Gemalto vs NSA

Everybody had read the news about Gemalto and the leak of KI Keys for mobile phones. Gemalto try to reduce the important story about the NSA that is now able to logging G2 traffic and decrypt it. Gemalto pass a vote of no confidence in the eyes of experts.

The NSA itself try to get all importend ways to catch any possible victim of terrorism. But how deep they will go? Goverment´s Spyware and Trojan´s are not enough to prevent problems and it´s not only the own property no it´s the WORLD. They try to be the Godfather of all protection of the world aren´t they?

So who is the next company that is involved with the NSA?

China Set Top Boxes Part 2 TIGER T6

Tiger T6 Scat Receiver made in china.

Please to all SAT Manufacturers from CHINA, dont wasted sillicon recources on that stuff you sell on the global market.

Made in China stays for the Maggot´s inside Cadaver.

T6TigerHmmm nice u are welcome :P Plain IP Ranges of Gshare Services. Well done, all that uses that Software have a short dick. This Software was downloaded on the official WEBSITE of the Manufacturer / Seller TIGER-SAT.COM

Also the Firmware for the T300 has cool things in it. Plain Logins for FTP Services :P

T300-1I checked the FTP services out. :) Softcam.Key and few more illegal files.

There is so much crypto inside for all CAS Services and the “Secrets” that have to be covered is unencrypted in the String´s?

So STOP sell such electronic waste to EUROPE. WE dont want your bad coded and Manufactured stuff here and CE ist not CHINA EXPORT :)

Well well go to Hell….

China Set Top Boxes

Today i was a not so busy and i looked at a SR-2000HD STB based on ALI3511. The ALI Chipset is the most used one in the China scene. Cheap and Dirty :-P

ALI3511Only the cover looks good, bu we see 1X Slot universal … sounds interesting.

ALiSR-2000HDThe Main Application shows us really nasty things. Conax RSA Key :) Well it rings a bell, cause Conax CAS7 used a special RSA Keying for Secure the Card-sharing. Same to  Nagravision and few more. The Viaccess AES Key is for emulation of TNT Sat.

09419360 is an Update routine for the Softcam support. We can find a IP 109.202.103.10 that fits to NL looks like a hidden layer to cover something like a VOD service.

alisr2000hd2alisr2000hd3Ohhhhh this is a really multimedia STB Gshare hmmmm yummy

WOW it has own CCCAM Servers inside the Firmware and an automatic Softcam update on http://eurosatbase.net/alisathd/

The CCCAM Server is in NEW York :)

Supported protocols are : Gshare, Gshare Plus, CCCAM, SkyShare and NewCS.

The Box has Dongle Support and the Dongle uses two different kinds of Secure Memory. AT88SC0404C  & AT88SC0808C  are supported. Clevers programmers that show us the code for blowing up the security fuses for the security. “Blow Fuse Verify Password Failed”

Well they put a privat RSA Key and the public Key inside unencrypted on 10075692. HAHAHAHA

PŒŸž—©›D§Nagra, NagraVision, Kudelski are trademarks of Kudelski S.A., 1033 Cheseaux, SWITZERLAND. Copyright (c) 2003 NagraCard S.A..TPCDŒCŸLªD¥«ž— YC‹B—‚V_VO£Œ¥“

They have a license? FACEPALM^1000000000000

Well it supports also CI and CI+ Modules but where is the slot?

€y8€Ôy8€Conax ITI CIPLUS CAM………….TSD Crypt Beta2………………CryptoWorks………………….Viaccess Access………………POLSAT………………………Irdeto Access………………..MODULE RETAIL………………..DREcrypt MPEG4……………….DRE NKE……………..

So the library / Firmware is written for all Models , just a snapshot.

.MEGASAT HD910……………….……MEGASAT HD910X……………………HD 900 TWIN CI+……………..…5…VZ-7700HDse CI…………………5…VZ-7700HDse……………………+…500HD mini………………….…+…500HD…………………………+…550HD…………………………+…550HD@czech……………………+…550HD@uk………………………B…Max Fly 5500………………..…B…Max Fly 6600………………..…V…OSCAR X200………………….…V…OSCAR X90…………………..……Ali HD……………………..……PREMIUMX DSR1100…………….……QMAX MST-999 8M……………..……QMAX MST-999 H1……………..……QMAX MST-999 V2……………..……QMAX MST-999 V2.2…………………QMAX MST-999 V3……………..…I…19000…………………………I…22000…………………………I…HD 10000………………………I…TITANIUM 19000…………………I…HD 10500………………………3…S-1210HD Aron……………….…3…S-1211HD NERO……………….…3…S-1222HD stealth…………….…3…S-1212HD NERO……………….…3…S-1222HD stealth discard……..…E…SkyPrime………………………E…SkyPrime_HD_CI…………………E…SkyPrime_HD_MINI…………….…E…SkyPrime_HD_MINI_L…………..……S4-3HD(ALI)……………………F…StarMax 1X1 CXT……………..…F…StarMax X10 BETA…………….…F…StarMax X100 ALFA.

