T-Mobile Business = 877-347-2127 If you're having problems.
Internal T-Mobile's plan names:
"Bus Unl Tablet 10 GB HS TE" = Taxes and fees extra. SOC code ZB10HSTE
"Bus Unl Tablet 10 GB HS TI" = Taxes and fees included. SOC code ZB10HSTI
For adding HD Video Pass use SOC code : HDVPASS0
Who's eligible
- Available to new lines of service only. No voice line requirement.
- US and Puerto Rico (SJP) Business customers.
- Tax Exclusive Plan: B/C, B/L, B/M, B/N, B/O, B/P, I/S.
- Tax Inclusive Plan: B/C, B/L, B/N, B/P, I/S, Both TI and TE $10 Unlimited Tablet Promo Plan included within the following SOC Groups: 5, 9, 9A, 10, 10B, 21, 22, 34, 41, 59, and 67.
- Government account types
- Consumer customers
- Cannot be combined with tax included plans.
- Retired features and promotional lines/service credit offers will be removed upon switching to this plan.
- Tax Exclusive plans only eligible to Tax Exclusive BANS
- Tax Inclusive plans only eligible to Tax Inclusive BANS
- Voice line not required
- No migrations
- There is no annual contract (Un-contract) or activation fee.
- These plans do not include Music Freedom, Binge On, or Data Stash.
- All on-network data used counts towards fair-use de-prioritization limits.
Not available
- AVD
- Netflix on Us
- $40 Voice + Tablet credit.
- $5 AutoPay bill credit ($5 per line, up to 8 lines / $40 max credit). See the page for more details.
From this post
The multiple ways of using this $10 line for home internet are:
1. T-Mobile Gateway + Cudy N300 or X6 which are wifi only routers to mask hotspot usage with TTL set on the external wifi router. You can use other wifi routers for this purpose but there's a menu page in the Cudy routers which makes setting TTL easy - Courtesy waterchange
1.1 Cudy router like Cudy LT500 or LT18 or the 5G P8 work as a single device with modem + wifi router. Work well for home internet. Nice thing about the Cudy modems is easy TTL (and imei magic if necessary). - Courtesy waterchange
2. M2100 hotspot device - Hit or a miss - native out of the box but less reliable
3. Orbic 5G hotspot device - more reliable than the m2100, however some people have reported throttling after 1st couple of months
4. Gateway + Project Genesis - works most reliably
5. TMOHS1 - ~ 30-50 mbps out of the box, no TTL update required
6. Tmobile Franklin - ~30-50 mbps with TTL update - the most reliable as of right now, however limited speed.
7. M2000 won't pull data from anywhere.
8. GL.iNET Spitz GL-X3000NR easier to use than Cudy and better performance but expensive. Great form factor and performance. Presets for T-Mobile TTL settings and advanced cell features like tower/band lock. External antennas.
9. M3000B works out of the box with T-Mobile version. Has battery preservation features and ethernet port. Some users say to switch 5G mode to NSA if the hotspot restarts frequently in your area.
Add/update if you have more/better info.
Leave a Comment
Top Comments
They will still lock you to a 2 year EIP even if it's free (They'll make a monthly credit to cover the tablet EIP)
Meaning you'd end up paying $10 for 2 years ($240) for a $129 tablet.
So if you're only doing it for the tablet then it's not worth it
soc code ZB10HSTI is the one you want.
5,720 Comments
Sign up for a Slickdeals account to remove this ad.
I still need to verify if it shows up on my online account or somewhere in the settings.
When the HD soc is added you see speeds around 7 to 8 Mb on fast.com without that when 480P the speed are like 2 to 3 Mb.
what happened yesterday?!? sorry I havent been following the thread much. Today was the first day I could spare an hour to run down to the store. But I just got off the phone with CS, and they found it. They couldn't verify me via PIN, so they notated my account, and I can go into a store to do it. Miss having a business REP ;/
Sign up for a Slickdeals account to remove this ad.
People had issues using the same SSN that is on consumer T-Mobile account. Try using someone in your family to open the business account
Our community has rated this post as helpful. If you agree, why not thank TealMustang668
https://github.com/parker-stephen...ot-Utility [github.com]
https://parkercs.tech/tmohs1/
I have not tested this method because I do not have the TMOHS1 hotspot. I see one advantage of this hacking is that it can mask "all outgoing data as "on-device" rather than hotspot data"
Windows Instructions
1. Open Powershell (Search Powershell).
2. type
3. Download the zip file from https://github.com/parker-stephen...s/main.zip and unzip it.
4. go to unzipped location in powershell using cd.
