Understanding CSA

[cayoenrique]

Upps I am trying to use my time and be as quick and in the process I am not testing in Windows. I will try to be careful.

I am working to put this in Opencl format. So next post should be in GPGPU using Opencl . Hopefully in a few hours If people at home let me work on it.

 

[cayoenrique]

@Me2019H ask me to add comments on the OCLBiss program. Instead for now I will do what I wanted to do from the beginning. But I could not as I was as why so much theory. Guys Theory is important.

To explain we need to understand the FULL Story. How we go from encrypted ts to finally get the needed key. It is late so now I will only tell you what you need to download. Latter I will go step by step with explanation. Why this? Because before you start trying to understand the SOLUTION. You need to understand the PROBLEM.

You are going to need more Windows Tools to look at the problem and to manipulate files.
Need a TS analyzer, I strongly suggest Transedit. Need a Hex Editor to be able to look at the binary data. You are going to need a Good Media Player/encoder/decoder, for this we need ffplayer. And it will be nice to have a working CSA decoder program. This will allow us to double check the decryption if wee needed. For this I will post what I had build in the past for you and got lost on the old forum.

PLEASE check all files with antivirus software. I do not assume any responsibility. Is up to you to scan files for viruses before using it.

win_tsapps_1.tar.xz.zip (154.48 KB)

https://workupload.com/file/DyxpKRK9SJZ

win_tsapps_2.tar.xz.zip (3.17 MB)

https://workupload.com/file/brgDr3t59ww

pass: www.sat-universe.com

1rst you unzip win_tsapps_1.tar.xz.zip and enter password. Then extract win_tsapps_1.tar.xz
if you have trouble download 7zip

https://www.7-zip.org/download.html

You will get

./win_tsapps_1
./win_tsapps_1/Apps
./win_tsapps_1/Apps/home
./win_tsapps_1/Apps/home/ts_examples
./win_tsapps_1/Apps/home/bin
./win_tsapps_1/Apps/home/bin/oetsdec.conf
./win_tsapps_1/Apps/home/bin/oetsdec.exe
./win_tsapps_1/Apps/home/bin/ModySat.exe
./win_tsapps_1/Apps/home/bin/SoftCam.Key
./win_tsapps_1/Apps/home/bin/tsdec.exe

Just copy the Apps over your current C:\Apps we have been working.

The do same with win_tsapps_2.tar.xz.zip, 1rst unzip with password. Then extract tar.xy. you will get

./TransE+HexW/Apps
./TransE+HexW/Apps/home
./TransE+HexW/Apps/home/programs
./TransE+HexW/Apps/home/programs/TransEdit
***
./TransE+HexW/Apps/home/programs/Hex_Workshop_v6.0.1
***

Again copy Apps and override C:\Apps, we are only adding as I did show you. Inspect the folders if you are not happy.
Now Transedit need a Key installation for it to work. If you got DVBViewer previously install, you most likely have that key already. . Beware that if you If you reinstall my key over your old installation you may damage your current DVBViewer!!!! This procedure is ONLY to people that do not have DVBViewer installed.

If you are sure you do not have DVBViewer. Then to lets install this new key.

Browse to folder C:\Apps\home\programs\TransEdit\key and execute the file installkey.bat. It only have two instructions. you can look at the bat file. This will allow you to have TransEdit 4.0.0. If you want the latest please check this LINK Download

https://webshare.cz/#/file/DoKjPGkNph/transedit-4-3-0-zip

extract the files and just override the ones we have in C:\Apps\home\programs\TransEdit. That will make you have TransEdit 4.3.0 correct show DVB-S2X extension

Now we need ffplayer, Please download from here:

https://github.com/GyanD/codexffmpeg/releases/tag/6.0

I suggest you download basic 24.7 MB

https://github.com/GyanD/codexffmpeg/releases/download/6.0/ffmpeg-6.0-essentials_build.7z

extract and only keep files in ffmpeg-6.0-essentials_build/bin
And copy this files to C:\Apps\home\bin

ffmpeg.exe
ffplay.exe
ffprobe.exe

if you do not have ts_examples.tar.xz (14.00 MB)

https://workupload.com/file/skQmxGfTLLv

Place then in C:\Apps\home\ts_examples


Finally download

https://www.auto.tuwien.ac.at/bib/pdf_TR/TR0188.pdf 
https://tsduck.io/download/docs/mpegts-introduction.pdf

Basically read TR0188.pdf page 2
2.1 DVB
2.1.1 Transport Stream
2.1.1.2 Adaptation Field <== this one just go lightly has at this time is of litle importance
2.1.2 Packetized Elementary Stream <=== This is the important, the reason for the hack.

I see you soon.

 

[cayoenrique]

PLEASE now study mpegts-introduction.pdf from tsduck. At least pages 2 - 15. Here is the most important.

Most of you are here because of a particular interest. And you think that Sat signals is all about your hobby and nothing else. Some are in Sports, other likes music, some are here because special TV events, etc. Most of you just love Movies. And you think that Sat Signal is just like you tube, a bunch of mp4 videos. But in fact it is a complex business where different parts of the action are manage by separate business. There is the Satellite Owner, then there are many providers. Now some provide sports, other movies and music. But in fact there is a lot of more business. There is Internet, there were a few but some did provide "files", yes like pdf books, photos, etc. I bet you have heard of Usenet. Yes the satellite today is all about digital communication. So in order to send up and later down the signal of all those possible different protocols they created the Transport Stream. This is like a form of Container or Packaging. Think on the market you go for food. The market order food from distributors and it get to the market in a Trailer Container. The Trailer have various Pallets another container. The Pallets have Boxes to finally end on the Tin Can that have the Fruit you want. Diferent types of container one inside the other to protect your product. Same is the signal from the satellite.
What we called the TS file is called Transport Stream

The TS packet have a 4 byte header that we all know start with the synchronization number 0x47. Where Ox mean Hexadecimal notation. If the TS has a length of 188 and we used 4 for header, the maximum length for the Payload is 184 bytes

And it can or not have extra unencrypted data that is called adaptation field. This is unimportant to the hack, but to give you an Idea, it could carry a Clock Signal to help match the sound with the Video.

Elementary Stream (ES)
Think of it like a single signal that have a use. For example Audio. But audio can be BIGGER in length than 184 bytes!! So we cut it in chuncks, split them and re-part them in sequential ts packets if size 188.

Butttt Wait how we will know how to put it back latter!!!!??? We then put the ES inside a packet and guess what we call it Packetized Elementary Stream (PES) Now to Identify the begining of a ES the PES has also a HEADER and this header start with 00 00 01

 

[cayoenrique]

The most important part I miss. See image again

encrypted 00 00 01 is PRESENT when PUSI = 1

Payload Unit Start Indicator (PUSI) in TS Header

Again the 00 00 01 in PES Header

All images from Brute-force Attacks on DVB-CSA1 using a low-cost FPGA-Cluster and TSDUCK's An introduction to MPEG-TS

 

[Me2019H]

Thqnk you for your Tutorials

I do not have DVBViewer When i click on installkey.bat i have this meage

t click direktly on transedit.reg i have this

https://i.ibb.co/0tQpZDY/12.png

I do not have DVBViewer installed before

 

[cayoenrique]

I double check here and I see no problem on installation of reg. But you picture shows
have been successful added to the register
This means you installed the password to access the key. You should be fine.

@all
Under normal circunstances, You pay and Install DVBViewer, then you are allow to use Transedit.
This is a HACK. YOU do not need to have DVBViewer installed for this HACK to work.
if you encounter similar error you should be able to Right Click over any *.reg and select Install. I guess that double click works too! Remember this HACK is for those that do not have a Valid Purchased DVBViewer. If you have the money PLEASE pay those guys at DVBViewer for that wonderful PCSAT App. PLEASE support this an all other mayor providers. I in the other hand, am old and without money. Yes I am so poor that have not even a sat antenna. last one was gone with the last mayor Hurricane. So I do what I can.

 

[cayoenrique]

Lab001

NOTE:
Please try to install all as requested. In this way when you have a problem, we ALL have the same trouble. Then is easy for me to find solution to the problem. We all be having the same issues.

If you all ready installed using previous steps it will be fine. No need to reinstall all. I am redoing so that we can add Labs in the future.

Lets create some working directories.