 

 

CI+ is weak

How secure is CI+ and is it really safer then the normal older CI without the +?

No it is not :-P

 

viaeB

First let’s have a look at an older CI from Smit used on Viaccess. We can see an FPGA , SST flash and a custom IC from Smit. The FPGA manages the transport–stream and demux. The custom IC is the magic miracle that is decrypting the TS with the Smartcard that´s needed. Basically the CI is just a CAS Adapter.

Well ok then….

MatrixRevolution

Here is a Matrix Modul from old days. Simple FPGA, Sidsa Core, Flash and external S-RAM.

pcb9v

SDRAM

1topv

So here we have THE AWEASOME CI+  So we check it by bare eyes what is the difference?

 

The FPGA is missing! The Custom IC now handles the TS-Stream and the decryption and the CW that is covered by RSA/AES on CI+. So the magic thing is an ARM7 like Duolabs was using it on the Diablo CAM. The Flash is a simple AT45 branded by Atmel and an external S-RAM by Etron Tech. The tiny IC on the top is just for 3/5 volts VCC.

CI+ stays for control the recordings (restrictions) by the provider and it has extra DRM and few other protections to be sure to prevent the content. Another new thing that few CI+ Cam´s can handle a magic pairing algo like older days on the Betacrypt BlueCam. It also handles the Timeshift restriction and few more funny tools.

It´s alright then if it prevents the content stealing or sharing to illegal pay services. ( C-Line Server)

Now we need a deeper look inside this miracle magic awesome tool that everybody needs.

ATMEL_057

bad

The flash…..

perfect_056

fullSPI

Here are the pinout´s for the BGA 24. What we need is well-known for people who are involved in electronic things. SDA,SCL,GND…

So a quick research on google and we  find some magic Datasheet well thanks chinese man for leaking it.

cert1

So have a closer look on the yellow marked points.

CI+-1

The Cert´s ROOT/DEVICE/CUSTOMER   well inside the PLAIN unencrypted FLASH!

M25PX16.M25PX32.M25PX64.at45db081d..at45db161d..at45db321d..ttya:…%08X….SC16IS740

What´s is this String telling us? It say´s that any CI+ uses non secure flashes for the imported 2048 Bit RSA Keys that we need. Also we need the Cert´s that our Box is talking to the CI+.

SC16IS740 Single UART with I2C-bus/SPI interface, 64 bytes of transmit and receive FIFOs, IrDA SIR built-in support

M25PX16 NOR Serial Flash Embedded Memory

AT45XXXX 8 or 16 Megabit Flash

CI+a1Update: Model : SmartCam-3 CI Plus for UPC  Partnumber : CI0311-UPC01 R1. Same PCB &  same IC´s. Well i bet all CI+ from the Manufacturer are weak. If you want send pictures from your CI+ Cam.

 

Few days later somebody released a CI+ Emulator for the DM7080. Well WTF? somebody has a finished solution in C code… yeah…

 

Results CI+ is working well in the DM7080 hmmm

So all restrictions are now revoked by the Box und you can use it as a normal CI.

Their more magic…. but we don’t wanted to touch the ARM cause everybody knows about the weakness….  we don’t wanted to talk about the embedded code on few STB´s that are still have a problem with RS232. We don’t wanna talk about the applications inside the plain OTA Updates for STB´s.  WE ARE SPEECHLESS!

 

This RESEARCH is made for Science only, if you are pissed about that article don’t blame us, cause YOU did the fault. We have the right to Research and publish factitious Security. We did not Reverse any code or leak it. We show you how your staff is working. We are not involved in hacking or leaking code and have nothing todo with the hacks that are aviable on the Internet. The NET shows us that CI+ was hacked long time ago for Samsung Smart TV´s and the code was aviable on the NET.

Issues on CI+

– Linux Smart TV´s can be easy rooted and so the code of CI+ is also aviable

– CI+ Modules are not secured (the flash)

– Many SDK´s and Sheets leaked to the Net like ST´s 71XX Series

– Cheap CI+ STB´s and embedded Receivers are not secured on RS232

– Manufacturers set Firmware updates to the WWW and this is not alloud.

– OTA Updates are not encrypted, so you get the FW delivered.

The only good news, the CAS itself is OK or maybe … i dunno.  This shows again how money growing works. We publish a new CI+ and sell the CI+ Modules and earn a bunch of money and the second way we take few cash from Manufacturers to license the STB Products. So who cares the security? In few month i bet we get a new CI+ called CI++ with better security and the money cycle starts again.

 

 

Personally I don´t understand that company’s who developes security make this mistakes. I sure agree that we are all human and make mistakes but if a multi million dollar company has issues like that, something is going wrong?!

