Hacking Beetel 220x ADSL router (Broadcom BCM6338)

Posted on in Categories Howto, India, Linux, Linux Embedded devices, Tips last updated September 1, 2007

This router is based upon Broadcom BCM6338 chipset. This router is used by Airtel, BSNL and other ISPs in India.

Hack # 1 : How to Login into Router

Login over telnet. This is a common feature of all router these days and this the only way to hack into box:
Default IP:
Default Username: admin
Default Password: password

I have changed IP of router to so here is my first session:

$ telnet

Connected to
Escape character is ‘^]’.
BCM96338 ADSL Router
Login: admin
password: ********
Once you are logged in you will see menu:

Main Menu

1. ADSL Link State
2. LAN
3. WAN
4. DNS Server
5. Route Setup
6. NAT
7. Firewall
8. Quality Of Service
9. Management
10. Passwords
11. Reset to Default
12. Save and Reboot
13. Exit

Hack # 2: Get out of this stupid shell menu script/program
Yup, it is stupid stuff and don’t waste your time hitting CTRL+C, CTRL+D keys, to get out of this script/program (break shell script), just type sh and hit enter key at arrow prompt ->

 -> sh

And you will be taken to shell
BusyBox v1.00 (2005.09.20-19:57+0000) Built-in shell (msh)
Enter ‘help’ for a list of built-in commands.

Hack # 3: But where is my ls command…
Type ls or dir command,

# ls

ls: not found

# dir

dir: not found

They have removed the ls and dir command. But don’t worry you can use old echo command trick:

# echo *

bin dev etc lib linuxrc mnt proc sbin usr var webs

echo * is old trick which displays list of all files in current directory without using ls or dir command.

Hack #4: Looking for advanced web based configuration, use main.html
Yet another stupid thing, they have removed main.html from web based configuration. Basically main.html is use to configure advanced options of router like port forwarding, DNS setting, firewall etc.

Just type (replace with your actual router IP address) to get all advanced options.

Hack # 5: Get more information about router hardware and Linux
Since this is tiny device most of the userland command such as free, uname etc are removed. However /proc file system provides all information:

Display CPU Information

# cat /proc/cpuinfo

Display RAM Information

# cat /proc/meminfo

Display Linux versions

# cat /proc/version

Linux version ([email protected]) (gcc version 3.4.2) #1 Tue Sep 20 15:52:07 EDT 2005

Display list of running Processes:

# ps 

Display list of all kernel module (drivers):

# cat /proc/modules

Hack # 6: Get more information about your network configuration
Display list of network interfaces

# ifconfig

Get default routing information i.e. find out your ISP’s router:

# route

Display Iptables rules

# iptables -L -n

Hack 6 : Secure your router
(A) Fire web browser such as firefox and login to web based interface. Type url main.html (or

(B) Enable Firewall
Click on Security > Ip filtering > Outgoing or Incoming > Click add

(C) Change default admin password
Click on Tools > Select Administrator and type the password. > Click apply

(D) Save changes and reboot router
Click on Management > Access Control > Password > Select Admin > Setup new password

Save changes and reboot router.

Quick reboot router with reboot command:

# reboot

See also: