FOX NETWORKS GROUP (Turksat 4A 42°E East Beam) ** CHAT ONLY NO KEYS **
- Thread starter -=Farrukh=-
- Start date
dale_para_bajo
Registered
- Messages
- 646
No fight, peace please. I can try my best if you let me.
Assignment#1:
Listen guys kebien id 100% correct. Few 1rst ours can provide critical information. In this case I guess kebien hopes to see 0x83.
But there are more like, maybe a new Software Update. If recorded then Anubis_ir, jim or any of the good guys may reverse engineer and come up with a future answer.
So be smart if you have the HDD space, PLEASE record as much as you can from the FULL transponder. Please disable VPLUG and all other Modules and Plugins, And then use TSWriter2 to record the Whole transponder. If you can record for a few ours at least. It does not matter how big it ends up to be. And that you will not be able to upload that much data in the web. The point is for some one to at least have it. Then in the future, if needed, we may let you know how to inspect and Trim to a small portion.
------------------------------------------------------
Assignment#2:
Now if you want to give me a try in BF please Use TSWriter2 ( ALl plugin and modules off). And Please record me relatively small piece. I need ONLY 20 seconds of record of the FULL transponder. Then post link here.
Assignment#1:
Listen guys kebien id 100% correct. Few 1rst ours can provide critical information. In this case I guess kebien hopes to see 0x83.
But there are more like, maybe a new Software Update. If recorded then Anubis_ir, jim or any of the good guys may reverse engineer and come up with a future answer.
So be smart if you have the HDD space, PLEASE record as much as you can from the FULL transponder. Please disable VPLUG and all other Modules and Plugins, And then use TSWriter2 to record the Whole transponder. If you can record for a few ours at least. It does not matter how big it ends up to be. And that you will not be able to upload that much data in the web. The point is for some one to at least have it. Then in the future, if needed, we may let you know how to inspect and Trim to a small portion.
------------------------------------------------------
Assignment#2:
Now if you want to give me a try in BF please Use TSWriter2 ( ALl plugin and modules off). And Please record me relatively small piece. I need ONLY 20 seconds of record of the FULL transponder. Then post link here.
do you know it's not only plain and cipher text? do you know it's not only bruteforcing des ecb algo as it was with tandberg v1? i am not fighting with you. i am only saying that tandberg v2 is not easy to bruteforce as it was with tandberg v1.
Last edited:
dale_para_bajo
Registered
- Messages
- 646
Just like an old Spanish advertizement:
"Easy things are done right the way, Hard stuff may take 10 minutes but impossible make a little longer"
I know bad transduction but you get the point.
Interesting you give me a line of thought. I need to convince a few here that I am not a guys they used to called Boss. This guys was some what racist, anti gay, anti Work Unions, anti World Monetary system and many other Anti establishments. Now when I went to his site and like in all places I go, I TRY not to go against forum management. So to some I at least look to agree with him. Wrong. Well I did like to read his different way of looking at the world. But I have nothing on gender, race or any other stuff.
Now one thing for sure this guy Boss did not knew how to Hack or do any programing that require good mathematical skills! I mean use really your head content.
In the other hand if you are one of those guys that are confuse. Please give it a thought. I was the guy who ask others to join and learn. At that time was PowerVu S tables. Taking a Crypt Protocol and finding its weakness!! Every day you do a little until one day you have enough to work a theory.
Did you guys are capable to see that Boss and dale_para_bajo are two different human being.
Sorry for the off topic. Yes I know, like anubis_ir, jimblits and many others items like those receivers around. We all did the software update to move from "tandberg v1" to your "tandberg v2". Now I do not understand when you say:
"easy to bruteforce as it was with tandberg v1"
Most here where under the Official impression that I only was capable to do bruteforce and come up with an answer under a week!. But if you recalled I always said that I thought masters here with their old wisdom and knowledge did have the capability too.
"Easy things are done right the way, Hard stuff may take 10 minutes but impossible make a little longer"
I know bad transduction but you get the point.
