
I know we called about it but just for others to see, if your hotspot is locked to ATT then DC Unlocker is the best tool for unlocking for other carriers. I believe you mentioned it was just $10. Also you could unlock for free if the carrier contract is completed.
I sold the Nighthawk hotspots that I had and bought 5G routers that support all the bands that I need out of the box and get faster speeds than the Nighthawk hotspots. I experimented with configuring cellular bands on the Nighthawk hotspots when I had it with success on the 4G bands but not with a 5G bands. Since I don't have the Nighthawk hotspots anymore I can't reproduce instructions and there are better 5G routers on the market now, the Nighthawk hotspots might be the best 5G hotspots currently on the market due to a lack of options in the hotspot market but the difference between that and the 5G routers was enough for me to take a 5G router around or with me and use it like a hotspot.
Wish there was a way to unlock bands n41 and n71 for 5G T-Mobile it's currently just using LTE bands since it's a AT&T device. Have to buy the new MR6550 model at some point and try to mod it.
@@duyoan9192 A Google search for this brings some good results "AT command band locking nighthawk" Here is a guide for how to calculate the bands and set them with AT commands. This guide uses the Nighthawk M1 but the same idea applies to later models. www.waveform.com/a/b/guides/mr1100-band-locking
@@duyoan9192 I believe the Nighthawk M6 has an option to lock to certain bands in the admin panel. I think I saw it at some point but I've also done band locking on cell phones so I could be confusing the two.
Hi I have a NetGear M6 Pro mr6500 device from AT&T and I unlocked the device and I tried many firmware to get n41 band and n78 band but nothing changed, and I tried to add those bands bay a command but I failed to do it, so it possible to do that or is this thing impossible?
I am using MR 6450 (NTGX65_12.01.05.00) and successfully follow your step to change the imei. After upgrading to version NTGX65_12.01.05.00, the method above no longer worked. The whole process is still complete successfully without any error but after reboot the device will use back the factory default imei. Any ideas? Any method to downgrade it? Thanks
I don't have the Mofi 5500 router but I think I found the AT commands you were looking for. I see there are 4 modem cards this router might come with, but assuming you have the Mofi 5500 with the 5G modem card I searched this query in Google and found an answer on the first link. site:wirelessjoint.com What is the IMEI repair AT command for Sierra Wireless EM9191 cellular module
By default on newer devices port 23 is disabled but I wrote some code into the M6 restore script that unlocks this port. After enabling USB tethering on your device and running the script port 23 will be open. Specifically these lines in the script open port 23 tn.write(b"AT!TELEN=1 ") tn.write(b"AT!CUSTOM=\"RDENABLE\", 1 ") tn.write(b"AT!CUSTOM=\"TELNETENABLE\", 1 ")
I have tested it on the M6 MR6500 & MR6110, also on the M5 MR5100C & MR5200, someone also confirmed it works on one of the M1 models. My Nighthawk routers are all up-to-date and working with this method. I see the keygen is for this specific snapdragon chipset's modem but it works on others. I haven't tried to stop the updates from happening but there might be a way. I imagine it might be a service on the device that needs to be killed. Updates do wipe all your changes and you will have to redo the process from the beginning when one occurs.
@@developer-of-things Cant I just slap a tablet simcard in my hotspot and change the APN settings to broadband? Wouldn't that make it good to go? I heard of people getting it to work like that. Just get some old tablets IMEI and register it to a simcard then slap that sim in the hotspot device, then change APN settings. At least I was told thats how you do it :/
@@rp5m it will most likely count towards hotspot on most carriers and the carrier may even suspend, change, or cancel your line for using the IMEI of a hotspot on a tablet plan.
@@rp5mI used to do that att cracked down on that stuff netbuddy was doing the same thing but charging a crazy 80.00 a month when I could do it myself directly and pay way less about 35.00 a month at the time
I did the IMEI change to a 5G phone, but T-Mobile is still recognizing the traffic as hotspot traffic and I quickly burn through my hotspot data cap. Is there any way around that?
The three things you need are a phone IMEI, correct APN for SIM card also ensuring to set 'dun' in the APN type field in addition to any other comma separated values that are there. Third your TTL should be set to 64 on the router. A point worth noting is this might not work on some software versions on the Nighthawk routers as I've seen people have issues doing the exact same thing that I'm doing.