[WINKEY]+R  CMD [ENTER]
> cd C:\Apps\home
> mkdir "C:\Apps\Home\cryptodir\Labs\001"
> mkdir "C:\Apps\home\programs"
> mkdir "C:\Apps\home\bin"
> mkdir "C:\Apps\home\zipfiles"
> cd C:\Apps\Home\cryptodir\Labs\001

Now download and save to C:\Apps\Home\cryptodir\Labs\001

https://workupload.com/file/DyxpKRK9SJZ
https://workupload.com/file/brgDr3t59ww
https://workupload.com/file/skQmxGfTLLv
https://7-zip.org/a/7z2301.exe

> 7z2301.exe

Install in you C:\Program Files (x86)\7-Zip\

Then update your PATH environment variable. Add at the end ;C:\Program Files (x86)\7-Zip\;C:\Apps\home\bin;

Lets Install the rest

> move 7z2301.exe C:\Apps\home\zipfiles
> 
> 7z -pwww.sat-universe.com e win_tsapps_1.tar.xz.zip
> 7z -txz e win_tsapps_1.tar.xz 
> 7z -ttar x win_tsapps_1.tar 
> xcopy /s /e win_tsapps_1\Apps\home C:\Apps\home\ 
> rmdir /s /f win_tsapps_1 
> del win_tsapps_1.tar win_tsapps_1.tar.xz
> move win_tsapps_1.tar.xz.zip C:\Apps\home\zipfiles
> 
> 7z -pwww.sat-universe.com e win_tsapps_2.tar.xz.zip
> 7z -txz e TransE+HexW.tar.xz
> 7z -ttar x TransE+HexW.tar
> xcopy /s /e TransE+HexW\Apps\home C:\Apps\home\ 
> rmdir /s /f TransE+HexW 
> del TransE+HexW.tar.xz TransE+HexW.tar
> move win_tsapps_2.tar.xz.zip C:\Apps\home\zipfiles
> 
> 7z -txz e ts_examples.tar.xz
> 7z -ttar x ts_examples.tar
> del ts_examples.tar
> move ts_examples.tar.xz C:\Apps\home\zipfiles
> 
> cd C:\Apps\home\programs\TransEdit\key
> installkey.bat

 

[cayoenrique]

Lab002 PART I

Lets create some working directories.

[WINKEY]+R  CMD [ENTER]
> mkdir "C:\Apps\Home\cryptodir\Labs\002"
> cd C:\Apps\Home\cryptodir\Labs\002

In Lab001 I forgot the ffplay/meg&probe So if you have not done it then
download and save to C:\Apps\Home\cryptodir\Labs\002 the following

https://github.com/GyanD/codexffmpeg/releases/download/6.0/ffmpeg-6.0-essentials_build.7z

Lest extract and copy the files

> 7z x ffmpeg-6.0-essentials_build.7z
> xcopy /s /e ffmpeg-6.0-essentials_build\bin\ C:\Apps\home\bin\
> rmdir /s /f ffmpeg-6.0-essentials_build
> move ffmpeg-6.0-essentials_build.7z C:\Apps\home\zipfiles

Now download and save to C:\Apps\Home\cryptodir\Labs\002 the following
win_tsapps_3.tar.xz.zip (2.26 MB)
testcard_original.ts.zip (561.60 KB)

https://workupload.com/file/xpkqav7nAk5
https://workupload.com/file/jW3Zz4Kq2CM

Lets Install

> 7z -pwww.sat-universe.com e win_tsapps_3.tar.xz.zip
> 7z -txz e win_tsapps_3.tar.xz 
> 7z -ttar x win_tsapps_3.tar 
> xcopy /s /e win_tsapps_3\Apps\home C:\Apps\home\ 
> rmdir /s /f win_tsapps_3 
> del win_tsapps_3.tar win_tsapps_3.tar.xz
> move win_tsapps_3.tar.xz.zip C:\Apps\home\zipfiles
> copy C:\Apps\home\bin\cygwin1.dll C:\windows\system32
> regsvr32 cygwin1.dll
>
> 7z x testcard_original.ts.zip
> move testcard_original.ts.zip C:\Apps\home\zipfiles
> copy testcard_original.ts C:\Apps\home\ts_examples

Lets review again ( I know more theory )

Elementary Stream (ES)
For me this is the most basic workable unit. Why, you can play 1 ES and be able to listen of view video. Well usually you need at lest 2 due to synchronization or detection of the code. Size varies depending on information represented, video vs audio etc. Basic data used by decoder. In our TS theory ES is a single audio or video not mix. But outside of the TS world, in reality a compound ES file contain all data to generate
a video with audio.

Packetized Elementary Stream (PES)
A few ES are joined to make a Data Packet, let say an audio frame. In TS, at this level Audio or Video are never mix.

Transport Stream (TS)
TS is Multiplexed!!! Yes now TS has the overhead to add separated PIDs ( Packet identifiers ) with Audio or Video to make a Channel. And Multiple Channels can join to create a Full Transponder. A TS Line can only have 188 bytes. Now what this means, A PES is variable Big thing. So we will
need Several TS of 188 to accommodate space for 1 PES.

Prerequisites
ffmpeg - is an audio/video conversion tool.
tstools - is a set of cross-platform command line tools for working with MPEG data.

I will show you with a sample.

Now lets use our recently install ffmpeg to play the ts file. As you see you can play testcard_original.ts using ffplay. This is a
full 1 cycle of the Test Card.

> ffplay -autoexit -hide_banner testcard_original.ts

We can get info using ffprobe

> ffprobe -v quiet -show_format -show_streams -i testcard_original.ts
> ffprobe -hide_banner -i testcard_original.ts

Lets see what we got on the second command

> ffprobe -hide_banner -i testcard_original.ts
[mpegts @ 0000000000636bc0] PES packet size mismatch
[mpegts @ 0000000000636bc0] Packet corrupt (stream = 0, dts = 1550145344).
[mpegts @ 0000000000636bc0] PES packet size mismatch
[mpegts @ 0000000000636bc0] Packet corrupt (stream = 1, dts = 1550145344).
[mpegts @ 0000000000636bc0] PES packet size mismatch
[mpegts @ 0000000000636bc0] Packet corrupt (stream = 2, dts = 1550145344).
[mpegts @ 0000000000636bc0] PES packet size mismatch
[mpegts @ 0000000000636bc0] Packet corrupt (stream = 3, dts = 1550143184).
[mpegts @ 0000000000636bc0] PES packet size mismatch
[mpegts @ 0000000000636bc0] Packet corrupt (stream = 0, dts = 1550145344).
[mpegts @ 0000000000636bc0] PES packet size mismatch
[mpegts @ 0000000000636bc0] Packet corrupt (stream = 1, dts = 1550145344).
[mpegts @ 0000000000636bc0] PES packet size mismatch
[mpegts @ 0000000000636bc0] Packet corrupt (stream = 2, dts = 1550145344).
[mpegts @ 0000000000636bc0] PES packet size mismatch
[mpegts @ 0000000000636bc0] Packet corrupt (stream = 3, dts = 1550143184).
Input #0, mpegts, from 'testcard_original.ts':
Duration: 00:00:02.86, start: 17221.437156, bitrate: 13175 kb/s
Program 1
Metadata:
service_name : IMG3 EU
service_provider: CM5000
Stream #0:0[0x1010]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
Stream #0:1[0x1020]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
Stream #0:2[0x1030]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
Stream #0:3[0x1040]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
Stream #0:4[0x200]: Video: h264 (High) ([27][0][0][0] / 0x001B), yuv420p(tv, bt709, top first), 1920x1080 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 90k tbn

As you can see when I cut this ts I produce various errors PES packet size mismatch.

 

[cayoenrique]

LAB002 PART II

We can use ffmpeg to clean it. I will re-code this file to make it FULL standard so that our outdated
free opensource tools do not complain. Also this new file will only have 1 audio channel. This process is know as trans-code. After this process we will have a new file cleaned

> ffmpeg  -hide_banner -i testcard_original.ts -vcodec mpeg2video -acodec mp2 -b:v 10M -b:a 192k -muxrate 10M -f mpegts testcard.ts

Results

C:\Apps\Home\cryptodir\Labs\002>
> ffmpeg  -hide_banner -i testcard_original.ts -vcodec mpeg2video -acodec mp2 -b:v 10M -b:a 192k -muxrate 10M -f mpegts testcard.ts
[mpegts @ 00000000004b12c0] PES packet size mismatch
[mpegts @ 00000000004b12c0] Packet corrupt (stream = 0, dts = 1550145344).
[mpegts @ 00000000004b12c0] PES packet size mismatch
[mpegts @ 00000000004b12c0] Packet corrupt (stream = 1, dts = 1550145344).
[mpegts @ 00000000004b12c0] PES packet size mismatch
[mpegts @ 00000000004b12c0] Packet corrupt (stream = 2, dts = 1550145344).
[mpegts @ 00000000004b12c0] PES packet size mismatch
[mpegts @ 00000000004b12c0] Packet corrupt (stream = 3, dts = 1550143184).
[mpegts @ 00000000004b12c0] PES packet size mismatch
[mpegts @ 00000000004b12c0] Packet corrupt (stream = 0, dts = 1550145344).
[mpegts @ 00000000004b12c0] PES packet size mismatch
[mpegts @ 00000000004b12c0] Packet corrupt (stream = 1, dts = 1550145344).
[mpegts @ 00000000004b12c0] PES packet size mismatch
[mpegts @ 00000000004b12c0] Packet corrupt (stream = 2, dts = 1550145344).
[mpegts @ 00000000004b12c0] PES packet size mismatch
[mpegts @ 00000000004b12c0] Packet corrupt (stream = 3, dts = 1550143184).
Input #0, mpegts, from 'testcard_original.ts':
  Duration: 00:00:02.86, start: 17221.437156, bitrate: 13175 kb/s
  Program 1
    Metadata:
      service_name    : IMG3 EU
      service_provider: CM5000
  Stream #0:0[0x1010]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:1[0x1020]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:2[0x1030]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:3[0x1040]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:4[0x200]: Video: h264 (High) ([27][0][0][0] / 0x001B), yuv420p(tv, bt709, top first), 1920x1080 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 90k tbn