Interesting you give me a line of thought. I need to convince a few here that I am not a guys they used to called Boss. This guys was some what racist, anti gay, anti Work Unions, anti World Monetary system and many other Anti establishments. Now when I went to his site and like in all places I go, I TRY not to go against forum management. So to some I at least look to agree with him. Wrong. Well I did like to read his different way of looking at the world. But I have nothing on gender, race or any other stuff.
Now one thing for sure this guy Boss did not knew how to Hack or do any programing that require good mathematical skills! I mean use really your head content.
In the other hand if you are one of those guys that are confuse. Please give it a thought. I was the guy who ask others to join and learn. At that time was PowerVu S tables. Taking a Crypt Protocol and finding its weakness!! Every day you do a little until one day you have enough to work a theory.
Did you guys are capable to see that Boss and dale_para_bajo are two different human being.
Sorry for the off topic. Yes I know, like anubis_ir, jimblits and many others items like those receivers around. We all did the software update to move from "tandberg v1" to your "tandberg v2". Now I do not understand when you say:
"easy to bruteforce as it was with tandberg v1"
Most here where under the Official impression that I only was capable to do bruteforce and come up with an answer under a week!. But if you recalled I always said that I thought masters here with their old wisdom and knowledge did have the capability too.
Last edited:
O
ooOO_SORGOS_OOoo
what can we do!?
dale_para_bajo
Registered
- Messages
- 646
So a quick look to first posted link
http://www.sat-universe.com/redirec..._2A-3A-4A_12459.783_H_01-24_00-13-12.rar.html
reflects bad news... Well as I said earlier a chance to study and learn more.
If we name
"tandberg v2" => EE
"tandberg v2" => ED
this then look more like
"tandberg v3" => 00 00 01 *** do not meet EE nor ED definition
Now "MPEG-2 TS - Format of a Transport Stream Packet" is gone from Vpid and Apid!! hehehehe
There is in place a new more simple header. So no more known flags hehehe. And I think Pad bits are been sent unencrypted.
So new Challenge. Seen similar approach in strong5000
I-Cable request see
http://www.sat-universe.com/showthread.php?t=298540
But it not equal as that one is claimig to be PowerVu and this is a mix of Tandgerg/Irdeto.
And more important no one saw software updates previous. So I guess as HBO many are shifting to a Ethernet solution. Thank to god that in America purchase/merge of AT&T and Video providers where rejected by monopoly standard. But you get the point as to where all is going. Sats for provider use will end up as the dinosaur on the far future.
So time to go to the sketch table. Brainstorming and R&D.
PD: I just saw previous post.
Tandberg is not dead, nor all the other hack protocols. Listen it is simple. Todays computers allow users to use them as tools. So now all users become a hacker at one time or another.
Hack will never end as long as people wedges remain low. Now if all of us get paid $100,000 a year we would not mind pay for extra services. So even if one hack die. Another one will show up. No way to stooped it except giving all a nice salary.
http://www.sat-universe.com/redirec..._2A-3A-4A_12459.783_H_01-24_00-13-12.rar.html
reflects bad news... Well as I said earlier a chance to study and learn more.
If we name
"tandberg v2" => EE
"tandberg v2" => ED
this then look more like
"tandberg v3" => 00 00 01 *** do not meet EE nor ED definition
Now "MPEG-2 TS - Format of a Transport Stream Packet" is gone from Vpid and Apid!! hehehehe
There is in place a new more simple header. So no more known flags hehehe. And I think Pad bits are been sent unencrypted.
So new Challenge. Seen similar approach in strong5000
I-Cable request see
http://www.sat-universe.com/showthread.php?t=298540
But it not equal as that one is claimig to be PowerVu and this is a mix of Tandgerg/Irdeto.
And more important no one saw software updates previous. So I guess as HBO many are shifting to a Ethernet solution. Thank to god that in America purchase/merge of AT&T and Video providers where rejected by monopoly standard. But you get the point as to where all is going. Sats for provider use will end up as the dinosaur on the far future.