5. install the requirements by executing command:
example
C:\Users\\Downloads\TMOHS1-Root-Utility-main>python ./rootScript.py -v Verbose mode enabled. Enter your weblogin password: Encrypting the login payload with key "abcdefghijklmn12" [yes, that's really the key]. . . Sending the authentication request. . . Received authentication token from hotspot: 876876876 Response: {'result': '0', 'ip': '0.0.0.0', 'timeout': '000300', 'token': '9879898'} Exploiting qcmap_web_cgi. . . Connection to device may reset. If you are running the exploit via WiFi, ensure that your device reconnects to the hotspot's network. Payload is ready: page=savepowersaving&displaytimeout=undefined&wifistandby=10;$(mount -o remount,rw /; telnetd; passwd -d root)&token=987987978 Sending the payload now! Waiting for socket. . . If you are running the exploit wirelessly, the connection may drop. Remember to reconnect to your hotspot's WiFi once it reappears. This may take up to a minute. Connected! Socket says: {'commit': 'Socket TimeOut'} Remounted root filesystem r/w. . . Removed root password. . . Enabling telnet. . . Trying to connect via telnet. . . Received: mdm 987987987 mdm9607 mdm9607 login: Telnet connection initialized. Logging in as root with empty password, please wait. . . Waiting for login to be processed. . . The exploit removed the root password of your device. It is STRONGLY recommended to set a custom root password. Your device will be EXTREMELY INSECURE if you do not. Would you like to set a custom root password? (Y/n): y Changing root password. IMPORTANT NOTE: the password will be sent insecurely over telnet, so you should manually change it later over ADB-USB if you are concerned about security. Sent command via telnet: passwd root Enter new password: Confirm new password: Root password successfully updated. ### Options ### 1) Change root password 2) Enough with this script BS, give me a shell! 3) Enable ADB 4) Enable ADB - Persistent through reboot (somewhat experimental) 5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN 6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended) 7) Enable mood lighting (look at the battery LED) 8) Mask hotspot data as "on-device" data 9) Reboot 10) Quit Enter option: 8 Sent command via telnet: echo "iptables -t mangle -I POSTROUTING -o rmnet_data0 -j TTL --ttl-set 64" > /etc/init.d/ttl.sh; echo "ip6tables -t mangle -I POSTROUTING -o rmnet_data0 -j HL --hl-set 64" >> /etc/init.d/ttl.sh; chmod 755 /etc/init.d/ttl.sh; ln -s /etc/init.d/ttl.sh /etc/rc5.d/S98ttl Added TTL rules to mask hotspot data as normal "on-device" data. Will take affect on reboot. ### Options ### 1) Change root password 2) Enough with this script BS, give me a shell! 3) Enable ADB 4) Enable ADB - Persistent through reboot (somewhat experimental) 5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN 6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended) 7) Enable mood lighting (look at the battery LED) 8) Mask hotspot data as "on-device" data 9) Reboot 10) Quit Enter option: 9 Rebooting. Goodbye! Sent command via telnet: rebootWindows Instructions
1. Open Powershell (Search Powershell).
2. type
3. Download the zip file from https://github.com/parker-stephen...s/main.zip and unzip it.
4. go to unzipped location in powershell using cd.