Stream mapping:
  Stream #0:4 -> #0:0 (h264 (native) -> mpeg2video (native))
  Stream #0:0 -> #0:1 (mp2 (native) -> mp2 (native))
Press [q] to stop, [?] for help
Output #0, mpegts, to 'testcard.ts':
  Metadata:
    encoder        : Lavf59.17.101
  Stream #0:0: Video: mpeg2video (Main), yuv420p(tv, bt709, top coded first (swapped)), 1920x1080 [SAR 1:1 DAR 16:9], q=2-31, 10000 kb/s, 25 fps, 90k tbn
    Metadata:
      encoder        : Lavc59.20.100 mpeg2video
    Side data:
      cpb: bitrate max/min/avg: 0/0/10000000 buffer size: 0 vbv_delay: N/A
  Stream #0:1: Audio: mp2, 48000 Hz, stereo, s16, 192 kb/s
    Metadata:
      encoder        : Lavc59.20.100 mp2
[mpegts @ 00000000004b12c0] PES packet size mismatch:00.44 bitrate=  0.0kbits/s speed=8.17x
[mpegts @ 00000000004b12c0] Packet corrupt (stream = 0, dts = 1550145344).
frame=  60 fps=0.0 q=2.0 Lsize=    3387kB time=00:00:02.76 bitrate=10053.9kbits/s speed=8.21x
video:601kB audio:56kB subtitle:0kB other streams:0kB global headers:0kB muxing overhead: 415.017242%

As we said we now have a new Clean TS file called testcard.ts Lets work with it.

Now lets remove all TS and PES headers leaving Only a Compound Video &
Audio ES.

> ts2es testcard.ts testcard.ts.es
> dir

Results

> ts2es testcard.ts testcard.ts.es
Reading from testcard.ts
Writing to  testcard.ts.es
Extracting video
Locating first PAT
Found PAT after reading 2 packets

Program list:
    Program 1 -> PID 1000 (4096)

Locating next PMT
Found start of PMT with PID 1000 (4096) after reading 1 packet

Program map
  Program 1, version 0, PCR PID 0100 (256)
  Program streams:
    PID 0100 ( 256) -> Stream type 02 (  2) H.262/13818-2 video (MPEG-2) or 11172-2 constrained video
    PID 0101 ( 257) -> Stream type 03 (  3) 11172-3 audio (MPEG-1)

Extracting video PID 0100 (256)
Extracted 3386 of 18447 TS packets

>
> dir
 Volume in drive C is Win7
 Volume Serial Number is 2841-1C80

 Directory of C:\Apps\Home\cryptodir\Labs\002

10/11/2023  05:49 AM    <DIR>          .
10/11/2023  05:49 AM    <DIR>          ..
10/11/2023  05:46 AM        3,468,600 testcard.ts
10/11/2023  05:49 AM          615,892 testcard.ts.es
07/01/2021  05:33 AM        4,703,760 testcard_original.ts
12/26/2021  02:00 PM          575,081 testcard_original.ts.zip
              4 File(s)      9,363,333 bytes
              2 Dir(s)  139,663,704,064 bytes free

This command can show some info. Like how the es file is structured.

> esdots -v testcard.ts.es

Notice that We went from 4.5MM - 3.3MB to 601KB and still playable

> ffplay -autoexit -hide_banner testcard.ts.es

Results

C:\Apps\Home\cryptodir\Labs\002>esdots -v testcard.ts.es
Reading from testcard.ts.es
Input appears to be MPEG-2 (H.262)

Each character represents a single H.262 item
Pictures are represented according to their picture coding
type, and the slices within a picture are not shown.
    i means an I picture
    p means a  P picture
    b means a  B picture
    d means a  D picture (these should not occur in MPEG-2)
    x means some other picture (such should not occur)
Other items are represented as follows:
    [ means a  Sequence header
    > means a  Group Start header
    E means an Extension start header
    U means a  User data header
    X means a  Sequence Error
    ] means a  Sequence End
    R means a  Reserved item
    ? means something else. This may indicate that the stream
      is not an ES representing H.262 (it might, for instance
      be PES)

[EE>
 0 minutes
iEpEpEpEpEpEpEpEpEpEpEpE[EE>iEpEpEpEpEpEpEpEpEpEpEpE[EE>iEpEpEpEpEpEpEpEpEpEpEpE[EE>iEpEpEpEpEpEpEpEpEpEpEpE[EE>iEpEpEpEpEpEpEpEpEpEpEpE
Found 4220 MPEG2 items
5 I, 55 P, 0 B
GOP times (s): max=0.4800, min=0.4800, mean=0.480000 (frame rate = 25.00)

To continue...

 

[cayoenrique]

LAB002 PART III

NOTE: I now you are a Windows user and hates Linux. But we are going to need some commands that are not native in windows. For this we are going to get busybox for windows.

Prerequisite
od - Is a octal and hexadecimal binary to dump program
busybox for windows - is a multi-call binary that combines many common Unix utilities into a single executable. We are going to use it to get od for windows

Download the following BusyBox for windows
BusyBox-1.33_Win32.zip 331.5Kb

https://sourceforge.net/projects/busybox-for-windows/files/BusyBox-1.33_Win32.zip/download

[WINKEY]+R  CMD [ENTER]
> cd C:\Apps\Home\cryptodir\Labs\002
> 7z x BusyBox-1.33_Win32.zip
> copy BusyBox-1.33_Win32\busybox.exe C:\Apps\home\bin\
> rmdir /s /f BusyBox-1.33_Win32
> move BusyBox-1.33_Win32.zip C:\Apps\home\zipfiles

For the porpouse of simplicity I want only the Audio pid ES. Note it seems that 1rst Audio Pid with PUSI is at 3. Then after trial and error I found I need a minimum of 7 TS so that ffplay can play the sound. The end result is a file with 4 TS.

> dvbsnoop.exe -if testcard.ts -s ts -b 0x101 -n 8 > testcard_APID=0x0101_4ts.ts

Lets transform TS to ES

> ts2es.exe testcard_APID=0x0101_4ts.ts -pid 0x0101 testcard_APID=0x0101_4ts.es

Now lets compare the differences

> busybox.exe od -t x1 --width=47 testcard_APID=0x0101_4ts.ts
0000000 47 41 01 30 01 40 00 00 01 c0 0b 48 80 80 05 21 00 07 d8 61 ff fd a4 04 66 33 33 44 33 44 44 22 33 33 33 6d b6 e4 6c 90 00 00 00 00 00 00 ff
0000057 0a aa aa ab ea be aa a8 dd 8d d9 0c 90 c8 9d da 27 76 d7 5d b6 d7 4d 74 d3 5d 36 d7 ad ba d3 6d b5 cf 5c b9 d3 4d 34 be fc 30 7e f9 f3 f7 cf
0000136 5d dd dd dd dd dd db d5 b1 b6 e4 9c 61 73 05 12 4a 9a 36 9b 65 b1 24 ae 46 63 4d b2 e1 57 38 da 23 dd a2 91 b5 df 3d 7c f9 eb e7 77 77 77 77
0000215 77 74 19 10 65 26 67 c8 89 12 44 9c b9 4d 36 9a 69 2b 74 93 4b 25 28 94 36 cd c4 69 11 45 12 a3 a7 cf dd 3e 7e e9 de 5d e1 dd dd dc be 55 c3
0000274 47 01 01 1182 c9 f2 bb 58 4c 80 e6 dd 8e e6 d4 63 6d 25 85 48 93 24 0c 5c 89 12 40 0a 45 1b de 32 6e 91 d2 f4 8e a8 ea 64 06 40 68 5b b5 8b
0000353 22 7b 88 4a 52 b6 12 48 a4 79 47 01 9b 58 ec 4f 22 90 0a b9 5c 30 0f 44 91 26 3a 4d 8c b2 6c 65 9d e1 de 0c 84 c8 56 a2 e1 94 13 98 27 46 a5
0000432 0a 0e a5 3c c3 65 06 b6 9b 47 64 b0 80 88 8d 3a cc b4 24 a2 51 d5 ef 6a 07 7b 50 3e 24 e2 41 24 12 45 61 4f 4d 1c 62 18 3c 0f 2a 37 1e c8 c0
0000511 c9 82 3b 56 af 68 ee 48 a4 ac 77 34 49 59 20 90 75 a9 1c 81 48 e4 0b 89 38 91 59 d5 9d 2e 34 c8 4d 26 25 2d 68 95 a4 b3 4a 6b 35 58 6a 46 ac
0000570 47 01 01 12 8d cb 02 65 a9 1c 8d 08 2e 09 20 1d 6a 3f 30 51 f9 82 e2 4e 24 77 77 77 52 94 a2 d3 66 19 71 95 35 70 08 79 16 6d 18 04 b2 d9 b2
0000647 79 b2 8a 25 d4 e1 1c 06 62 82 42 f6 8f cc 14 7e 60 b8 93 89 20 82 08 16 35 8c b4 5a 84 a1 13 dd 51 48 2e 47 2d 32 89 24 d6 e7 73 b9 34 9a 92
0000726 48 d0 94 24 80 41 d6 a3 f3 05 1f 98 2e 24 e2 4a 08 80 a3 00 ca 6e 32 ab 4a f4 55 05 95 3e 8d a8 c3 41 5b 24 ae 55 a3 4d a6 9c d6 60 5c 15 24
0001005 a4 75 78 fc c1 47 e6 0b 89 38 92 8d b1 19 5a 42 5c 6d c8 69 c7 01 0b 8a 26 e5 6e b2 71 16 45 1a ae cb 0a 44 ab 53 8c a6 30 92 28 ab c6 3f 30
0001064 47 01 01 13 51 f9 82 e2 4e 24 d6 5b 69 53 d0 08 9c 29 88 71 c5 60 3d 08 c4 d9 34 a6 1a 8d 66 de b5 44 12 46 47 2c 32 d6 32 51 26 3a ff fd a4
0001143 04 66 43 33 44 33 44 44 22 33 33 43 6d b6 e4 6c 90 00 00 00 00 00 00 aa aa aa aa ea 2a aa aa a7 5d 30 cd b5 db 7e 36 d7 5c f3 d3 4d b7 d7 4d
0001222 78 cf 6d 35 db 3c f4 d7 4d 6f bf 0c 23 f3 05 1f 98 2f 19 3c 49 0c d0 80 a9 a2 6c 06 dc 45 34 0d 4a d8 b1 8c cb 28 4c 47 54 c9 73 4a d4 4b 42
0001301 45 aa 56 06 34 4a 43 59 8f cc 14 7e 60 bc 64 f1 23 ba 3a 89 5c fd 49 1b 6e c4 24 ae b4 49 43 4a f4 82 41 25 0f 66 b5 bb 49 4d 2d 5d 88 be 17