I followed everything to the "t", command executes and it seems to "repair" the IMEI yet when device comes up same IMEI - im lost - please help. Model: MR6110
I believe an update came out that messed with the process. It worked on my Nighthawks without issues but when I setup meeting with people in the past it was hit or miss if it would work for their Nighthawks. I did stop updating the m6restore repository since I sold my Nighthawk hotspots. I sold my Nighthawks in favor of getting the MUDI V2 hotspot and the Spitz X3000 home router. Both I have been running on ATT and are very straight forward to get running with unlimited hotspot. I made videos on them if you are looking for an easier way to get started that won't likely be blocked.
I tried it with US Mobile warp 5G SIM. It does not work - unable to register. I also tried upgrading to latest firmware. It works without changing IMEI. But we also lose the ability to change IMEI or lock bands. This is strange cuz US Mobile does not allow any tethering without a tether plan.
Without an IMEI change and TTL, it will be identified as hotspot data usage and may still provide data but it will count towards your total data limit. US Mobile isn't totally unlimited and have a fine print high speed data cap of around 50 GB or 70 GB. I don't remember the exact data cap
Some kind of way you would have to repeat the Wi-Fi signal and provide the proxy IP and port numbers. I tried this sometime back but I didn't find a solution for my use case.
I flashed my IMEI number from my TMobile home internet Arcadian modem to my att unlocked nighthawk mr5100 so I can use it instead of the Arcadian modem I used DC unlocker to do it it's about 30 bucks and pretty quick n easy to do it
It's good to hear that DC unlocker works well for you. There are some things I might consider DC unlocker for such as network unlocking a modem. But since it's free to change the IMEI using the method that I did, I would prefer that method for that specific use case.
No update at the moment, I did try to update it using Wi-Fi on data offloading but the update failed. I might try too update over cellular data if I find the time. I have since moved to a cellular OpenWRT router which lends it's self better to modifying.
There could be a lot of reasons for this. I have some questions. What is the IP address under Settings/More/Device Information ? Sometimes it is different than 192.168.1.1 and might look something like 10.X.X.1 Also what ports are open on that IP address? sudo nmap
Depends on what you're trying to achieve. Just changing the IMEI won't give unlimited hotspot data. If you're trying to change it for some other reason such as being grandfathered in on a specific device then you could stop at the part of changing the IMEI.
Netgear Nighthawk M6 Pro (Unlocked) IMEI SV: 13 Firmware Version: NTGX65_12.01.47.00 Firmware Build Date: 2023/11/04 Hardware Version: 1.0 PRI Version: 04.11 Web App Version: MR6550-GENPAS_05.00.94.00 Modem Version: MPSS.DE.2.0-00989-OLYMPIC_GENALL_PACK-1.41921.6.45826.2 Python script ran through, but when M6 Pro rebooted, the IMEI stays the same, and port 23 doesn't show up in the terminal as well. Tried both manually and MacOS automation script.
A lot of people have issues with it now, it seems Netgear must have released an update patching it from making changes in the process. I no longer have the Nighthawk hotspots to test and update the script. Now I use GL iNet routers and hotspot because they are much easier to setup. If anyone wants to still try to fork the m6restore repository and update the code I left on GitHub I would accept updates but I can't test them anymore.
@@developer-of-things Changes were made in later firmwares to lock this down. Too bad someone figured out root access. MR6500-MR6550 Root on WirelessJoint has the root method so this will work again on newer firmwares. Can also prevent auto updates in that forum so if it is patched in the future it won't matter since they won't auto update anymore.
The specific software version I don't know but I did get it working on that device with this process. If you have a Mac then I made an automated script and a 3 minute video on how to use it. It will take care of most of the process and you just need to set the APN settings in the end in the apns.xml file If you use Windows then I made an automated powershell script to do it but it will only take care of (installing dependencies, changing IMEI, unlock telnet) up to the point of starting to telnet session. I was struggling to make that part work on Windows, so it would still be a manual process to set up the TTL service and configure your APN on Windows. The windows script is on the develop branch of the repository currently but in the future it could be in the main branch.
The safest way would be to log network traffic, check for an update, write script to block the update domain, and finally add it as a service. Currently I'm busy trying to get T-Mobile's new SIM card to work with the Night Hawk router.
Could be a few things like not being in the same directory as the file. What is the command you used and is the file in the same directory as the terminal?