5. install the requirements by executing command:
example
C:\Users\\Downloads\TMOHS1-Root-Utility-main>python ./rootScript.py -v Verbose mode enabled. Enter your weblogin password: Encrypting the login payload with key "abcdefghijklmn12" [yes, that's really the key]. . . Sending the authentication request. . . Received authentication token from hotspot: 876876876 Response: {'result': '0', 'ip': '0.0.0.0', 'timeout': '000300', 'token': '9879898'} Exploiting qcmap_web_cgi. . . Connection to device may reset. If you are running the exploit via WiFi, ensure that your device reconnects to the hotspot's network. Payload is ready: page=savepowersaving&displaytimeout=undefined&wifistandby=10;$(mount -o remount,rw /; telnetd; passwd -d root)&token=987987978 Sending the payload now! Waiting for socket. . . If you are running the exploit wirelessly, the connection may drop. Remember to reconnect to your hotspot's WiFi once it reappears. This may take up to a minute. Connected! Socket says: {'commit': 'Socket TimeOut'} Remounted root filesystem r/w. . . Removed root password. . . Enabling telnet. . . Trying to connect via telnet. . . Received: mdm 987987987 mdm9607 mdm9607 login: Telnet connection initialized. Logging in as root with empty password, please wait. . . Waiting for login to be processed. . . The exploit removed the root password of your device. It is STRONGLY recommended to set a custom root password. Your device will be EXTREMELY INSECURE if you do not. Would you like to set a custom root password? (Y/n): y Changing root password. IMPORTANT NOTE: the password will be sent insecurely over telnet, so you should manually change it later over ADB-USB if you are concerned about security. Sent command via telnet: passwd root Enter new password: Confirm new password: Root password successfully updated. ### Options ### 1) Change root password 2) Enough with this script BS, give me a shell! 3) Enable ADB 4) Enable ADB - Persistent through reboot (somewhat experimental) 5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN 6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended) 7) Enable mood lighting (look at the battery LED) 8) Mask hotspot data as "on-device" data 9) Reboot 10) Quit Enter option: 8 Sent command via telnet: echo "iptables -t mangle -I POSTROUTING -o rmnet_data0 -j TTL --ttl-set 64" > /etc/init.d/ttl.sh; echo "ip6tables -t mangle -I POSTROUTING -o rmnet_data0 -j HL --hl-set 64" >> /etc/init.d/ttl.sh; chmod 755 /etc/init.d/ttl.sh; ln -s /etc/init.d/ttl.sh /etc/rc5.d/S98ttl Added TTL rules to mask hotspot data as normal "on-device" data. Will take affect on reboot. ### Options ### 1) Change root password 2) Enough with this script BS, give me a shell! 3) Enable ADB 4) Enable ADB - Persistent through reboot (somewhat experimental) 5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN 6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended) 7) Enable mood lighting (look at the battery LED) 8) Mask hotspot data as "on-device" data 9) Reboot 10) Quit Enter option: 9 Rebooting. Goodbye! Sent command via telnet: reboot4+repped
Windows Instructions
1. Open Powershell (Search Powershell).
2. type
3. Download the zip file from https://github.com/parker-stephen...s/main.zip and unzip it.
4. go to unzipped location in powershell using cd.
5. install the requirements by executing command:
example
C:\Users\\Downloads\TMOHS1-Root-Utility-main>python ./rootScript.py -v Verbose mode enabled. Enter your weblogin password: Encrypting the login payload with key "abcdefghijklmn12" [yes, that's really the key]. . . Sending the authentication request. . . Received authentication token from hotspot: 876876876 Response: {'result': '0', 'ip': '0.0.0.0', 'timeout': '000300', 'token': '9879898'} Exploiting qcmap_web_cgi. . . Connection to device may reset. If you are running the exploit via WiFi, ensure that your device reconnects to the hotspot's network. Payload is ready: page=savepowersaving&displaytimeout=undefined&wifistandby=10;$(mount -o remount,rw /; telnetd; passwd -d root)&token=987987978 Sending the payload now! Waiting for socket. . . If you are running the exploit wirelessly, the connection may drop. Remember to reconnect to your hotspot's WiFi once it reappears. This may take up to a minute. Connected! Socket says: {'commit': 'Socket TimeOut'} Remounted root filesystem r/w. . . Removed root password. . . Enabling telnet. . . Trying to connect via telnet. . . Received: mdm 987987987 mdm9607 mdm9607 login: Telnet connection initialized. Logging in as root with empty password, please wait. . . Waiting for login to be processed. . . The exploit removed the root password of your device. It is STRONGLY recommended to set a custom root password. Your device will be EXTREMELY INSECURE if you do not. Would you like to set a custom root password? (Y/n): y Changing root password. IMPORTANT NOTE: the password will be sent insecurely over telnet, so you should manually change it later over ADB-USB if you are concerned about security. Sent command via telnet: passwd root Enter new password: Confirm new password: Root password successfully updated. ### Options ### 1) Change root password 2) Enough with this script BS, give me a shell! 3) Enable ADB 4) Enable ADB - Persistent through reboot (somewhat experimental) 5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN 6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended) 7) Enable mood lighting (look at the battery LED) 8) Mask hotspot data as "on-device" data 9) Reboot 10) Quit Enter option: 8 Sent command via telnet: echo "iptables -t mangle -I POSTROUTING -o rmnet_data0 -j TTL --ttl-set 64" > /etc/init.d/ttl.sh; echo "ip6tables -t mangle -I POSTROUTING -o rmnet_data0 -j HL --hl-set 64" >> /etc/init.d/ttl.sh; chmod 755 /etc/init.d/ttl.sh; ln -s /etc/init.d/ttl.sh /etc/rc5.d/S98ttl Added TTL rules to mask hotspot data as normal "on-device" data. Will take affect on reboot. ### Options ### 1) Change root password 2) Enough with this script BS, give me a shell! 3) Enable ADB 4) Enable ADB - Persistent through reboot (somewhat experimental) 5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN 6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended) 7) Enable mood lighting (look at the battery LED) 8) Mask hotspot data as "on-device" data 9) Reboot 10) Quit Enter option: 9 Rebooting. Goodbye! Sent command via telnet: rebootMy Speedtest is around 300 Mbps down and 18 Mbps up
Sign up for a Slickdeals account to remove this ad.