> busybox.exe od -t x1 --width=32 testcard_APID=0x0101_4ts.es
0000000 ff fd a4 04 66 33 33 44 33 44 44 22 33 33 33 6d b6 e4 6c 90 00 00 00 00 00 00 ff 0a aa aa ab ea
0000040 be aa a8 dd 8d d9 0c 90 c8 9d da 27 76 d7 5d b6 d7 4d 74 d3 5d 36 d7 ad ba d3 6d b5 cf 5c b9 d3
0000100 4d 34 be fc 30 7e f9 f3 f7 cf 5d dd dd dd dd dd db d5 b1 b6 e4 9c 61 73 05 12 4a 9a 36 9b 65 b1
0000140 24 ae 46 63 4d b2 e1 57 38 da 23 dd a2 91 b5 df 3d 7c f9 eb e7 77 77 77 77 77 74 19 10 65 26 67
0000200 c8 89 12 44 9c b9 4d 36 9a 69 2b 74 93 4b 25 28 94 36 cd c4 69 11 45 12 a3 a7 cf dd 3e 7e e9 de
0000240 5d e1 dd dd dc be 55 c3 82 c9 f2 bb 58 4c 80 e6 dd 8e e6 d4 63 6d 25 85 48 93 24 0c 5c 89 12 40
0000300 0a 45 1b de 32 6e 91 d2 f4 8e a8 ea 64 06 40 68 5b b5 8b 22 7b 88 4a 52 b6 12 48 a4 79 47 01 9b
0000340 58 ec 4f 22 90 0a b9 5c 30 0f 44 91 26 3a 4d 8c b2 6c 65 9d e1 de 0c 84 c8 56 a2 e1 94 13 98 27
0000400 46 a5 0a 0e a5 3c c3 65 06 b6 9b 47 64 b0 80 88 8d 3a cc b4 24 a2 51 d5 ef 6a 07 7b 50 3e 24 e2
0000440 41 24 12 45 61 4f 4d 1c 62 18 3c 0f 2a 37 1e c8 c0 c9 82 3b 56 af 68 ee 48 a4 ac 77 34 49 59 20
0000500 90 75 a9 1c 81 48 e4 0b 89 38 91 59 d5 9d 2e 34 c8 4d 26 25 2d 68 95 a4 b3 4a 6b 35 58 6a 46 ac
0000540 8d cb 02 65 a9 1c 8d 08 2e 09 20 1d 6a 3f 30 51 f9 82 e2 4e 24 77 77 77 52 94 a2 d3 66 19 71 95
0000600 35 70 08 79 16 6d 18 04 b2 d9 b2 79 b2 8a 25 d4 e1 1c 06 62 82 42 f6 8f cc 14 7e 60 b8 93 89 20
0000640 82 08 16 35 8c b4 5a 84 a1 13 dd 51 48 2e 47 2d 32 89 24 d6 e7 73 b9 34 9a 92 48 d0 94 24 80 41
0000700 d6 a3 f3 05 1f 98 2e 24 e2 4a 08 80 a3 00 ca 6e 32 ab 4a f4 55 05 95 3e 8d a8 c3 41 5b 24 ae 55
0000740 a3 4d a6 9c d6 60 5c 15 24 a4 75 78 fc c1 47 e6 0b 89 38 92 8d b1 19 5a 42 5c 6d c8 69 c7 01 0b
0001000 8a 26 e5 6e b2 71 16 45 1a ae cb 0a 44 ab 53 8c a6 30 92 28 ab c6 3f 30 51 f9 82 e2 4e 24 d6 5b
0001040 69 53 d0 08 9c 29 88 71 c5 60 3d 08 c4 d9 34 a6 1a 8d 66 de b5 44 12 46 47 2c 32 d6 32 51 26 3a
0001100 ff fd a4 04 66 43 33 44 33 44 44 22 33 33 43 6d b6 e4 6c 90 00 00 00 00 00 00 aa aa aa aa ea 2a
0001140 aa aa a7 5d 30 cd b5 db 7e 36 d7 5c f3 d3 4d b7 d7 4d 78 cf 6d 35 db 3c f4 d7 4d 6f bf 0c 23 f3
0001200 05 1f 98 2f 19 3c 49 0c d0 80 a9 a2 6c 06 dc 45 34 0d 4a d8 b1 8c cb 28 4c 47 54 c9 73 4a d4 4b
0001240 42 45 aa 56 06 34 4a 43 59 8f cc 14 7e 60 bc 64 f1 23 ba 3a 89 5c fd 49 1b 6e c4 24 ae b4 49 43
0001300 4a f4 82 41 25 0f 66 b5 bb 49 4d 2d 5d 88 be 17

Lets Check the TS structure
47 41 01 30 This is TS HEADER, LOOK closely second 4 means PUSI=1
01 40 This is Adaptation Filed
00 00 01 c0 0b 48 80 80 05 21 00 07 d8 61 This is PES ( 6 byte BOLD are PES HEADER)
ff fd a4 04 66 33 33 44 33 44 44 22 33 33 33 6d b6 e4 6c 90 00 00 00 00 00 00 ff This is ES

Lets see if ts play

> ffplay.exe -autoexit -hide_banner testcard_APID=0x0101_4ts.ts

Lets see if es play

> ffplay.exe -autoexit -hide_banner testcard_APID=0x0101_4ts.es

 

[Me2019H]

LAB002 PART III
there are error

C:\Apps\home\cryptodir\Labs\002>dvbsnoop.exe -if testcard.ts -s ts -b 0x101 -n 8
> testcard_APID=0x0101_4ts.ts

C:\Apps\home\cryptodir\Labs\002>ts2es.exe testcard_APID=0x0101_4ts.ts -pid 0x010
1 testcard_APID=0x0101_4ts.es
### Error opening file testcard_APID=0x0101_4ts.ts for read: No such file or dir
ectory
### ts2es: Unable to open input file testcard_APID=0x0101_4ts.ts

C:\Apps\home\cryptodir\Labs\002>busybox.exe od -t x1 --width=47 testcard_APID=0x
0101_4ts.ts
od: testcard_APID=0x0101_4ts.ts: No such file or directory

C:\Apps\home\cryptodir\Labs\002>cd C:\Apps\home\bin

C:\Apps\home\bin>busybox.exe od -t x1 --width=47 testcard_APID=0x0101_4ts.ts
od: testcard_APID=0x0101_4ts.ts: No such file or directory

C:\Apps\home\bin>cd C:\Apps\Home\cryptodir\Labs\002

C:\Apps\home\cryptodir\Labs\002>ffplay.exe -autoexit -hide_banner testcard_APID=
0x0101_4ts.ts
testcard_APID=0x0101_4ts.ts: No such file or directory 0B f=0/0


C:\Apps\home\cryptodir\Labs\002>ffplay.exe -autoexit -hide_banner testcard_APID=
0x0101_4ts.es
testcard_APID=0x0101_4ts.es: No such file or directory 0B f=0/0

 

[cayoenrique]

@Me2019H
I am testing all this in Linux using wine cmd.
Yes from time to time we could find something that works in wine but not in REAL W7, W10 or W11. I will post nest LAB and will take a look in W7. See you soon with the answer.