You just need Python3, nmap, telnet, PuTTY and all of these can be installed using the Chocolatey package manager for windows which it's self can be installed using a single admin power shell script. You can also install these things separately. You may also want the VS Code IDE to see the code the rest is the same. Once connecting using putty over telnet connection, everything is the same as in the video.
i cant get anything to work and i cant find an old firmware roll back so guess im just fucked nothing works it acts like it dose something and after reset it literally did nothing i have both the m5restore and m6 they both dont do anything
It might be a firmware issue but the correct steps would otherwise be Enable USB tethering and run the script which will change the IMEI and enable telnet. After the reboot you can change the APN and TTL using telnet. If the APN doesn't change then it might be a firmware issue.
@@developer-of-things so i do have usb tether on and connected with the usb 3 cable in my vmware station with m6restore and everthing setup right it goes threw its entire proccess of doing the imei and telent but it actualy is not doing anything to the modem even though it pulls the correct stock imei off the modem and starts it process. im stumped like is this modem done for is there a way to flash back a firmware or is this just stuck
@@darkzerobd I haven't had this issue yet however I did search for the firmware online without any luck, I also spent some time trying to see if I could intercept the OTA firmware link from network traffic on the router and haven't found it yet. I'm still interested in solving this firmware update problem so I'll be looking more into it when I get the chance.
You got the new firmware, which prevents you from changing the imei. I did the whole process without error. After reboot, it will use back the default imei number. I am using this version for the MR 6450 (NTGX65_12.01.05.00).
I've been thinking about it. The hardest part of using Windows is setting stuff up, installing Python, nmap, enable telnet, install putty. It is very similar of a process after that.
Bro how can i text you privately? Also you should do that for people and charges them then i will be your first customer. I watched the video i still don't get it .
As a service it would not be very easily repeatable to make a business out of and since updates undo these changes it is best to understand the process to do it again after an update. It is best to ask questions here if possible to help other people.
You would need to install python 3 and install the command line tools mentioned. It's pretty straight forward for Mac and Linux. I'm not sure if you use Windows but that would be slightly different.
@@developer-of-things ok I understand and unfortunately I have windows. But I am going to try it out. I am just waiting on the device to get here!! And I am going to try the phone version you made also with the r00ting device.
@@developer-of-thingsfor example if the M6 will be used with a tablet plan, should we use a tablet IMEI? And if intended to use with a phone line plan, should we use a phone IMEI?
@@MilocanLLC Yes that would be recommended so that the carrier doesn't pick up anything unusual and suspend the plan. However I do have a phone IMEI on my M6 with a tablet plan and haven't had any issues yet. It is important to make sure that the IMEI won't be used by two devices on the same network because that will raise flags and the carrier will likely black-list devices by one of it's identifiers IMEI, ESN, IMSI (for SIM card)
The same way as on Mac but you need to install the dependencies. I wrote a script for Windows that does most of the setup including installing the dependencies needed. That script is on the develop branch of the m6restore repository. You could start by running that script and then try to complete the process manually after the dependencies are installed by the script.
I have a MR6110 running NTGX65_12.01.48.00, and there is nothing listening on 23, only 53, 80 and 5110. Did previous firmwares have a root shell at port 23 by default? Am I missing a piece of the puzzle. How did your method activate the telnet service? I am looking for any possible way to obtain a root shell on this device.
I added three AT commands to the script that enable telnet. Once the script unlocks engineering mode these three lines run enabling telnet tn.write(b"AT!TELEN=1 ") tn.write(b"AT!CUSTOM=\"RDENABLE\", 1 ") tn.write(b"AT!CUSTOM=\"TELNETENABLE\", 1 ")
@@developer-of-things Thanks for the quick response 🙏 Do you know how I could find an older firmware version? Where did you find these AT commands documented? Do you have some idea what causes your process to fail on the newest firmware? I see many people saying the same thing. It appears to work until it reboots, but it does not flash the new IMEI and the telnet service is not listening.
@@Lost-s5j Firmware is no longer provided by Netgear for manual updating, it's all OTA updates now. I don't have the Nighthawk hotspots anymore so I can't test the script to find out where it's failing. The AT commands I was able to find by doing a PDF file type search on Google with search terms for the modem chipset in the Nighthawk hotspots.
