Monday, June 4, 2012

Researching and pentesting DTH services for fun and profit

 
Hi guys sorry for not posting from long time but i have lots of work currently i am making videos on HCON STF for more easy pentesting and research . will post soon......
today i was thinking to hack or pentest the DTH devices that are bit modern that regular cable connections and they also have so called firmware for good organization of content.
the transmission in tata sky is mpeg-2 type while others use mpeg-4. the transmission is encrypted (of course :P) and that is decrypted  by the card so called as smart card. the card stores the customers information its like its identitiy card of the box :D and that can be read using external devices and can also be connected to a computer the thing is most of the cards are not generic so sometimes you have to make one yourself. and they also have a cam module (conditional access module) that is used when you have to use some others service without changing the settop box and other things. but thing is tata sky is having such module slot but the transmission they use is incompatible with other DTH companies now thats bit confusing :/ i have opened tata sky settop box and hopeful i was able to get a simple circuit map of the STB from the mpeg-2 decoder processor website :D so now i have got some good results if you have any ideas or questions ask me here is the circuit diagram of it.
it has 128 Mb SDRAM , a EPROM etc etc
the main things that can be done according to me
1=> smart card editing or reading (most probable thing that can be done)
2=>Custom firmware patching (somewhat possible)
3=>memory patching (bit hard)
4=>using CAM module to connect box to a computer
i also found some useful information here about hacking smart cards =>http://www.123helpme.com/view.asp?id=68386 


0 comments:

Post a Comment

Twitter Delicious Facebook Digg Stumbleupon Favorites More