 

[cayoenrique]

LAB002 PART IV

Up to now I had presented you with a mixture of various tools for Windows CMD. Finding alternatives that can execute in Windows has been a hard work to me. Required LOTS of my time.
But here we are, with this tools you are now an EXPERT in MPEG Video:

With ffplay, ffprobe, ffmpeg you can now perform MPEG Video Transcoding and repairing.
Dvbsnoop allow you to easily manipulate FULL Transponder and get Pids you only want.
TS-tools allow you the split or merge ts to pes to es.
busybox allow you to mimic basic Linux Bash commands but in Windows. Very nice to parse display info.

Now let me show you a few more that you can do to Analise with ffprobe

Simple Sumary
ffprobe -hide_banner -i testcard_original.ts

Trace - show the sequence of pid in the stream
ffprobe -hide_banner -i testcard_original.ts -v trace

Format - show the format of the stream
ffprobe -hide_banner -i testcard_original.ts -show_format

Streams - List detail info of all streams
ffprobe -hide_banner -i testcard_original.ts -show_streams

Windows CMDs
To redirect the display to a file we use >
To pipe the Output from CMD1 to the be Input of CMD2 we use |
To append to a file without deleting what was already we use >>
To join both STDOUT and STDERR we use 2>&1

Busybox
It can simulate many bash utilities. I will explain a few so that you can understand the power of busybox.

Lets perform an example[/b]

>ffprobe -hide_banner -i testcard_original.ts
[mpegts @ 00000000003788c0] PES packet size mismatch
[mpegts @ 00000000003788c0] Packet corrupt (stream = 0, dts = 1550145344).
[mpegts @ 00000000003788c0] PES packet size mismatch
[mpegts @ 00000000003788c0] Packet corrupt (stream = 1, dts = 1550145344).
[mpegts @ 00000000003788c0] PES packet size mismatch
[mpegts @ 00000000003788c0] Packet corrupt (stream = 2, dts = 1550145344).
[mpegts @ 00000000003788c0] PES packet size mismatch
[mpegts @ 00000000003788c0] Packet corrupt (stream = 3, dts = 1550143184).
[mpegts @ 00000000003788c0] PES packet size mismatch
[mpegts @ 00000000003788c0] Packet corrupt (stream = 0, dts = 1550145344).
[mpegts @ 00000000003788c0] PES packet size mismatch
[mpegts @ 00000000003788c0] Packet corrupt (stream = 1, dts = 1550145344).
[mpegts @ 00000000003788c0] PES packet size mismatch
[mpegts @ 00000000003788c0] Packet corrupt (stream = 2, dts = 1550145344).
[mpegts @ 00000000003788c0] PES packet size mismatch
[mpegts @ 00000000003788c0] Packet corrupt (stream = 3, dts = 1550143184).
Input #0, mpegts, from 'testcard_original.ts':
  Duration: 00:00:02.86, start: 17221.437156, bitrate: 13175 kb/s
  Program 1 
    Metadata:
      service_name    : IMG3 EU
      service_provider: CM5000
  Stream #0:0[0x1010]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:1[0x1020]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:2[0x1030]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:3[0x1040]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:4[0x200]: Video: h264 (High) ([27][0][0][0] / 0x001B), yuv420p(tv, bt709, top first), 1920x1080 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 90k tbn

As you can see, ffprobe tell us this file have 1 TV Program called IMG3 EU. This service is channel 1 and is composed of Video PID 0x200 + 3 Audio PIDs 0x1010 0x1020 0x1030 0x1040.

Now lets say I just want to be reported what is the Video PID. Then I can use Busybox to parse the whole information so that the output just show the Video PID.

NOTE: Most windows programs display output via STDOUT. Some programmers send error to a different display called STDERR.
ffprobe was written to output data in this way some goes to STDOUT and other goes to STDERR. To ensure that we capture both STDOUT and STDERR we need to use at the end 2>&1.
2>&1 will combine STDOUT and STDERR as it is only one STDOUT. So no missing info will be lost.

First let show you the power of >

> ffprobe -hide_banner -i testcard_original.ts > out.txt 2>&1

As you can see now we do not see the result in the screen. Instead it is been save ALL STDOUT and STDERR to out.txt

Now if we want to echo back to display what is in out.txt we do

busybox cat out.txt

Now I want just Video PID. I can CAT out.txt and parse the data via pipe |.
The I use grep. Grep will show me what is in a single line that contains a match.[/b]

> busybox cat out.txt | busybox grep -e "Video"
  Stream #0:4[0x200]: Video: h264 (High) ([27][0][0][0] / 0x001B), yuv420p(tv, bt709, top first), 1920x1080 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 90k tbn

Still to much information on that line I only what to see the pid number. I notice the pid is after [
I can use cut -f 2 -d "[". This mean give the column 2 after the single character [

> busybox cat out.txt | busybox grep -e "Video" | busybox cut -f 2 -d "["
0x200]: Video: h264 (High) (

Still too much information I wanted only the Pid number. So this time I want column 1 before ]

> busybox cat out.txt | busybox grep -e "Video" | busybox cut -f 2 -d "[" | busybox cut -f 1 -d "]"
0x200

SUCCESS!! now I can see just what I wanted.
With bash or Windows CMDs we can force a program to display just what we want without having to rewrite the original program.
PLEASE Open your mind, In the future I could use this script to send 0x200 as an Imput of another program. See the point!!
Yes it takes time to master all.

Now I prepare a folder with some pdf and chm for you to have them handy. Read what you can and master how this programs works.

Download man_help_chm.zip (1.09 MB) to C:\Apps\Home\cryptodir\Labs\002

https://workupload.com/file/RFvB64LY2V5

[WINKEY]+R  CMD [ENTER]
> cd C:\Apps\Home\cryptodir\Labs\002
> 7z x man_help_chm.zip
> xcopy /s /e man_help_chm\ C:\Apps\home\man_help_chm\
> rmdir /s /f man_help_chm
> move man_help_chm.zip C:\Apps\home\zipfiles

Now you can go to C:\Apps\home\man_help_chm to start studding this commands

 

[cayoenrique]

@Me2019H well @all in fact.

LAB002 PART III Corrections

It turns out that Windows CMD batch commands are base in MSDOS.
In the MSDOS era ( the Origin of MS ) when files where transmitted by modem a Software DOS EOF (0x1A) character was append at the end of a file.
Today Windows adopted dos redirection >. When it see (0x1A) well it interpret it as it reach the End Of The File!!!. So it stop doing whatever was ask to do.
I know stupidity.

To resolve this MS problem with redirection of binary files. Then we can use busybox as a Linux shell sh. So we can re-write the command like this.

busybox sh -c "dvbsnoop.exe -if testcard.ts -s ts -b 0x101 -n 8 > testcard_APID=0x0101_4ts.ts"

The rest can be still used as is.

To resume, and do not forget.
When ever we pipe binary data in Windows with >, will have to add extra few words

busybox ssh -c "..."

Again this is while in W7, W10 or W11 for now.


NOTE: Problem: At this point you really are starting to hate to type busybox in front of command stolen from Linux.

Possible Solution A. You are one of the guys that did accepted my suggestion and did install msys2 at the beginning of the OpenCL tutorial. Then you have to do NOTHING.
People with MSYS2 have the advantage of Working In W7-11 and having the advantage of full Linux commands in CMD. Well in same cases you do open a MSYS2 terminal.
Pluss you can use their package management to install most Linux programs.

Possible Solution B. There is the original MSYS1. Witch is very small. And again you can have basic Linux bash.

Possible Solution C. This is the most simplistic. What I did ask you. Use busybox for Windows. Then when ever you are force to have a Linux bash command you do it like we been sugesting. Like busybox cmd.
This have the advantage that require only one file busybox of size 566Kb.

Possible;e solution D. Is almost same as C, This have the advantage that require only one file busybox of size 566Kb. But then you add a bunch of Software Links. This links almost do not occupy space 1k per link.
But have the advantage that you no longer have to type busybox only the bash command name.

For those that may want to use this method I prepare a bat script that will create those links for you.

Download the following busybox_win_install.zip (1.74 KB) in to C:\Apps\Home\cryptodir\Labs\002

https://workupload.com/file/eJKGXFGef69

WINKEY]+R  CMD [ENTER]
> cd C:\Apps\Home\cryptodir\Labs\002
> 7z x busybox_win_install.zip
> copy busybox_win_install\busybox_link_install.bat C:\Apps\home\bin\
> copy busybox_win_install\busybox_link_uninstall.bat C:\Apps\home\bin\
> rmdir /s /f busybox_win_install
> move busybox_win_install.zip C:\Apps\home\zipfiles
>
> cd C:\Apps\Home\bin
> busybox_link_install.bat
>

OK Up to here I have show how to manipulate ts files using the CMD terminal in windows. This way Is the best for teaching. You all go by doing Copy & Paste line by line and you get exactly what you do. As you see there is hardly anyone asking because there is almost no chance to make an error. Next I will show you how to Parse a Full Transponder doing it the Windows GUI way. We will be using Transedit. And you may see many questions if we have newbies. Yes the Windows way require that for every step( command line) you write an essay. HEHEHEHE.. Then there will be the ones that ask for Pictures and Movies.