So time to go to the sketch table. Brainstorming and R&D.
PD: I just saw previous post.
Tandberg is not dead, nor all the other hack protocols. Listen it is simple. Todays computers allow users to use them as tools. So now all users become a hacker at one time or another.
Hack will never end as long as people wedges remain low. Now if all of us get paid $100,000 a year we would not mind pay for extra services. So even if one hack die. Another one will show up. No way to stooped it except giving all a nice salary.
Last edited:
dale_para_bajo
Registered
- Messages
- 646
I am still studying the 1rst File. And I had determine I made a wrong comment.
ECM seems to still type ED. I am sorry but most chanels now have 3 ECMs and I was looking at wrong one.( Tandberg, Videogar and Irdeto.)
But be aware that "MPEG-2 TS - Format of a Transport Stream Packet" had change. So even if you guys find a new Key and nothing else had change, the Emulator will require and upgrade to handle new Video and Audio Pids.
Now I have not start analyzing but I will expect more changes in the packet format, time will tell.
ECM seems to still type ED. I am sorry but most chanels now have 3 ECMs and I was looking at wrong one.( Tandberg, Videogar and Irdeto.)
But be aware that "MPEG-2 TS - Format of a Transport Stream Packet" had change. So even if you guys find a new Key and nothing else had change, the Emulator will require and upgrade to handle new Video and Audio Pids.
Now I have not start analyzing but I will expect more changes in the packet format, time will tell.
dale_para_bajo
Registered
- Messages
- 646
Men now I am really sorry. I beg pardon. I been looking to the wrong file. Some how I mix the file. So please Ignore my previous analysis.
The file I am looking now have no cryptos. And the too different rar files are in fact the same exploded file.
I guess having a new file with crypt8 will help a lot. I know I said just 20 seconds. Well truth is that it can be any size but crypt8 are a needed.
The file I am looking now have no cryptos. And the too different rar files are in fact the same exploded file.
I guess having a new file with crypt8 will help a lot. I know I said just 20 seconds. Well truth is that it can be any size but crypt8 are a needed.
Last edited:
bad_access
Registered
- Messages
- 240
42E 12461 H 20800 TS file for NAT GEO WILD HD
https://mega.nz/#!FF0DmRjZ!YFi_t_dZxLjlhx1duiwr7EAU3XVfaSFSTHtMPRnubwk
Decrypted Odd CW: 46 56 69 05 0C 48 39 8D
ECM: 47 4A C9 1C 00 81 70 28 ED 26 00 00 1D E6 22 91 09 EE 66 48 9E 24 4A 9B 68 D2 59 CC 11 EB 37 8C B4 C3 F6 1D 10 35 4D CE 0A 24 F9 C8 68 37 F5 94
47 4A C9 1C: TS Header
00: Offset
81: Table ID
70 28: Section length
ED: Tag ECM_TAG_CW_DESCRIPTOR
26: Lenght
00 00 1D E6: Entitlement ID
22 91 09 EE 66 48 9E 24 4A 9B 68 D2 59 CC 11 EB: Crypted Even CW
37 8C B4 C3 F6 1D 10 35 4D CE 0A 24 F9 C8 68 37: Crypted Odd CW
F5 94: Checksum
Last edited:
thanks bad_access for correcting
the CW is already posted here
I didn't noticed too
the crypt8 was
Using payload size: 184
PID: B91h B8h-Crypt8:C4 8F AF C9 6D 40 AA F1 [O] Count:599
the protected file is deleted....
the CW is already posted here
I didn't noticed too
the crypt8 was
Using payload size: 184
PID: B91h B8h-Crypt8:C4 8F AF C9 6D 40 AA F1 [O] Count:599
the protected file is deleted....
this is the picture after analyzing the NAT GEO WILD HD pids and using the CW to decrypt the ts file