I wrote a script called "setup MacOS.sh" that should do it in less than a minute and from there you would only have to set the APN configuration in the apns.xml file. I am working on a Windows script to do the same, Windows makes it a lot more difficult though so I might just write it for Linux and have Windows users run it via the wsl (windows subsystem for Linux) basically a built in Linux terminal that comes with newer versions of Windows
this is not working for me, it goes through the process and says it completes, reboots and still has the factory IMEI.. running the NTGX65_12.01.48.00 FW
This worked out great! Bought a nighthawk m6 off Amazon and the cheapest cricket 5g phone and followed your video. Took about 4 hours because I had hiccups along the way that I had to fix and to get the correct APN but it all worked out and now I have unlimited unthottled internet on the road.
That's great that you had success with Cricket. I tested Cricket on the M5 and M6 and had an issue with it often booting into a unusual state while having a Cricket SIM card inserted and showing the USB logo in the status bar. I would be interested in knowing which APN settings you used.
The night hawk M6 pro i got off amazon was a refurbished unit that was already unlocked. Only complaint with it is the battery no holding a decent charge so i just leave it plugged in. The APN settings that was provided didnt work for me so instead i went on to the cricket phone and copied the APN settings onto the nighthawk and work instantly @@developer-of-things
@@developer-of-things My m6 pro shows mobile broadband disconnected. It seems that it can't obtain an IP address, I suspect there's a problem with the APN. I've tried various combinations and it still doesn't work. Do you have a way to make Cricket work?
@@1percentsync I have had issues with Cricket. It would work much better with ATT. However you mentioned you got a cheap cricket phone.
Would that happen to be the Moto G Stylus 5G?
That phone is pretty easy to root and once rooted you could follow another video I have to use hotspot as cellular data and not count it towards hotspot data.
tested on m6 pro for 100+gb,word fine,but require a manual airplane mode on and off or switch apn to register to network,don't know why@@developer-of-things
Dude you just hacked my router. THANK YOU BRO YOU ARE AMAZING!!! I commented earlier before i followed it entirely. THANK YOU A MILLION DUDE!
it worked like a charm! thank you for your work. any way to block the updates?
I have a nighthawk M6 pro and it turns off from the battery getting too hot, but works if I remove the battery and cover for better cooling. Is there a fix for this? I was considering attaching a phone cooler to it because it still gets very hot...Any better options for 5g hotspots you could recommend?
I don't believe there is a good option on the market for a 5G hotspot right now, however if taking a 5G router around with you is something you could live with then the GL iNet Spitz GL-X3000 is the best option I know of. If 4G speeds are acceptable then the GL iNet MUDI V2 does the job if used on ATT or T-Mobile however the MUDI V2 is a no go for Verizon
Does this work with the latest firmware for the MR6500? (NTGX6S_12.01.48.00) I was going to chage the IMEI through DC unlocker but it said that the current firmware isn't supported. Should I try the solution in the video at all or should I just return the M6 while I still can.
Most likely DC unlocker and this script have the same issue. I assume the keygen used is updated with the new firmware. Either a new keygen will have to be reverse engineered for this device or leaked from Netgear to unlock engineering mode on the router. I would say just return it and for now go with something like the MUDI V2 hotspot. I have a video on that and it's easy to set up for unlimited hotspot.
Great job - everything went well using nighthawk m6 att 6500 model but I dont see my visible (verizon) APNs selection in GUI from apns.xml file I created - I only see the automated apn in the gui which I believe it wouldn't have the dun entry. Please advise.
Googleing the APN settings for Visible I see the APN name that came up was VSBLINTERNET, you would create a new APN item in the apns.xml and just set the pid attribute to the next index number apn-x as in apn-1, apn-2, ... You could verify your APN for your SIM card by inserting the card into an Android phone which will display the APN config in the settings.
you would add the dun entry to the type attribute ex: type="default,dun,supl"
@@developer-of-things Thanks again - i will look around forAPN setting...As far as the speed goes, it has been great. I used G-NETrak Lite app to identify the best signal location in my house, I place my unit in attic where I noticed strongest 5G signal and my download test result has reached as high as 1.2G download. BUT bufferbloat causing it to be unbearable playing high intense video games due to high latency. If I can fix the latency issue, this unit will be perfect.
@@joshmuluba9091use a VPN to remove throttling restrictions on media content. I have used ExpressVPN and NordVPN and they both drastically speed up video playback
Man this looks challenging. I’ve got an AT&T MR6500 and Verizon business unlimited 5G plans. Do I need to buy an unlock code for this first?