 

 UPDATE:PCB-REVERS

reversenback1reversenback2

 

 UPDATE 22.02.2015

Small research for the CI+ ProCam from Smardtv. Here we have the UPC one. Did you see what i see?

upc1 upc7Hmmmm is it real the same ? Yes it is.

 

Well, so the design of the PCB is ok, the SPI of the AT45 is covered by the BGA. @Smartdtv next time use a ASIC to combine the Flash and the ARM. Building a secure CAM that is self made is easier then u think. U can use up to 16 layer to build up a IC and i think there is much space to add the SDRAM too. Neotion did it with a custom build with BGA and 255 connections with same spec´s.

neo-1I dunno how secure the Neotion variant is, but i think it´s not so easy to access the Flash. A investment in Cadence to build up own Asic´s is good.

 

 

 

 

 

 

 

Colibri – Weak security

Das PowerVu System , welches zum Schutz von AFN Networks hier in Deutschland eingesetzt worden ist, ist jetzt offiziell geknackt. In der Dokumentation von Colibri wird klar dargestellt das eine unsichere Verschlüsselung heute nicht mehr stand hält gegen Angriffe von FPGA´s um die benötigten Schlüssel zu finden. Letztlich ist entscheident mit welcher Kraft man diese Schlüssel berechnen kann. Die heutigen Grafikkarten mit 1000 Shadereinheiten machen es möglich. Die Benutzung von GPU und Crypto ist ein Meilenstein, denn es lässt sich auch das Brechen der RSA oder dem einfachen DES sowie Hashes wie z.B. MD5 oder SHA um ein vielfaches beschleunigen.

Aber es ist nicht nur PowerVU in Deutschland betroffen. PowerVu ist ein weltweit angewendetes CAS System, das nur mit speziellen Receivern zu entschlüsseln ist.

Der damalige Hersteller Scientific Atlanta wurde 2005 von Cicso aufgekauft und Cicsco hat  auch den CAS Hersteller NDS in 2013/2014 aufgekauft.

Was die wenigsten aber wissen, ist das die Sicherheitslücke vom PowerVU System aber auch auf andere Anbieter wie Direct TV in den USA passen, hier ist das Problem der 48 Byte genau das gleiche wie das von Colibri beschriebene in PowerVU.

Da es bis heute keinen Kommerziellen hack von PowerVu gab, hatte man auch kein Interesse dieses System zu erneuern, damit ist PowerVU das einzigste System welches nicht Opfer eines Kommerziellen Hacks geworden ist, sondern auf einem Hobby Hack. Alle anderen Systeme wurden professionell gehackt und verkauft um später Smartcards wie z.B. die Titanium Karte oder Cerebro in Massen zu verkaufen.

 

Ich ziehe meinen Hut vor Colibri, denn er hat sich sehr lange mit diesem System beschäftigt. Auch seine anderen Hacks hat er mit großer Sorgfalt dokumentiert und publiziert. Der Hack des BSI Zertifizierten Smartcard – Readers zeigte auch auf, das man auch bei solch wichtigen Dingen Fehler macht.

Viele liebe Grüße an Colibri und ein Danke an seine Forschung.

Decaping ceramic mix

Hi there, just a small decap image of a DVB CI.

CNX1516The red dot shows you a wet place with a rest of heavy acid. All leads are well up. The ALU & Flash on this devices is covered by solid metal (extra). All pieces was covered by ceramic mix. This is a broken device and I tried a new method to remove the ceramic mixture. On the first look… well OK. Later I will try to get the metal away….

SLE66PE first look under the scope… taken in 2010

Sure not a big thing but i had my first look on the 66PE in 2010.

The small Video shows you the ALU without removing the extra (epoxy).

Hamburg die – Alu made in Hamburg

Yeah a ALU made in Germany, a high security alu made in the germanys sweetest city Hamburg.  The P5 and P8 series of Philips on old days now known as NXP.

HH2The P8WE5032 series had a couple of nice features and high security on older days.

The P8WE5032 is a derivative of the 80C51
microcontroller family and has the same instruction set as
the 80C51. The device includes 32 KBytes of ROM,
2304 bytes RAM (Data Memory) and 32 KBytes of
EEPROM. The EEPROM features a data memory and a
program memory usage mode. The non-volatile memory
consists of high reliability memory cells to guarantee data
integrity. This is especially important when the EEPROM is
used as program memory.
The integrated co-processor Fame X
accelerates the encipherment for Public Key encryption algorithms.
Thiswidens the field of applications for this device, since it can
be used as tamper-resistant security tool for secured and
authentic communication in open networks.
The Triple-DES co-processor speeds up the calculation
time for DES3 encryption by about three orders of
magnitude compared to software solutions. Also single
DES operations are supported.
Bi-directional communication with the device can be
performed through three serial interface I/Os according to
ISO standard 7816-3. The I/Os are under full control of the
application software in order to allow for conditional
controlled access to the different internal memories.
hamburgBC