Goal amount for this month: 100 EUR, Received: 16 EUR (16%)
Donate to support this site...
i am a newbie to sat hacking, cracking and so on (But i am an expert at comps). I'd like to ask u guys sum questions.
1. How is sat hacking done? (correct me if wrong) You get a DVB PCI or USB card and attach it to ur PC. Then you connect your dish to it. U download sum software to view it on ur PC. Then wat do u do? Is it brute forcing?
2. If u're watching a channel (say SF2), then, if u keep it on for the whole day, and they change the code in the middle of my viewing, will it affect my viewing of their channel? Coz i see FIFA on SF2, and they change it 40 mins before the game. Is there anyway I can avoid this? (I have a Starsat SR X550-D Super receiver, got a couple of dishes, and i don't have a PCI card, got a pair of cables that connect dishes to receivers.)
3. I'd like to know how the hexes of sat encryption work. I saw u guys posting 0D for july, 0A for August. Where can i find out how this works? Is there any valid documentation?
Please help me,
Looking forward to ur replies,
Answer to Question 1:
There are many types of encryption systems[viaccess,Nagra,****** etc],which changes the order of transmission,and there must need a
decryption key to make it in order.(If you are familier with java programming may be you must heard about Encryption Classes Like DES),Did
Many management keys are known, (through Keyblitz project and other "brute force" attacks). Thousands of home hackers run DES-searching
software (DES-56 is the most common name for this encryption system) on their home PC's. Each member is assigned a key space where to
search. After say 1000 hours on a PC, that space is searched and the member reports back to the project coordinator whether a key was found.
The Swedish Government has contributed more than anyone else in the key search, by providing free (tax-paid) university educations for all, so
that hackers can use university supercomputers to join the search. There is also a DES-cracking machine built by EFF (the organization for
privacy & free speech on Internet) to show how weak the DES system is. The reason why this weak system is still being used, is a regulated
political policy which prohibits US export of strong encryption. This machine is expensive to build but affordable by organized crime, and cracks
(finds) a DES-56 encryption key in a few days.
Answer to Question 2:
If you are using a valid decryption key,you are able to watch the channels,when that key changes,you have to enter the next decryption key or
there already have the next key entered.If you are using starsat,reciever is capable for Auto-Rolling,that is if all the active keys entered,reciever
will change to the next valid key without any interruption for tha viewing of channel.
Answer to Question 3:
For this ,the answer is alreday said.DES searching software can search the space for valid keys [I mean active].Maybe today's active key will
become valid working key for tomorrow.Hex codes are the basic of any encoding or decoding system..
Hope it helps....
Fte Max 100S
Asiasat 3S,NSS 6,Insat 4B,Thaicom2/5,Intelsat7/10,HB 6/7A/8
one more ques.
answer to ur question : i know Java and about DES.
How do you guys find out bout these keys? I mean, if it takes lots of hackers, then u guys r a part of some group? Will programming languages help in cracking? What is the DVB PCI cards for, really?
Here is somethig I know..Hope it help our members
1 - WHAT'S IN A PIC PIRATE CARD?
Most pirate cards are PIC cards. They are not cloned from original cards - they just work (almost) the same way. These generic programmable microcontroller cards can be bought legally at 3-10 USD, depending on the type. Those of main interest today are single-PIC16F84 (program this with the latest (version 4) Nordic HEX file) and MM2 (PIC16F84 + 24LC16) - program this with the latest Multimac3 HEX files (when this was written, MM3.03 was the latest). HEX files are distributed as very small data files which can be downloaded on many Internet web sites. To program a HEX file into a PIC card, you need your PC and a PIC smartcard programmer. Best prices & best service here. The HEX files
contain the computer program that makes the smartcard emulate a real access card, such as issued by the TV companies. It also contains the latest keys (commonly called "codes").
2 - WHY DO I NEED TWO CARDS?