I know we called about it but just for others to see, if your hotspot is locked to ATT then DC Unlocker is the best tool for unlocking for other carriers. I believe you mentioned it was just $10. Also you could unlock for free if the carrier contract is completed.
hi do you have an idea how to add european 5g bands and update the last AT&T firmware? Thanks from Austria
I sold the Nighthawk hotspots that I had and bought 5G routers that support all the bands that I need out of the box and get faster speeds than the Nighthawk hotspots. I experimented with configuring cellular bands on the Nighthawk hotspots when I had it with success on the 4G bands but not with a 5G bands. Since I don't have the Nighthawk hotspots anymore I can't reproduce instructions and there are better 5G routers on the market now, the Nighthawk hotspots might be the best 5G hotspots currently on the market due to a lack of options in the hotspot market but the difference between that and the 5G routers was enough for me to take a 5G router around or with me and use it like a hotspot.
Wish there was a way to unlock bands n41 and n71 for 5G T-Mobile it's currently just using LTE bands since it's a AT&T device. Have to buy the new MR6550 model at some point and try to mod it.
That's what I need to do DC unlocker has a band changing thing in the software but I haven't tried it yet
I have been able to change the 4G bands with AT commands to the modem but I haven't yet been able to change the 5G bands.
@@developer-of-things Please guide me to change the 4G band to have CA, thank you
@@duyoan9192 A Google search for this brings some good results "AT command band locking nighthawk"
Here is a guide for how to calculate the bands and set them with AT commands. This guide uses the Nighthawk M1 but the same idea applies to later models.
www.waveform.com/a/b/guides/mr1100-band-locking
@@duyoan9192 I believe the Nighthawk M6 has an option to lock to certain bands in the admin panel. I think I saw it at some point but I've also done band locking on cell phones so I could be confusing the two.
Hi
I have a NetGear M6 Pro mr6500 device from AT&T and I unlocked the device and I tried many firmware to get n41 band and n78 band but nothing changed, and I tried to add those bands bay a command but I failed to do it, so it possible to do that or is this thing impossible?
Hi, will this work with TMobile now? I tried changing my laptop to TTL 65 and my tmobile hotspot still gotten throttled.
You may want to use a VPN. It could make a huge difference in data speed especially with media streaming.
I am using MR 6450 (NTGX65_12.01.05.00) and successfully follow your step to change the imei. After upgrading to version NTGX65_12.01.05.00, the method above no longer worked. The whole process is still complete successfully without any error but after reboot the device will use back the factory default imei. Any ideas? Any method to downgrade it? Thanks
I'm not sure, I would need to get the latest version
Pls try it out @@developer-of-things
Hey there, new subscriber here. Can you please do a video on mofi 5500 like you did on the M5 Mod? thank you.
I don't have the Mofi 5500 router but I think I found the AT commands you were looking for. I see there are 4 modem cards this router might come with, but assuming you have the Mofi 5500 with the 5G modem card I searched this query in Google and found an answer on the first link.
site:wirelessjoint.com What is the IMEI repair AT command for Sierra Wireless EM9191 cellular module
😂 the smoke detector battery needs changing.
He likes living dangerously....
I was wondering why that thing kept chirping. I'll have to get the battery replaced 😂
He's on 🔥🔥🔥🔥!!
Knows how to use python, doesn’t know how to change a battery 😂
Port 23 isn't open on mine. Could that be related to having a newer firmware that closes it?
By default on newer devices port 23 is disabled but I wrote some code into the M6 restore script that unlocks this port. After enabling USB tethering on your device and running the script port 23 will be open.
Specifically these lines in the script open port 23
tn.write(b"AT!TELEN=1
")
tn.write(b"AT!CUSTOM=\"RDENABLE\", 1
")
tn.write(b"AT!CUSTOM=\"TELNETENABLE\", 1
")
This is awesome!
It has definitely reshaped the way I do remote work. I can go anywhere and not worry about finding WiFi or worry if I will hit a data cap.
Any chance I can mail you my m5 pay you for your time and shipping it back to me?
Does this work for all M6 models with current firmware? And is there a way to disable future updates?
I only see "SDX55" in the sierrakeygen program. It is supposed to be for the MR5100, does it work with the MR6500 too?
I have tested it on the M6 MR6500 & MR6110, also on the M5 MR5100C & MR5200, someone also confirmed it works on one of the M1 models. My Nighthawk routers are all up-to-date and working with this method. I see the keygen is for this specific snapdragon chipset's modem but it works on others.