Now if you are a newbie and want to learn YOU HAVE TO ASK. Do not worry this is how things has been done since the Stone Age.

 

[Me2019H]

C:\Apps\home\bin>cd C:\Apps\Home\cryptodir\Labs\002

C:\Apps\home\cryptodir\Labs\002>busybox sh -c "dvbsnoop.exe -if testcard.ts -s ts -b 0x101 -n 8 > testcard_APID=0x0101_4ts.ts"

C:\Apps\home\cryptodir\Labs\002>dvbsnoop.exe -if testcard.ts -s ts -b 0x101 -n 8 > testcard_APID=0x0101_4ts.ts

C:\Apps\home\cryptodir\Labs\002>ts2es.exe testcard_APID=0x0101_4ts.ts -pid 0x0101 testcard_APID=0x0101_4ts.es
Reading from testcard_APID=0x0101_4ts.ts
Writing to testcard_APID=0x0101_4ts.es
Extracting packets for PID 0101 (257)
Extracted 4 of 4 TS packets

C:\Apps\home\cryptodir\Labs\002>busybox.exe od -t x1 --width=47 testcard_APID=0x0101_4ts.ts
0000000 47 41 01 30 01 40 00 00 01 c0 0b 48 80 80 05 21 00 07 d8 61 ff fd a4 04 66 33 33 44 33 44 44 22 33 33 33 6d b6 e4 6c 90 00 00 00 00 00 00 ff
0000057 0a aa aa ab ea be aa a8 dd 8d d9 0c 90 c8 9d da 27 76 d7 5d b6 d7 4d 74 d3 5d 36 d7 ad ba d3 6d b5 cf 5c b9 d3 4d 34 be fc 30 7e f9 f3 f7 cf
0000136 5d dd dd dd dd dd db d5 b1 b6 e4 9c 61 73 05 12 4a 9a 36 9b 65 b1 24 ae 46 63 4d b2 e1 57 38 da 23 dd a2 91 b5 df 3d 7c f9 eb e7 77 77 77 77
0000215 77 74 19 10 65 26 67 c8 89 12 44 9c b9 4d 36 9a 69 2b 74 93 4b 25 28 94 36 cd c4 69 11 45 12 a3 a7 cf dd 3e 7e e9 de 5d e1 dd dd dc be 55 c3
0000274 47 01 01 11 82 c9 f2 bb 58 4c 80 e6 dd 8e e6 d4 63 6d 25 85 48 93 24 0c 5c 89 12 40 0a 45 1b de 32 6e 91 d2 f4 8e a8 ea 64 06 40 68 5b b5 8b
0000353 22 7b 88 4a 52 b6 12 48 a4 79 47 01 9b 58 ec 4f 22 90 0a b9 5c 30 0f 44 91 26 3a 4d 8c b2 6c 65 9d e1 de 0c 84 c8 56 a2 e1 94 13 98 27 46 a5
0000432 0a 0e a5 3c c3 65 06 b6 9b 47 64 b0 80 88 8d 3a cc b4 24 a2 51 d5 ef 6a 07 7b 50 3e 24 e2 41 24 12 45 61 4f 4d 1c 62 18 3c 0f 2a 37 1e c8 c0
0000511 c9 82 3b 56 af 68 ee 48 a4 ac 77 34 49 59 20 90 75 a9 1c 81 48 e4 0b 89 38 91 59 d5 9d 2e 34 c8 4d 26 25 2d 68 95 a4 b3 4a 6b 35 58 6a 46 ac
0000570 47 01 01 12 8d cb 02 65 a9 1c 8d 08 2e 09 20 1d 6a 3f 30 51 f9 82 e2 4e 24 77 77 77 52 94 a2 d3 66 19 71 95 35 70 08 79 16 6d 18 04 b2 d9 b2
0000647 79 b2 8a 25 d4 e1 1c 06 62 82 42 f6 8f cc 14 7e 60 b8 93 89 20 82 08 16 35 8c b4 5a 84 a1 13 dd 51 48 2e 47 2d 32 89 24 d6 e7 73 b9 34 9a 92
0000726 48 d0 94 24 80 41 d6 a3 f3 05 1f 98 2e 24 e2 4a 08 80 a3 00 ca 6e 32 ab 4a f4 55 05 95 3e 8d a8 c3 41 5b 24 ae 55 a3 4d a6 9c d6 60 5c 15 24
0001005 a4 75 78 fc c1 47 e6 0b 89 38 92 8d b1 19 5a 42 5c 6d c8 69 c7 01 0b 8a 26 e5 6e b2 71 16 45 1a ae cb 0a 44 ab 53 8c a6 30 92 28 ab c6 3f 30
0001064 47 01 01 13 51 f9 82 e2 4e 24 d6 5b 69 53 d0 08 9c 29 88 71 c5 60 3d 08 c4 d9 34 a6 1a 8d 66 de b5 44 12 46 47 2c 32 d6 32 51 26 3a ff fd a4
0001143 04 66 43 33 44 33 44 44 22 33 33 43 6d b6 e4 6c 90 00 00 00 00 00 00 aa aa aa aa ea 2a aa aa a7 5d 30 cd b5 db 7e 36 d7 5c f3 d3 4d b7 d7 4d
0001222 78 cf 6d 35 db 3c f4 d7 4d 6f bf 0c 23 f3 05 1f 98 2f 19 3c 49 0c d0 80 a9 a2 6c 06 dc 45 34 0d 4a d8 b1 8c cb 28 4c 47 54 c9 73 4a d4 4b 42
0001301 45 aa 56 06 34 4a 43 59 8f cc 14 7e 60 bc 64 f1 23 ba 3a 89 5c fd 49 1b 6e c4 24 ae b4 49 43 4a f4 82 41 25 0f 66 b5 bb 49 4d 2d 5d 88 be 17
0001360

C:\Apps\home\cryptodir\Labs\002>busybox.exe od -t x1 --width=32 testcard_APID=0x0101_4ts.es
0000000 ff fd a4 04 66 33 33 44 33 44 44 22 33 33 33 6d b6 e4 6c 90 00 00 00 00 00 00 ff 0a aa aa ab ea
0000040 be aa a8 dd 8d d9 0c 90 c8 9d da 27 76 d7 5d b6 d7 4d 74 d3 5d 36 d7 ad ba d3 6d b5 cf 5c b9 d3
0000100 4d 34 be fc 30 7e f9 f3 f7 cf 5d dd dd dd dd dd db d5 b1 b6 e4 9c 61 73 05 12 4a 9a 36 9b 65 b1
0000140 24 ae 46 63 4d b2 e1 57 38 da 23 dd a2 91 b5 df 3d 7c f9 eb e7 77 77 77 77 77 74 19 10 65 26 67
0000200 c8 89 12 44 9c b9 4d 36 9a 69 2b 74 93 4b 25 28 94 36 cd c4 69 11 45 12 a3 a7 cf dd 3e 7e e9 de
0000240 5d e1 dd dd dc be 55 c3 82 c9 f2 bb 58 4c 80 e6 dd 8e e6 d4 63 6d 25 85 48 93 24 0c 5c 89 12 40
0000300 0a 45 1b de 32 6e 91 d2 f4 8e a8 ea 64 06 40 68 5b b5 8b 22 7b 88 4a 52 b6 12 48 a4 79 47 01 9b
0000340 58 ec 4f 22 90 0a b9 5c 30 0f 44 91 26 3a 4d 8c b2 6c 65 9d e1 de 0c 84 c8 56 a2 e1 94 13 98 27
0000400 46 a5 0a 0e a5 3c c3 65 06 b6 9b 47 64 b0 80 88 8d 3a cc b4 24 a2 51 d5 ef 6a 07 7b 50 3e 24 e2
0000440 41 24 12 45 61 4f 4d 1c 62 18 3c 0f 2a 37 1e c8 c0 c9 82 3b 56 af 68 ee 48 a4 ac 77 34 49 59 20
0000500 90 75 a9 1c 81 48 e4 0b 89 38 91 59 d5 9d 2e 34 c8 4d 26 25 2d 68 95 a4 b3 4a 6b 35 58 6a 46 ac
0000540 8d cb 02 65 a9 1c 8d 08 2e 09 20 1d 6a 3f 30 51 f9 82 e2 4e 24 77 77 77 52 94 a2 d3 66 19 71 95
0000600 35 70 08 79 16 6d 18 04 b2 d9 b2 79 b2 8a 25 d4 e1 1c 06 62 82 42 f6 8f cc 14 7e 60 b8 93 89 20
0000640 82 08 16 35 8c b4 5a 84 a1 13 dd 51 48 2e 47 2d 32 89 24 d6 e7 73 b9 34 9a 92 48 d0 94 24 80 41
0000700 d6 a3 f3 05 1f 98 2e 24 e2 4a 08 80 a3 00 ca 6e 32 ab 4a f4 55 05 95 3e 8d a8 c3 41 5b 24 ae 55
0000740 a3 4d a6 9c d6 60 5c 15 24 a4 75 78 fc c1 47 e6 0b 89 38 92 8d b1 19 5a 42 5c 6d c8 69 c7 01 0b
0001000 8a 26 e5 6e b2 71 16 45 1a ae cb 0a 44 ab 53 8c a6 30 92 28 ab c6 3f 30 51 f9 82 e2 4e 24 d6 5b
0001040 69 53 d0 08 9c 29 88 71 c5 60 3d 08 c4 d9 34 a6 1a 8d 66 de b5 44 12 46 47 2c 32 d6 32 51 26 3a
0001100 ff fd a4 04 66 43 33 44 33 44 44 22 33 33 43 6d b6 e4 6c 90 00 00 00 00 00 00 aa aa aa aa ea 2a
0001140 aa aa a7 5d 30 cd b5 db 7e 36 d7 5c f3 d3 4d b7 d7 4d 78 cf 6d 35 db 3c f4 d7 4d 6f bf 0c 23 f3
0001200 05 1f 98 2f 19 3c 49 0c d0 80 a9 a2 6c 06 dc 45 34 0d 4a d8 b1 8c cb 28 4c 47 54 c9 73 4a d4 4b
0001240 42 45 aa 56 06 34 4a 43 59 8f cc 14 7e 60 bc 64 f1 23 ba 3a 89 5c fd 49 1b 6e c4 24 ae b4 49 43
0001300 4a f4 82 41 25 0f 66 b5 bb 49 4d 2d 5d 88 be 17
0001320