The HEX files are continously being improved. A few years ago, some HEX files didn't work well on certain types of decoders, typically Macab or Luxor Mac 3. (Also, Amstrad and Philips STU had hardware problems with all MM2 cards of Lithium type where C4/C8 were not taped after programming). Nowadays, compatibility problems have been solved and all HEX files seem to work with all decoders. However, a small problem occurs due to the two variants of Eurocrypt - M and S. Some channels use the M version and Canal+, Canal+ Gul, Femman and Animal Planet uses S (or S2). HEX files which handle both variants are called "autoswitching". Autoswitching doesn't always work - you might need two cards, one programmed to decode the Eurocrypt-M channels and another for the Eurocrypt-S channels. Most decoders have two card slots but if you have a simple single-card Eurocrypt unit, you might have to swap cards. This is
inconvenient but acceptable...
3 - WHY DO I NEED TO UPDATE THE CARD?
Encryption is a mathematical function. The encrypted data (in this case, the TV show) needs a secret codeword (in this case, the 56-bit "key") to be decoded. This secret key is known by original TV access smartcards. To make hacking more difficult, TV channels can "download" new keys into the original cards and then start using them. This download data is bundled with the TV channel data, similar to how text-tv (videotext) information is transmitted. To make sure all original cards have received a new key before they start using it for encryption of the TV channel, the download has to be active for a month or so. A fun thing that sometimes happens, is that if a viewer with an original card has had his satellite receiver turned off for the entire download period, he too will be unable to view the channel, even though he has an original card! When the key is broadcast, it is encrypted with another key (a so called "management key"), because it's easy for any hobby hacker to view what's broadcast from the uplink - all that is needed is a Season interface / Data Logger. Cool hackers have these management keys (or "man keys"). Those hackers who have these man keys, they can immediately see the key which is being uploaded, and the same second the TV channel starts using an encryption key which has been uploaded, thus creating the channel to fall out from the PIC pirate card, the hacker can create the "multimac" style update code which the home user needs to enter in order to view the channel decrypted again. There are several management keys and the TV companies (Canal Digital and Viasat) don't know which management keys are known. As soon as they learn about that, they can stop using this key (this is called to "kill a management key"), and
instead use one which is not known. This means they have to send out new cards to 1/256 (?) of their customers, but it could be well worth it in order to make use of pirate cards more difficult. Therefore, hackers are careful not to reveal which management keys that are known.
4 - THE REASON AGAINST AUTOUPDATING CARDS
Those cool hackers who are lucky to have man keys, why do they publish keys instead of putting the man key in the HEX file so that the card could update itself? The reason for this is that HEX files for PIC cards can be reversed-engineered. If Viasat or Canal Digital finds an auto-updating HEX file on Internet, they just disassemble it and see which of the management keys that were used. Then they kill that key. Then, all autoupdating cards using that man-key, would stop working! For now, the cool hackers have decided that the best solution is to keep the man keys and to provide just the update codes instantly. There are however a HEX file out which is autoupdating on some channels (TV1000 etc). But since this man key is thereby known, it could be killed at any time, so time will tell whether this HEX file is better just because it's autoupdating. So instead of auto-updating cards, hackers are looking at other solutions to
make PIC cards even more convenient to use.
5.WHY AREN'T ALL PIRATE CARDS AUTO-UPDATING?
The intention with encrypted channels is so that noone except for the paying customer can view the encrypted channel. The paying customer is given a cheap-to-manufacture smartcard by the TV channel. However, the functionality of a genuine smartcard can be emulated with a "pirate" smartcard (though it isn't really "pirated" because it's not a cloned
genuine card but simply a card that works in the same way as a genuine card).Encoded TV channels broadcast a digital explaination to the decoder how to display the scrambled TV images. This explaination is encrypted - only the original smartcards supposedly know the ENCRYPTION KEY and can decrypt this message. The encryption changes every 10 seconds or so (that's why the picture remains unscrambled for a few seconds even if you remove the card). Every 10 seconds, the decoder sends 7 bytes at 9600bps to the smartcard which decodes them and sends them back to the decoder. The encryption key remains the same for several months,
but for anti-pirate-card reasons, they change it sometimes (a so called "Electronic Counter Measure" - ECM). The official Eurocrypt cards contain 8 keys for each channel. When the TV company wants to make it difficult for pirate card users, they send a message via the satellite which is received by all original cards. This message tells the smartcard to
change one of the eight keys to something else. Because not all subscribers have their cards inserted and decoders turned on at the same time, this message is repeated for about a month. Then when the update message has been broadcasted long enough to be certain that 99.9% of all subscribers have received it, they send another message to tell
the original cards to change into the new key. All of these messages are encrypted with the MANAGEMENT ENCRYPTION KEY, because if it was sent in the clear, then everyone would know what the new key was.