Windows Instructions
1. Open Powershell (Search Powershell).
2. type
3. Download the zip file from https://github.com/parker-stephen...s/main.zip and unzip it.
4. go to unzipped location in powershell using cd.
5. install the requirements by executing command:
example
C:\Users\<login>\Downloads\TMOHS1-Root-Utility-main>python ./rootScript.py -v Verbose mode enabled. Enter your weblogin password: Encrypting the login payload with key "abcdefghijklmn12" [yes, that's really the key]. . . Sending the authentication request. . . Received authentication token from hotspot: 876876876 Response: {'result': '0', 'ip': '0.0.0.0', 'timeout': '000300', 'token': '9879898'} Exploiting qcmap_web_cgi. . . Connection to device may reset. If you are running the exploit via WiFi, ensure that your device reconnects to the hotspot's network. Payload is ready: page=savepowersaving&displaytimeout=undefined&wifistandby=10;$(mount -o remount,rw /; telnetd; passwd -d root)&token=987987978 Sending the payload now! Waiting for socket. . . If you are running the exploit wirelessly, the connection may drop. Remember to reconnect to your hotspot's WiFi once it reappears. This may take up to a minute. Connected! Socket says: {'commit': 'Socket TimeOut'} Remounted root filesystem r/w. . . Removed root password. . . Enabling telnet. . . Trying to connect via telnet. . . Received: mdm 987987987 mdm9607 mdm9607 login: Telnet connection initialized. Logging in as root with empty password, please wait. . . Waiting for login to be processed. . . The exploit removed the root password of your device. It is STRONGLY recommended to set a custom root password. Your device will be EXTREMELY INSECURE if you do not. Would you like to set a custom root password? (Y/n): y Changing root password. IMPORTANT NOTE: the password will be sent insecurely over telnet, so you should manually change it later over ADB-USB if you are concerned about security. Sent command via telnet: passwd root Enter new password: Confirm new password: Root password successfully updated. ### Options ### 1) Change root password 2) Enough with this script BS, give me a shell! 3) Enable ADB 4) Enable ADB - Persistent through reboot (somewhat experimental) 5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN 6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended) 7) Enable mood lighting (look at the battery LED) 8) Mask hotspot data as "on-device" data 9) Reboot 10) Quit Enter option: 8 Sent command via telnet: echo "iptables -t mangle -I POSTROUTING -o rmnet_data0 -j TTL --ttl-set 64" > /etc/init.d/ttl.sh; echo "ip6tables -t mangle -I POSTROUTING -o rmnet_data0 -j HL --hl-set 64" >> /etc/init.d/ttl.sh; chmod 755 /etc/init.d/ttl.sh; ln -s /etc/init.d/ttl.sh /etc/rc5.d/S98ttl Added TTL rules to mask hotspot data as normal "on-device" data. Will take affect on reboot. ### Options ### 1) Change root password 2) Enough with this script BS, give me a shell! 3) Enable ADB 4) Enable ADB - Persistent through reboot (somewhat experimental) 5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN 6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended) 7) Enable mood lighting (look at the battery LED) 8) Mask hotspot data as "on-device" data 9) Reboot 10) Quit Enter option: 9 Rebooting. Goodbye! Sent command via telnet: rebootLeave a Comment