I haven't tried to stop the updates from happening but there might be a way. I imagine it might be a service on the device that needs to be killed. Updates do wipe all your changes and you will have to redo the process from the beginning when one occurs.
@@developer-of-things Cant I just slap a tablet simcard in my hotspot and change the APN settings to broadband? Wouldn't that make it good to go? I heard of people getting it to work like that. Just get some old tablets IMEI and register it to a simcard then slap that sim in the hotspot device, then change APN settings. At least I was told thats how you do it :/
@@rp5m it will most likely count towards hotspot on most carriers and the carrier may even suspend, change, or cancel your line for using the IMEI of a hotspot on a tablet plan.
@@rp5mI used to do that att cracked down on that stuff netbuddy was doing the same thing but charging a crazy 80.00 a month when I could do it myself directly and pay way less about 35.00 a month at the time
I did the IMEI change to a 5G phone, but T-Mobile is still recognizing the traffic as hotspot traffic and I quickly burn through my hotspot data cap. Is there any way around that?
try to install the VPN on the router
The three things you need are a phone IMEI, correct APN for SIM card also ensuring to set 'dun' in the APN type field in addition to any other comma separated values that are there. Third your TTL should be set to 64 on the router. A point worth noting is this might not work on some software versions on the Nighthawk routers as I've seen people have issues doing the exact same thing that I'm doing.
I followed everything to the "t", command executes and it seems to "repair" the IMEI yet when device comes up same IMEI - im lost - please help.
Model: MR6110
I believe an update came out that messed with the process. It worked on my Nighthawks without issues but when I setup meeting with people in the past it was hit or miss if it would work for their Nighthawks. I did stop updating the m6restore repository since I sold my Nighthawk hotspots. I sold my Nighthawks in favor of getting the MUDI V2 hotspot and the Spitz X3000 home router. Both I have been running on ATT and are very straight forward to get running with unlimited hotspot. I made videos on them if you are looking for an easier way to get started that won't likely be blocked.
I tried it with US Mobile warp 5G SIM. It does not work - unable to register. I also tried upgrading to latest firmware. It works without changing IMEI. But we also lose the ability to change IMEI or lock bands. This is strange cuz US Mobile does not allow any tethering without a tether plan.
Without an IMEI change and TTL, it will be identified as hotspot data usage and may still provide data but it will count towards your total data limit. US Mobile isn't totally unlimited and have a fine print high speed data cap of around 50 GB or 70 GB. I don't remember the exact data cap
Is there a way tp connect netshare to router? It has a proxy setup that I can't seem to link to router
Some kind of way you would have to repeat the Wi-Fi signal and provide the proxy IP and port numbers. I tried this sometime back but I didn't find a solution for my use case.
I flashed my IMEI number from my TMobile home internet Arcadian modem to my att unlocked nighthawk mr5100 so I can use it instead of the Arcadian modem I used DC unlocker to do it it's about 30 bucks and pretty quick n easy to do it
It's good to hear that DC unlocker works well for you. There are some things I might consider DC unlocker for such as network unlocking a modem. But since it's free to change the IMEI using the method that I did, I would prefer that method for that specific use case.
@@developer-of-things ya
question for you after you did the IMEI number changed with dc unlocker, are you able to update firmware and keep the new IEMI?
@@Juan1985g No
Hey any updates on getting this to work on newer firmware? Thanks!
No update at the moment, I did try to update it using Wi-Fi on data offloading but the update failed. I might try too update over cellular data if I find the time. I have since moved to a cellular OpenWRT router which lends it's self better to modifying.
I couldn't get this to work for the MR6550. The python script would run but would not change the IMEI
There could be a lot of reasons for this. I have some questions.
What is the IP address under Settings/More/Device Information ?
Sometimes it is different than 192.168.1.1 and might look something like 10.X.X.1
Also what ports are open on that IP address?
sudo nmap
I just want to change the IMEI, should I do this whole guide?
Depends on what you're trying to achieve. Just changing the IMEI won't give unlimited hotspot data. If you're trying to change it for some other reason such as being grandfathered in on a specific device then you could stop at the part of changing the IMEI.
is this really patched i recently got the MR6110 version of the m6 can I still do it?
Possibly, it works for some.