- Why don't pirate cards understand the code-change message?
Since ordinary pirate cards haven't understood the code update message, pirate cards must be updated manually by the user. The update codes are generated by someone who has knowledge of a MANAGEMENT ENCRYPTION KEY. With the update code, the user can either reprogram the PIC pirate card in his PIC programmer, or he can enter a 28-
digit update code using his remote control. However, some pirate cards understand the code-change-messages and update themselves just like genuine cards. Those are called auto-updating pirate cards. The difference between auto-updating cards and regular cards, is that auto-updating cards contain a MANAGEMENT ENCRYPTION KEY. The TV
companies really would like to know which management keys are known by hackers, because then they could stop using them. Therefore, hackers don't want to put the management key inside a low-security smartcard where it can be easily read out. PIC smartcards have a low security and if a hacker made a self-updating card based on PIC, the TV channels could buy such a card and find out which management key is inside. Then they could replace the cards that this management key is used with, and never use it again.
-Why can't the TV channel just change all the management keys all the time?
Well - there are a few different management keys used on different genuine cards. If they stop using a management key used on 4000 cards, they have to replace those cards with other cards because the management keys can not be changed by sending a message via the satellite. So you see they would have to replace all the cards to be certain that all management keys are unknown by hackers!
- How do hackers find out what the management key is?
Because the encryption method used (DES 56-bit) has only
72057594037930000 combinations, it is possible to count through all the combinations and see which one works - a so called "brute force" attack. On a single PC this would take a hundred years but if 1000 people with PC's join the search, splitting up the code space between them, it's possible to start finding keys within months. There are different projects like this, for example The Keyblitz Project that hunts for keys for the Eurocrypt channels - currently Canal+. Also, some people have access to supercomputers on universities and large companies. And there are special DES-cracking machines (costing 250000 USD) that can crack the code in a week.
- Why are update codes available so quickly?
Because the hacker with the management key can decrypt the update message, and therefore see the new key in clear text. This means that the hacker knows the new code BEFORE it's taken into use! But he would be stupid if he told people the new key before it's taken into use. Why? Because it would be possible for the TV channel to send out a DUMMY update message, encrypted with that management key, which they wouldn't use. Then when they see on Internet that someone has decoded it, they know that it's this management key that is known, and then they kill it.Most pirate cards use the function "change secret code" in the Eurocrypt decoder, to update the code. This allows the user to enter seven 4-digit codes here, to update the pirate card when the encryption key has changed. NORDIC and MULTIMAC2 support remote updating, which can save the user the trouble of having to reprogram the card using a PIC programmer.
You can read more about DVB here
sorry to be ignorant
Sorry if this seems really ignorant. I have read with great interest the posts above, especially the last one about different cards. How easy is it to get the codes and update them to the cards? I am really interested in giving it a go but do not understand the difference between all of the different types of cards out there. Is it possible to clone a mates legal subscription card for example?
Thanks for the plain english... helping me to get a clearer picture. where does one get the hex from? is ther a strand on this website?
Bein a lil more practical
pls forgive me for my questions
as i already mentioned i have starsat. Is it possible for me to enter one or more keys, keep my channel on all the time(i want SF2), and then be able to decode the update messages, use new keys whenever it is updated, and view my channel?
And i didn't get what koovery actually meant by Auto-Rolling.
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
By icevid in forum RDI - English
Last Post: 19th September 2006, 03:35
By B_CNN1347 in forum RDI - English
Last Post: 23rd July 2006, 22:46
By nuclear in forum RDI - English
Last Post: 23rd February 2006, 08:43
By Antonyo in forum RDI - English
Last Post: 10th February 2006, 23:26