LExxB650 T2P CI+ hacking

This forum is for information related with B series hardware instead of firmware/software.
Post Reply

mprotect
Official SamyGO Developer
Posts: 19
Joined: Sun Dec 06, 2009 4:41 pm

Re: LExxB650 T2P CI+ hacking

Post by mprotect »

erdem_ua wrote: About flashing modified firmware. It isn't possible to flash TV with encrypt_update programs output, right?
Wrong. That's why I created the "RSA disable" game.
erdem_ua wrote: And if checksums are generated after flashing, than we can hack exeDSP via IDA as at CI devices (like for implementing Video ARFix.)
I think so, yes.
Top
User avatar
erdem_ua
SamyGO Admin
Posts: 3125
Joined: Thu Oct 01, 2009 6:02 am
Location: Istanbul, Turkey
Contact:
Contact erdem_ua

Re: LExxB650 T2P CI+ hacking

Post by erdem_ua »

mprotect wrote:
erdem_ua wrote: About flashing modified firmware. It isn't possible to flash TV with encrypt_update programs output, right?
Wrong. That's why I created the "RSA disable" game.
erdem_ua wrote:
Okay. Instead of "RSA disable" game method, I wanted to generate this signature from XOR encrypted image since we know the "secret" key. But I think this RSA secret is different than AES secret, so we needed to scan/bruteforce entire RSA key space for implementing this.
Your method is remove kernel signature check but not every CI+ device has Game menu. We can execute derivative application from telnet too but CI+ devices could only enable their telnet via Telnet Enabler Application which is requires game menu too..

Sum off all those, CI+ is broken for only devices with a "Game" menu. Other CI+ devices cannot update their firmwares as they want...
Top
User avatar
erdem_ua
SamyGO Admin
Posts: 3125
Joined: Thu Oct 01, 2009 6:02 am
Location: Istanbul, Turkey
Contact:
Contact erdem_ua

Re: LExxB650 T2P CI+ hacking

Post by erdem_ua »

So, this topic close to the end here since we got almost all Hardware related things. So I open new topic for at software forum for software discussions/problems for CI+ devices.
Please follow this topic for SOFTWARE related questions and applications for CI+ devices...
Top
dasilverpaladin
Official SamyGO Developer
Posts: 119
Joined: Sat Oct 31, 2009 1:04 am

Re: LExxB650 T2P CI+ hacking

Post by dasilverpaladin »

Sorry,

i know you wanna close this topic but i have something to add here.

After i flashed my TV 2 or 3 times (don`t know exactly) with modified firmware i noticed that my TV says there was no firmware backup.
I checked the path you mentioned in the wiki (Ensure the backup exe.img ( stored on /dev/tbml10 ) is in good condition ( and ideally not altered. ) )
but there is no folder just an 60MB file.

Maybe disabling the RSA also disables the backup progress.

As precoution i suggest every 2nd or 3rd flash should be an original unaltered firmwareimage, havent tried it, bust should work.

As adittion i installed an FTP server on my TV, if someone needs files from an 37" B650 CI+, just ask :)
Top
User avatar
juusso
SamyGO Moderator
Posts: 10129
Joined: Sun Mar 07, 2010 6:20 pm

Re: LExxB650 T2P CI+ hacking

Post by juusso »

1198282 is for B series. You are looking T-VALDEUC, It`s for C series.
LE40B653T5W,UE40D6750,UE65Q8C
Have questions? Read SamyGO Wiki, Search on forum first!
FFB (v0.8), FFB for CI+ . Get root on: C series, D series, E series, F series, H series. rooting K series, exeDSP/exeTV patches[C/D/E/F/H]
DO NOT EVER INSTALL FIRMWARE UPGRADE
Top

Post Reply

Return to “[B] Hardware”