02-08-2014, 04:32 PM
![Vivint installer toolbox code 2018 Vivint installer toolbox code 2018](/uploads/1/2/5/7/125705305/346547337.jpg)
The installer code is a unique code that installation. Technicians use to access the Installer Toolbox on the. Control Panel. The default installer code is 1561.
![Code Code](/uploads/1/2/5/7/125705305/743705622.gif)
Are you using the 2GIG Vivint Go!Control panel in your business? Or is your panel accessable to others? If so, they can easily obtain your master user code, and all other user codes on the panel, and even create their own backdoor user code.
Alert!!! This panel has another known vulnerability and has been hacked and compromised. For more info, see:
http://www.2gigforum.com/threads/129-Alert!!!-Honeywell-2GIG-ADT-DSC-Vivint-equipment-and-panels-hacked-compromised?p=288#post288
The default installer code can be used to access a system that is in a disarmed state, and view the User codes including the master code, and change or create a new code.
If a potential unauthorized user gains access to your panel in the unarmed state, using the installer code gives access to all installed user codes screen, and will even allow creation of a new user code, or change of a current user code.This code trumps the master/ other user codes (try it and see)
For a Vivint system that is armed, 2580 will disarm it. (This is supposed to be a secret duress code, but since it is all over the internet it isn't very secret) Ideally, this works best if you open up panel and remove/disconnect cellular module antenna so panel cannot communicate/send out a duress signal.
Code 2203 is an equivalent to a MASTER master user code.
This is a known potential security vulnerability (the fact that the Installer code has the ability to access/change all programmed User codes, and that 2gig uses the same default installer code, and that APX /vivint also uses the same default code for ALL go control systems (this may apply to other branded panels, where the default 2GIG code is left default)). Common sense dictates you need to be proactive in your own security, and change this to something only you would know.
As I said this code can be found online by anyone with a simple Google search for either the 2gig installers programming guide, or vivint/apx installer code
For example:
Google search for 'Vivint installer code'
https://www.google.com/search?q=vivint+installer+code&oq=vivint+installer+code&aqs=chrome..69i57j0l3&client=tablet-android-google&sourceid=chrome-mobile&espv=1&ie=UTF-8
Google search for '2gig installer code'
https://www.google.com/search?q=2gig+installer+code&oq=2gig+installer+code&aqs=chrome..69i57j69i60l3j0l2&client=tablet-android-google&sourceid=chrome-mobile&espv=1&ie=UTF-8
2gig default: 1561
Apx/vivint: 2203
Try it yourself
Disarm panel, then from the main screen...
Security>Menu>toolbox>enter the Vivint code/2gig code as shown above>user management
If you currently have a 2gig, or any branded 2GIG panel, especially if it is a apx/vivint branded one, and it is using the default, then change your installer code! (else one day someone may just walk into/break in/kick the door to your home in while you are away (or home sleeping), disable/disarm your system, clean you out/hurt you, then rearm your system upon departure. Thus, your security system has just been rendered ineffectual and completely useless.
By not changing the default code, you might as well be giving a User code to everyone you allow entry into your home. Less than 30 seconds is all it takes to view master, and all other user codes, or even create a new one...and if they like what they see in your home, they may just return one day or night, whether you are home or not... Don't take that chance!
Unfortunately for most Vivint customers, you cannot prevent this exploit, you have to have Vivint change Q43 in programming due to their Draconian polices which prevent their customers from making changes to the configuration
Alert!!! This panel has another known vulnerability and has been hacked and compromised. For more info, see:
http://www.2gigforum.com/threads/129-Alert!!!-Honeywell-2GIG-ADT-DSC-Vivint-equipment-and-panels-hacked-compromised?p=288#post288
The default installer code can be used to access a system that is in a disarmed state, and view the User codes including the master code, and change or create a new code.
If a potential unauthorized user gains access to your panel in the unarmed state, using the installer code gives access to all installed user codes screen, and will even allow creation of a new user code, or change of a current user code.This code trumps the master/ other user codes (try it and see)
For a Vivint system that is armed, 2580 will disarm it. (This is supposed to be a secret duress code, but since it is all over the internet it isn't very secret) Ideally, this works best if you open up panel and remove/disconnect cellular module antenna so panel cannot communicate/send out a duress signal.
Code 2203 is an equivalent to a MASTER master user code.
This is a known potential security vulnerability (the fact that the Installer code has the ability to access/change all programmed User codes, and that 2gig uses the same default installer code, and that APX /vivint also uses the same default code for ALL go control systems (this may apply to other branded panels, where the default 2GIG code is left default)). Common sense dictates you need to be proactive in your own security, and change this to something only you would know.
As I said this code can be found online by anyone with a simple Google search for either the 2gig installers programming guide, or vivint/apx installer code
For example:
Google search for 'Vivint installer code'
https://www.google.com/search?q=vivint+installer+code&oq=vivint+installer+code&aqs=chrome..69i57j0l3&client=tablet-android-google&sourceid=chrome-mobile&espv=1&ie=UTF-8
Google search for '2gig installer code'
https://www.google.com/search?q=2gig+installer+code&oq=2gig+installer+code&aqs=chrome..69i57j69i60l3j0l2&client=tablet-android-google&sourceid=chrome-mobile&espv=1&ie=UTF-8
2gig default: 1561
Apx/vivint: 2203
Try it yourself
Disarm panel, then from the main screen...
Security>Menu>toolbox>enter the Vivint code/2gig code as shown above>user management
If you currently have a 2gig, or any branded 2GIG panel, especially if it is a apx/vivint branded one, and it is using the default, then change your installer code! (else one day someone may just walk into/break in/kick the door to your home in while you are away (or home sleeping), disable/disarm your system, clean you out/hurt you, then rearm your system upon departure. Thus, your security system has just been rendered ineffectual and completely useless.
By not changing the default code, you might as well be giving a User code to everyone you allow entry into your home. Less than 30 seconds is all it takes to view master, and all other user codes, or even create a new one...and if they like what they see in your home, they may just return one day or night, whether you are home or not... Don't take that chance!
Unfortunately for most Vivint customers, you cannot prevent this exploit, you have to have Vivint change Q43 in programming due to their Draconian polices which prevent their customers from making changes to the configuration