MrTreha

No, I usually dont do backup since i preffer clean reload. But i did burn a dm 500 hd today and it worked like a charm...

I follow your logic Pr2 but here is the thing.

first thing I usually do on a box is to change root passwd. For that I use telnet by cmd. Now the box is fresh burned. Nothing has been altered on it ( am about to do that after root login ) and when I use telnet it asks me for username where I type root and then it asks me for passwd. Thinking of mentioned solutions in this topic it shoudnt aske me for password since there is no password - it should just go straight inside but it doesnt. So I try all the known passwords like just press enter, dreambox or opnpli but no luck. The box says login incorrect. So I am lead to belive that there is actually a some kind of default password. this is happening whatever program i try to use either its dcc, putty, total commander or whatever. The box does get same IP even after burning but thats to static ip assignemtent on the router but as far as I know thats the only thing that is same in the box as it was before burning. If I understand this correctly that password should be in the passwd file in etc folder ( encrypted offcourse ) but there is only one letter x in that file ( like this root:x:0:0:root:/home/root:/bin/sh ) and when that x is removed ( so it lokks like this root::0:0:root:/home/root:/bin/sh ) it works like suggested ( no pass ) . The problem is to get to that point you need to somehow gain control of the box and without root rights I dont know how to do it. Guess i was lucky with first box that was set up properly long time ago on local network and it could be altered without root access ( like normal harddrive folder browsing in windows ).

"Be careful that if you already connect to the same IP with another device / another image the local ssh key for this IP will need to be cleared on your PC (normally you will get a warning telling you that the key has changed)." Now this part sounds intreeging but as much as I try to think about the meaning of this sentence I dont get it entirely. What you are saying is that my PC somehow stored old telnet root login routine either by anticipating that there is a password to be typed in or actuall old password ?

If any of you developers would like me I could demonstrate this same thing by burning the box again and letting you to try to change root passwd with whatever solution you may think will work... I mean I have no reason to lie about origin of the file...

Wan : filename is OpenPLi-4.0-beta-dm800se-20161222.nfi and right click in windows gives this size : 52.9 MB (55,517,152 byte) and is downloaded from this location : https://openpli.org/...reambox/dm800se

I am the only owner of this box.

but the same thing is on my friends box ( which I dont have in my house ) with file dated 24.12. from same location.  

Hi and thanks for replies.
beta : I did both ways - same result

40h3x : thats a hellava workaaround just to get pass to clean box downloaded from openpli.org server but belive it or not I tried jack the ripper file or something like that but 1 i got some errors while trying that solution. what worked for me is to delete the x in passwd file and then it was empty pass and then i could change passwd to something I want. So 1 box is fixed ( I actually tried the exact same thing on exact same box without luck until now ). But second box is not visible on local network via windows explorer so cant use any magic on that part...

WanWizard : I belive you bro but please belive me that the thing you are talking about is not happening on any of 2 boxes I use.