C:\Apps\home\cryptodir\Labs\002>ffplay.exe -autoexit -hide_banner testcard_APID=0x0101_4ts.ts
Access is denied.

C:\Apps\home\cryptodir\Labs\002>ffplay.exe -autoexit -hide_banner testcard_APID=0x0101_4ts.es
Access is denied.

This is the error message under windows for the last two commands

 

[cayoenrique]

This is just Windows having FUN with you!!

Let me have a quick explanation. I was ask to explain for Windows Users. And I was ask several time to stay away of heavy Linux co-installations like MSYS2. I then proceed with tutorials base on many times x86 or 32bit components, because then is same downloads for ALL x86 & x64. In any case most of the time time download are smaller. So most of the apps you have been using as 32 bit versions, witch Windows 64 bit should be able to execute and do. But from time to time Windows will play jokes on you, by saying certain apps HAVE TO be 64bit!!! I guess more MS stupidity! Now the machine I tested using Windows is a Windows Edition: Windows 7 Ultimate Edition and System type: 64-bit Operating System. And I do not see those errors. My best guess is that it may have to do with how many Windows Update you may have!

Let me show you. For simplicity among all lets use 7z as a file analyzer.

E:\CWD\Apps\home\bin>7z l dvbsnoop.exe | findstr "Characteristics CPU type"
CPU = x86
Characteristics = Executable 32-bit NoRelocs NoLineNums

E:\CWD\Apps\home\bin>7z l busybox.exe | findstr "Characteristics CPU type"
CPU = x86
Characteristics = Executable 32-bit NoRelocs NoLineNums NoLocalSyms NoDebugInfo

E:\CWD\Apps\home\bin>7z l es2ts.exe | findstr "Characteristics CPU type"
CPU = x64
Characteristics = Executable LargeAddress NoRelocs NoLineNums
DLL Characteristics = Relocated NX-Compatible 0x20

E:\CWD\Apps\home\zipfiles\ffmpeg-6.0-essentials_build\ffmpeg-6.0-essentials_build\bin>7z l ffplay.exe | findstr "Characteristics CPU type"
CPU = x64
Characteristics = Executable LargeAddress NoLineNums NoLocalSyms NoDebugInfo
DLL Characteristics = Relocated NX-Compatible 0x20

As you see some are x86 others are x64!! Some time I wonder I thought ALL where x86. Now you are in x64 because you did execute ts2es.exe witch is x64. As why you can do ts2es.exe and not ffplay.exe is a mystery!!.

I search web I found simpler and NOT clear attempt to solutions. Some suggest:

1) to run as Administrator to see if that work. I guess when you do
[WINKEY]+R then you right click on CMD and select Run as Administrator. then test ffplay --help just to see if it start.

2) I can not work tghe problem on my side, as I do not have the problem. But you could try to see if a dll is missing! by using a dll analyzer like in http://www.dependencywalker.com/
But this is time consuming and will require you to learn one more thing!!.

3) Best option is to get the files from a different source. Hopping they build it better.

Now from OpenCL tutorial if you did install MSYS2 is as simple task, and knowing we have mingw64 install this should be best option.

pacman -S mingw-w64-x86_64-ffmpeg

But if you what to try other cook builds here is what I got from the net.

https://ffmpeg.org/download.html say that the other official source is at:
https://github.com/BtbN/FFmpeg-Builds/releases
https://github.com/BtbN/FFmpeg-Builds/releases/download/latest/ffmpeg-master-latest-win64-gpl.zip  129 MB
https://github.com/BtbN/FFmpeg-Builds/releases/download/latest/ffmpeg-master-latest-win64-gpl-shared.zip 51.7 MB

Here another 
https://github.com/ShareX/FFmpeg/releases

This ones are from 2021!
https://github.com/mannyamorim/ffmpeg-windows-builds

Hope it helps

 

[Me2019H]

it work when i download https://github.com/BtbN/FFmpeg-Builds/releases/download/latest/ffmpeg-master-latest-win64-gpl.zip

C:\Apps\home\cryptodir\Labs\002>ffplay.exe -autoexit -hide_banner testcard_APID=0x0101_4ts.ts
[mpegts @ 0000000005bf9dc0] Format mpegts detected only with low score of 2, misdetection possible!
[mpegts @ 0000000005bf9dc0] Could not detect TS packet size, defaulting to non-FEC/DVHS
[mpegts @ 0000000005bf9dc0] PES packet size mismatch
[mpegts @ 0000000005bf9dc0] Packet corrupt (stream = 0, dts = 126000).
[mpegts @ 0000000005bf9dc0] PES packet size mismatch= 0B f=0/0
[mpegts @ 0000000005bf9dc0] Packet corrupt (stream = 0, dts = 126000).
Input #0, mpegts, from 'testcard_APID=0x0101_4ts.ts':
Duration: 00:00:00.02, start: 1.400000, bitrate: 250 kb/s
Stream #0:0[0x101]: Audio: mp2, 48000 Hz, stereo, s16p, 192 kb/s
[mpegts @ 0000000005bf9dc0] PES packet size mismatch
[mpegts @ 0000000005bf9dc0] Packet corrupt (stream = 0, dts = 126000).
1.43 M-A: -0.000 fd= 0 aq= 0KB vq= 0KB sq= 0B f=0/0

C:\Apps\home\cryptodir\Labs\002>ffplay.exe -autoexit -hide_banner testcard_APID=0x0101_4ts.es
[mp3 @ 0000000006c1c380] Format mp3 detected only with low score of 1, misdetection possible!
[mp3 @ 0000000006c1c380] Estimating duration from bitrate, this may be inaccurate
Input #0, mp3, from 'testcard_APID=0x0101_4ts.es':
Duration: 00:00:00.03, start: 0.000000, bitrate: 192 kb/s
Stream #0:0: Audio: mp2, 48000 Hz, stereo, fltp, 192 kb/s
0.04 M-A: -0.000 fd= 0 aq= 0KB vq= 0KB sq= 0B f=0/0

C:\Apps\home\cryptodir\Labs\002>

 

[cayoenrique]

LAB002 PART V

I know why we still in Lab002. We are testing a group of tools, that mostly belong to Linux but that I made easy for you to play in Windows. They all relate to how we can easily manipulate ts files.

Just to remind: A CSA type Video or Audio PID is a single ( 1 ) stream but in this single PID, it sometime is EVEN some time is ODD. CSA used this method to maintain a constant flow of Decrypted Video. One of the key is KNOWN, lets say EVEN, and Video is been decrypted and watch with this key. During this time the other KEY is been found from ECM. We need to find the ODD key before the sequence of ODD video is transmitted. And the sequence is repeated for the ODD key. In general in BISS there is no ECM.
So some one gave us the needed key or we found the keys before we used then. Then the ODD and EVEN key are maintain static( do not change ) during the whole transmitted event.

I guess next tool I will show you is tsdec. In general most of you know a modified tsdec called ModySat. And most of you used it to decrypt BISS events.

Now original tsdec has a few extra tricks. For once it can tell you the pids inside a recorded event and the counts of them, it can also Encrypt an event.

Lets go back to our lab002 work place.

