Where are you even getting software updates, OTA from the satellite? I can't find them on cisco's site anywhere.
The software is updated via satellite.
Posts by Fenix11
-
-
Good job, I’ll follow your topic with interest.
I don’t know if I can help or not. If you want to share your data / software, I’m interested.
Greetings
Ok, tomorrow I'll compile the data I have saved and send it to you, let's see what else I can get from there.
Greetings.
-
Feel free to share! My d9865 arrives tomorrow.
How hard is the flash to dump?
I tried it with the Urjtag and STMicro tools, but I don't know how to do it, so I had to remove the memory and read it with Xgecu. To attach it to the receiver, I had to make a homemade removable socket. It sounds crazy, but it worked for me. Honestly, it blows my mind, and I'm putting it into practice without fear of failure. These photos will show what a mad scientist I am. 😅I should be working at NASA.
-
Display MoreDisplay More
Hola, saludos.
Al ver estos temas tan interesantes, también investigó y exploró este nuevo sistema. He notado algunos cambios interesantes tanto en el flujo de datos de bits como en el software.
He estado analizando algunos detalles del software del equipo, comparando la versión x.90 con la reciente x.92. He notado que se han eliminado, modificado y añadido funciones a este software con las que no estoy muy familiarizado, pero a simple vista, es evidente que se relacionan con el flujo y la gestión de datos clave.
En una de las imágenes, comparando ambas versiones de software, se puede ver que se han eliminado algunas funciones relacionadas con los valores EMM, ECM y CW, agregando funciones y mejoras al flujo ECM. También se pueden ver cambios en los valores de vfprintf, de %10d a %10llu. También se pueden ver cambios en las tareas OS21. En el emulador Oscam, se puede observar que, en los diferentes modos PowerVu de algunos multiplexores, cambian los valores de los bits de seguridad y nano, al igual que la longitud de la sección en el flujo de paquetes ECM. Algo curioso y nuevo para mí es que, en la imagen del flujo de bits del canal FOX News, las tablas de identificación 80 y 81 cambian estos valores. No sé si se trata de un error del emulador, pero parece extraño.
Mi conclusión es que estos cambios de bits pueden afectar los cálculos de CW.
Seguiré investigando más a fondo para ver qué más se descubre. Si alguien necesita la información o el software, puedo compartirlo.
Espero que esta pequeña contribución ayude de alguna manera a la investigación de este nuevo sistema.Atentamente.
¿Tienes el receptor Cisco? ¿Cómo, por casualidad, estás volcando la imagen flash/firmware? ¿O se trata de otro software/dispositivo? Si tienes los binarios responsables del descifrado, podrías transferirlos a ida+hex-rays o ghidra y luego obtener el código pseudo-C que podríamos analizar o analizar con IA.
editar:oh - ¿eso es solo la salida de oscam-emu?
You spoke to me in an algorithmic way😅, I don't know how to handle those methods yet, but if you know how to do it I can share them with you.
-
Hi, I have the Cisco D9865 and I dumped the flash to bin and analyzed it with the software tools.
-
Hello, greetings.
Seeing these interesting topics, I've also researched and explored this new system. I've noticed some interesting changes in both the bit data flow and the software.
I've been analyzing some details of the equipment software, comparing the x.90 version and the recent x.92 version. I've noticed that they've removed, modified, and added features to this software that I'm not very familiar with, but at a glance, it's clear that they relate to the flow and management of key data.
In one of the images, comparing both software versions, you can see that they've removed some features related to the EMM, ECM, and CW values, adding features and improvements to the ECM flow. You can also see changes in the vfprintf values, from %10d to %10llu. Changes can also be seen in the OS21 tasks. In the Oscam emulator, you can see that in the different PowerVu modes of some MUXes, the security bit and nano values change, as does the length of the section in the ECM packet stream. Something curious and new to me is that in the image of the FOX News channel's bit stream, the ID tables 80 and 81 change these values. I don't know if it's an emulator error, but it looks strange.
My conclusion is that these bit changes can affect CW calculations.
I will continue to explore more closely to see what else is discovered. If anyone needs any of the information or software, I can share it.
I hope this small contribution helps in some way with the investigation of this new system.Best regards.
-
Greetings.
I'm not that expert on these Nanos issues, but with my limited knowledge, I've noticed that GTMedia opens some 55W and 58W channels with the current PowerVu system. I've noticed that the channels with the Nanos 01 accompanied by the Nano 08 are the ones that are opening but without audio. The others, like the MUX channels of the Studio Universal 58W, only contain Nano 01 with the other Nanos at 00. For example (0E00 01 00 00). Here are some reference images.
I've been analyzing and observing some changes in the ECM flows, among other changes, when I was comparing the old PowerVu cisco software with the new one.
Best regards.
