Firmware Decrypt

[alessio71]

solution is quite simple, btw. try this version http://samygo.svn.sourceforge.net/viewv ... ches/pcre/ but it needs also python module "re"

You meen that will be possible to downgrade too?!

[alessio71]

solution is quite simple, btw. try this version http://samygo.svn.sourceforge.net/viewv ... ches/pcre/ but it needs also python module "re"

OK, I did what you suggested and now decrypts correctly but patching...

Can you explayn this too?

Code: Select all

C:\>"SamyGO Firmware Patcher.py" patch ".\B-FIRBP7WWC"
SamyGO Firmware Patcher v0.34 (c) 2010-2011 Erdem U. Altinyurt

                   -=BIG FAT WARNING!=-
            You can brick your TV with this tool!
Authors accept no responsibility about ANY DAMAGE on your devices!
         project home: http://www.SamyGO.tv

Firmware:  B-FIRBP7WWC v1003.1

AES Encrytped CI+ firmware detected.
Decrypting with AES...
secret key :  SHWJUH:db48ad51-
Decrypting AES...

Decrypting with  found B-FIRBP7WWC
XOR Key :  B-FIRBP7WWC
Crypto package found, using fast XOR engine.

Calculated CRC : 0x83AE2701
CRC Validation passed
Traceback (most recent call last):
  File "C:\SamyGO Firmware Patcher.py", line 1262, in <module>
    SamyGO( sys.argv[2] )
  File "C:\SamyGO Firmware Patcher.py", line 1212, in SamyGO
    firmware,md5digg,decfile,encmode = Decryptor( in_dir )
TypeError: 'NoneType' object is not iterable

Thank you very much,
Alessio

[arris69]

..
OK, I did what you suggested and now decrypts correctly but patching...

Can you explayn this too?

Code: Select all

C:\>"SamyGO Firmware Patcher.py" patch ".\B-FIRBP7WWC"
....

Thank you very much,
Alessio

dunno, maybe someone needs to make a patch first?

[alessio71]

Thank you

[alessio71]

..
OK, I did what you suggested and now decrypts correctly but patching...

Can you explayn this too?

Code: Select all

C:\>"SamyGO Firmware Patcher.py" patch ".\B-FIRBP7WWC"
....

Thank you very much,
Alessio

dunno, maybe someone needs to make a patch first?

No, I think was missing this line in "Decryptor" function, just after the CRC validation:

Code: Select all

return (xorkey,md5digg,decfile,encmode)

like this:

Code: Select all

....
		if CRC != ValidCRC:
			print 'Error on Decryption'
			sys.exit()
		else:
			print 'CRC Validation passed'
			return (xorkey,md5digg,decfile,encmode)
....

and you'll need squashtools 4.0 to open the files decrypted...
Then, you'll be able to think about a patch

Is it possible to downgrade a FW like this?

Thanks,
Alessio

[greenhorn]

B-FIRBPEWWC BD-E6100 successfully decrypted. exe.img and rootfs.img successfully mounted on my ubuntu machine. Is there any wiki what do you have to change/create to make samygo extensions loadable and firmware acceptable by the player(even it load the latest FW version).
Thanks for your help guys! You are great!

[greenhorn]

How can I download on my PC any of:

Code: Select all

SamyGO Patched Firmwares!!! Features

    B-FIRHRDEUC_001107 (success: verified)
    B-FIRHTBEUC_001112 (success: in log yes, user report missing)
    B-FIRURDEUC_001103 (success: verified)

to see what is changed in rootfs.img and exe.img according the stock FW?

[arris69]

... Is there any wiki what do you have to change/create to make samygo extensions loadable

no, it's simple merged into devices boot procedure (nothing to document, then it's more or less a normal linux system boot, what's pretty sure documented 1000 times on internet)

and firmware acceptable by the player(even it load the latest FW version).
...

to let the device accecpt and run the custom firmware isn't a trivial task, if you search in the forum you'll find stuff about signature check (in bootloader, in kernel, during firmware install) encrypted suff and authuld protection etc.

so for "endusers" its better/safer that no documentation is published.

regards
arris