[WINKEY]+R  CMD [ENTER]
> cd C:\Apps\Home\cryptodir\Labs\002
> tsdec
TSDEC V0.4.1  Build:Jul  6 2021 23:34:53.
TSDEC decrypts recorded DVB transport streams (TS) using 
a control word log (CWL) file.

usage:
TSDEC [-f cwlfile] [-v n] [-a] -i inputfile [-o outputfile] [-e|-d cw]

    -f cwlfile    use cwlfile to decrypt transport stream
    -i inputfile  encrypted recorded transport stream to be decrypted
    -o outfile    decrypted output file
    -v n          verbose level n (0..9) higher number for more debug info [2]
    -a            analyze the PIDs of input file only. No decryption is done
    -d cw        decrypt TS with constant cw
    -e cw        encrypt scrambled packets in TS with constant cw. See readme.
                  cw = "EE EE EE EE EE EE EE EE OO OO OO OO OO OO OO OO"
    -b  n        blocks the usage of the next cw for n packets. [300]

    debug messages are printed to stderr. for logging use 2>log.txt

  Examples:
    tsdec -f logged_cws.cwl -i recording.ts -o decrypted.ts
    tsdec -a -i recording.ts

So lets try with our testcard_original.ts.

> tsdec -a -i testcard_original.ts
TSDEC: PID statistics summary:
TSDEC: PID: 0200 crypted:0 count: 21125  (84%)
TSDEC: PID: 1010 crypted:0 count: 501  (2%)
TSDEC: PID: 1020 crypted:0 count: 500  (1%)
TSDEC: PID: 1fff crypted:0 count: 1848  (7%)
TSDEC: PID: 1030 crypted:0 count: 500  (1%)
TSDEC: PID: 1040 crypted:0 count: 500  (1%)
TSDEC: PID: 0000 crypted:0 count: 24  (0%)
TSDEC: PID: 0100 crypted:0 count: 12  (0%)
TSDEC: PID: 0001 crypted:0 count: 5  (0%)
TSDEC: PID: 0011 crypted:0 count: 3  (0%)
TSDEC: PID: 0014 crypted:0 count: 2  (0%)

Now lets compare it with dvbsnoop analysis the more professional way!!

busybox sh -c "dvbsnoop -if testcard_original.ts -hideproginfo -s ts -ph 0 -n 10000 | grep -e"^PID" | sort | uniq"

busybox sh -c "..." : We need to use this because dvbsnoop does not like windows own shell
dvbsnoop : tool name we are executing
-if testcard_original.ts : We asking to use "testcard_original.ts" as an Input File.
-hideproginfo : We do not want banners
-s ts : Input file is type "ts"
-ph 0 : Output verbose mode: 0=no hexdump output,
-n 10000 : Stop after reading "n" packages. Some how "ph" set n=1 so we are forse to place a big number here so that the whole ts file is read
| : pipe output as input next command
grep -e"^PID" : show all lines that start with "PID". Here more detail: Just print lines that -e"..." where ^ means start of a line
sort : Sort all lines
uniq : ONLY output Lines that are diferents.

Wao... At the end of all that mumble we get tp print all unique pids that show in testcard_original.ts. Here we are

[/b]

> busybox sh -c "dvbsnoop -if testcard_original.ts -hideproginfo -s ts -ph 0 -n 10000 | grep -e"^PID" | sort | uniq"
PID: 0 (0x0000)  [= ISO 13818-1 Program Association Table (PAT)]
PID: 1 (0x0001)  [= ISO 13818-1 Conditional Access Table (CAT)]
PID: 17 (0x0011)  [= DVB Service Description Table (SDT), Bouquet Association Table (BAT)]
PID: 20 (0x0014)  [= DVB Time and Date Table (TDT), Time Offset Table (TOT)]
PID: 256 (0x0100)  [= ]
PID: 4112 (0x1010)  [= ]
PID: 4128 (0x1020)  [= ]
PID: 4144 (0x1030)  [= ]
PID: 4160 (0x1040)  [= ]
PID: 512 (0x0200)  [= ]
PID: 8191 (0x1fff)  [= Null Packet]

So we confirm that tsdec is accurate. Clearly tsdec is a simple command, Don't you think?

To know what are the unknown we can do

busybox sh -c "ffprobe -hide_banner -i testcard_original.ts 2>&1 | busybox grep Stream"
  Stream #0:0[0x1010]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:1[0x1020]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:2[0x1030]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:3[0x1040]: Audio: mp2 ([3][0][0][0] / 0x0003), 48000 Hz, stereo, fltp, 256 kb/s
  Stream #0:4[0x200]: Video: h264 (High) ([27][0][0][0] / 0x001B), yuv420p(tv, bt709, top first), 1920x1080 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 90k tbn

 

[cayoenrique]

I wanted to finish LAB002 with how tsdec can be used to Encrypt and Decrypt. But there is some bug I need to repair. So I will do it later.

LAB003
Analyzing a Full Transponder the Windows GUI way. There are many programs that can be used. But I prefer simple TransEdit from DVBViewer.

1rst of ALL Using you File Explore go to C:\Apps\Home\man_help_chm\ and Open TransEdit.chm Using Left Side Menu select Analyzer Window And PLEASE Study the Info here.

Lets create some working directory and copy example_biss.ts

[WINKEY]+R  CMD [ENTER]
> mkdir "C:\Apps\Home\cryptodir\Labs\003"
> cd C:\Apps\Home\cryptodir\Labs\003
> copy C:\Apps\Home\ts_examples\example_biss.ts

Now lets create some symlink to bin so that we can call Transedit and Hexworshop from anyware.

> MKLINK "TransEdit.exe" "C:\Apps\Home\programs\TransEdit\TransEdit.exe"
> MKLINK "HexWorkshop.exe" "C:\Apps\Home\programs\Hex_Workshop_v6.0.1\Hex_Workshop_v6.0.1.exe"
> TransEdit.exe

You should see

The 1rst thing we should do is set the directory where all our output files are going to be save. I will select C:\Apps\Home\cryptodir\Labs\003
For this we Click on Menu > Settings > Analyser. And type or Browse to the directory. And select C:\Apps\Home\cryptodir\Labs\003
We want ALSO to Check mark High Speed File Analysis

This is what mine looks like

Now Save with [SAVE] then exit with [Close].

Using FileExplorer browse to C:\Apps\Home\cryptodir\Labs\003
To Analise a TS file is as easy as to Drag and Drop the TS over TransEdit.exe.
So with mouse Pick example_biss.ts and Drag and Drop it over TransEdit.

Using you mouse you can expand the Menu in the Left Side and you will see

Now In the Right Side we can see all the Pids included in this File.
On the Left Side you see the SI Tree. Transedit digest all the PID files to make this nice resume.

I will describe on my own words what each Pid is. Please ignore my comments if you disagree. The process of organizing the table information, many programs called TS Table Decode

0x0000 : PAT - This table is the 1rst one we should read. It specify all the possible Channels(ServiceID) this transponder contain.
ServiceID = 1
PMT PID = 0X0100

0x0011 : SDT - This provide The name of the Services and the name of the Provider. If you look in the left menu you can read
ServiceID = 1
ServiceName=IMG3 EU
ProviderName=CM5000

0X0100 : PMT - PMT Holds the amount and number of all the PIDS that are part of a Service. And Holds also the CAPID
0x0200 H.264 Video
0x1010 MPEG Audio
0x1020 MPEG Audio
0x1030 MPEG Audio
0x1040 MPEG Audio
CAID 0x2600

Where
Conditional Access : 0x2600 is Name "BISS"

Now look again to the Right you can see that 0x0200 H.264 Video is in RED. This mean it is Encrypted

Now lets say we want to look at the Hex values of a PID. Normally we do this for ECMs. If we try to find this pid in the original TS it will be too difficult. It will be easier if a new file ONLY contains ECM Pids.
Here we do not have an ECM but we can simulate with PAT.

Click on top of 0x0000 PAT, it change color. You can see at the bottom [Start Recording] Button, Please Click on it. As soon as you click Same button will be shown as [Stop Recording]. Do not Click yet on STOP. We need to click 1rst on [Restart]. This mean to the program like if it saying Read again while saving!
Since we originally mark in Settings High Speed File Analysis then this job is done in a second. You will see the screen blink. Finally you have to Click on [Stop Recording]. And a new file should be save in our output Folder.

In my case I got example_biss 10-14 11-34-52.ts
See how its name start with the original name. The it adds date and time of the saving. But no info of what PID. So I go to File Explorer and rename it example_biss_0x0000_PAT.ts as this is more appropriate name for the new file.
Lets Exit Transedit.

You can look at the file using HexWorkshop and since we made a symlynk we can called inspect the file with:

HexWorkshop.exe example_biss_0x0000_PAT.ts

If you have a BIG Screen you can expand HexWorkshop so that it can show from byte position 0 to 0x2E. Where 0x2E = 46. Why? because if you take TS length and divide by 4 = 188 / 4 = 46.
In this way you can see the start of next TS every 4 lines. Easier to read. Exit HexWorkshop.

A Simple way is using OD

> busybox.exe od -t x1 --width=47 -N 188 example_biss_0x0000_PAT.ts
0000000 47 40 00 11 00 00 b0 0d 43 21 d1 00 00 00 01 e1 00 22 2f 77 f9 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
0000057 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
*
0000274

where
-t x1 means print in Hex i byte at a time
--width=47 mean 46 char peer line, I know weird...
-N 188 means number of bytes ti print

Up to here we have been introduce you in the process to how we get Hex data from a TS log file.

 

[Me2019H]

Drag and Drop the TS over TransEdit.exe didn't work

i have Not DVBViewer Installed in my computer