Netgear Nighthawk M6 Pro (Unlocked)
IMEI SV: 13
Firmware Version: NTGX65_12.01.47.00
Firmware Build Date: 2023/11/04
Hardware Version: 1.0
PRI Version: 04.11
Web App Version: MR6550-GENPAS_05.00.94.00
Modem Version: MPSS.DE.2.0-00989-OLYMPIC_GENALL_PACK-1.41921.6.45826.2
Python script ran through, but when M6 Pro rebooted, the IMEI stays the same, and port 23 doesn't show up in the terminal as well.
Tried both manually and MacOS automation script.
A lot of people have issues with it now, it seems Netgear must have released an update patching it from making changes in the process. I no longer have the Nighthawk hotspots to test and update the script. Now I use GL iNet routers and hotspot because they are much easier to setup. If anyone wants to still try to fork the m6restore repository and update the code I left on GitHub I would accept updates but I can't test them anymore.
@@developer-of-thingsI can send you mine :)
@@developer-of-things Changes were made in later firmwares to lock this down. Too bad someone figured out root access. MR6500-MR6550 Root on WirelessJoint has the root method so this will work again on newer firmwares. Can also prevent auto updates in that forum so if it is patched in the future it won't matter since they won't auto update anymore.
Does this work on a nighthawk m6 6500 pro NTGX65_12.01.16.00?
The specific software version I don't know but I did get it working on that device with this process. If you have a Mac then I made an automated script and a 3 minute video on how to use it. It will take care of most of the process and you just need to set the APN settings in the end in the apns.xml file
If you use Windows then I made an automated powershell script to do it but it will only take care of (installing dependencies, changing IMEI, unlock telnet) up to the point of starting to telnet session. I was struggling to make that part work on Windows, so it would still be a manual process to set up the TTL service and configure your APN on Windows. The windows script is on the develop branch of the repository currently but in the future it could be in the main branch.
@@developer-of-things i have a mac and nighthawk m6 pro 6500. may i get the automated script? and the 3 min video? greatly appreciated.
@@chadmwilber1221 This is the guide to the automated script
github.com/developer-of-things/m6restore/blob/main/docs%2Fmacos%20script.md
is there a way to stop the router from upgrading to new firmware?
The safest way would be to log network traffic, check for an update, write script to block the update domain, and finally add it as a service.
Currently I'm busy trying to get T-Mobile's new SIM card to work with the Night Hawk router.
@@developer-of-things New T-Mobile SIM?
@@darkstudios001 Yes, there was a new SIM card that did not want to work on this device but the older SIM would.
does this work on the unlocked m6 non-pro (MR6150)?
It worked for me with this one. Some people say it doesn't though. It looks like the later updates on The Nighthawks can cause issues.
I have the same one and this worked fine for me
@@AngelOfLife87 what nighthawk software version?
I got a “could not open requirements file” error anyone know why?
Could be a few things like not being in the same directory as the file.
What is the command you used and is the file in the same directory as the terminal?
Can you guide how to do it on windows?
You just need Python3, nmap, telnet, PuTTY and all of these can be installed using the Chocolatey package manager for windows which it's self can be installed using a single admin power shell script. You can also install these things separately. You may also want the VS Code IDE to see the code the rest is the same. Once connecting using putty over telnet connection, everything is the same as in the video.
i cant get anything to work and i cant find an old firmware roll back so guess im just fucked nothing works it acts like it dose something and after reset it literally did nothing i have both the m5restore and m6 they both dont do anything
It might be a firmware issue but the correct steps would otherwise be Enable USB tethering and run the script which will change the IMEI and enable telnet. After the reboot you can change the APN and TTL using telnet.
If the APN doesn't change then it might be a firmware issue.
@@developer-of-things so i do have usb tether on and connected with the usb 3 cable in my vmware station with m6restore and everthing setup right it goes threw its entire proccess of doing the imei and telent but it actualy is not doing anything to the modem even though it pulls the correct stock imei off the modem and starts it process. im stumped like is this modem done for is there a way to flash back a firmware or is this just stuck
@@darkzerobd I haven't had this issue yet however I did search for the firmware online without any luck, I also spent some time trying to see if I could intercept the OTA firmware link from network traffic on the router and haven't found it yet. I'm still interested in solving this firmware update problem so I'll be looking more into it when I get the chance.
You got the new firmware, which prevents you from changing the imei. I did the whole process without error. After reboot, it will use back the default imei number. I am using this version for the MR 6450 (NTGX65_12.01.05.00).
ya mine is a 6150 model @@teefattwong276
Can you do a tutorial on Windows, thanks
I've been thinking about it.
The hardest part of using Windows is setting stuff up, installing Python, nmap, enable telnet, install putty. It is very similar of a process after that.
Bro how can i text you privately? Also you should do that for people and charges them then i will be your first customer. I watched the video i still don't get it .
As a service it would not be very easily repeatable to make a business out of and since updates undo these changes it is best to understand the process to do it again after an update.
It is best to ask questions here if possible to help other people.
You would need to install python 3 and install the command line tools mentioned. It's pretty straight forward for Mac and Linux.
I'm not sure if you use Windows but that would be slightly different.
@@developer-of-things ok I understand and unfortunately I have windows. But I am going to try it out. I am just waiting on the device to get here!! And I am going to try the phone version you made also with the r00ting device.
@@developer-of-thingsfor example if the M6 will be used with a tablet plan, should we use a tablet IMEI? And if intended to use with a phone line plan, should we use a phone IMEI?
@@MilocanLLC Yes that would be recommended so that the carrier doesn't pick up anything unusual and suspend the plan. However I do have a phone IMEI on my M6 with a tablet plan and haven't had any issues yet.
It is important to make sure that the IMEI won't be used by two devices on the same network because that will raise flags and the carrier will likely black-list devices by one of it's identifiers IMEI, ESN, IMSI (for SIM card)
Can this be used with tmohs1?
No, it uses a different keygen and different modem commands. A new script would need to be written and I would need the keygen to write it.
Ah okay, Anyway for you to add guide for it? I think that device is 4g tho. I dont know if its worth it tbh.
@@developer-of-things
How do u do this on windows
The same way as on Mac but you need to install the dependencies. I wrote a script for Windows that does most of the setup including installing the dependencies needed. That script is on the develop branch of the m6restore repository. You could start by running that script and then try to complete the process manually after the dependencies are installed by the script.
@developer of things, I'm going crazy with my setup can you assist ? could donate for your time.
My apn settings arent showing even with the sim in the router what to do?
hope you can reply with help brother i need this for work and took the sim from my working m1100 and now everything is all jumbled up :(
Tomorrow when I get a chance I could send a copy of my apns.xml
My email is
developer.oh.things@gmail.com
Appreciate it greatly!@@developer-of-things
have emailed you
I have a MR6110 running NTGX65_12.01.48.00, and there is nothing listening on 23, only 53, 80 and 5110.
Did previous firmwares have a root shell at port 23 by default? Am I missing a piece of the puzzle. How did your method activate the telnet service?
I am looking for any possible way to obtain a root shell on this device.
I added three AT commands to the script that enable telnet. Once the script unlocks engineering mode these three lines run enabling telnet
tn.write(b"AT!TELEN=1
")
tn.write(b"AT!CUSTOM=\"RDENABLE\", 1
")
tn.write(b"AT!CUSTOM=\"TELNETENABLE\", 1
")
@@developer-of-things
Thanks for the quick response 🙏
Do you know how I could find an older firmware version? Where did you find these AT commands documented?
Do you have some idea what causes your process to fail on the newest firmware? I see many people saying the same thing. It appears to work until it reboots, but it does not flash the new IMEI and the telnet service is not listening.
@@Lost-s5j Firmware is no longer provided by Netgear for manual updating, it's all OTA updates now. I don't have the Nighthawk hotspots anymore so I can't test the script to find out where it's failing. The AT commands I was able to find by doing a PDF file type search on Google with search terms for the modem chipset in the Nighthawk hotspots.
hey can you do it for me bro?
I wrote a script called "setup MacOS.sh" that should do it in less than a minute and from there you would only have to set the APN configuration in the apns.xml file.
I am working on a Windows script to do the same, Windows makes it a lot more difficult though so I might just write it for Linux and have Windows users run it via the wsl (windows subsystem for Linux) basically a built in Linux terminal that comes with newer versions of Windows
Im gettting error
If you are on Windows you will need to install Python 3 before following the steps
Followed the steps imei didn't change
You may need to enable USB tethering in the hotspot settings. It is disabled by default.
this is not working for me, it goes through the process and says it completes, reboots and still has the factory IMEI.. running the NTGX65_12.01.48.00 FW
Probably a patched firmware version. I no longer have Nighthawk hotspots so I can't test to update the script anymore.
Does anybody got this working on netgear nighthawk m6 pro NTGX65_12.01.16.00 firmware?
is there a way to reach you? Maybe an email?
developer.oh.things@gmail.com