Can I hack my TV?

General Forum for talking area for B series TVs.
Post Reply

User avatar
erdem_ua
SamyGO Admin
Posts: 3126
Joined: Thu Oct 01, 2009 6:02 am
Location: Istanbul, Turkey
Contact:
Contact erdem_ua

Re: Can I hack my TV?

Post by erdem_ua »

If you handle all the job and your TV has an Ethernet port or at least an USB port, It's possible.
But it will be more difficult than B650 series. Take a look your firmware. Your firmware is not encrypted with XOR and you can mount images via linux.
If you prepare compiling tool chain, than you could make WiFi drivers for WiFi access to your TV. Since your TV is not originally supporting WiFi, it's not configurable via TV menus but you can mount your NFS server as a USB drive to use DLNA like feature on your TV. :)
Top
arris69
Official SamyGO Developer
Posts: 1700
Joined: Fri Oct 02, 2009 8:52 am
Location: Austria/Vienna (no Kangaroos here)
Contact:
Contact arris69

Re: Can I hack my TV?

Post by arris69 »

philmorley wrote:Hi there,

Im new to this TV hacking business. Does anyone know if my TV is compatible? Model number is "LN40A530"

Thanks!
you can start at the samsung site, download the firmware for your tv
(http://downloadcenter.samsung.com/conte ... 1008.0.exe)

extract it (unzip or unrar)

inspect the files

Code: Select all

file T-PRLAUS/image/*
T-PRLAUS/image/appdata.img:      Squashfs filesystem, little endian, version 3.0, 4484417 bytes, 839 inodes, blocksize: 65536 bytes, created: Thu Jan  1 01:00:00 1970
T-PRLAUS/image/boot.img:         Squashfs filesystem, little endian, version 3.0, 110324 bytes, 11 inodes, blocksize: 65536 bytes, created: Thu Jan  1 01:00:00 1970
T-PRLAUS/image/exe.img:          x86 boot sector; partition 1: ID=0x4, starthead 0, startsector 0, 57456 sectors
T-PRLAUS/image/info.txt:         ASCII text
T-PRLAUS/image/pack.bin:         data
T-PRLAUS/image/rootfs.img:       Squashfs filesystem, little endian, version 3.0, 2645318 bytes, 343 inodes, blocksize: 4096bytes, created: Thu Jan  1 01:00:00 1970
T-PRLAUS/image/uImage:           u-boot/PPCBoot image
T-PRLAUS/image/validinfo.txt:    ASCII text
T-PRLAUS/image/version_info.txt: ASCII text
T-PRLAUS/image/version.txt:      ASCII text
extract the rootfs.img

Code: Select all

mkdir -p T-PRLAUS/dimage
unsquashfs -dest T-PRLAUS/dimage/rootfs T-PRLAUS/image/rootfs.img"
search for telnet or inetd in the extracted image

Code: Select all

find T-PRLAUS/dimage/ -name "*net*"

T-PRLAUS/dimage/rootfs/bin/utelnetd
T-PRLAUS/dimage/rootfs/lib/modules/usbnet-mt583x.ko
search for a script from whitin utelnetd was called

Code: Select all

grep -r utelnetd T-PRLAUS/dimage
T-PRLAUS/dimage/rootfs/sbin/mountnfs:utelnetd -d
now you know, you have to call

Code: Select all

utelnetd -d
or

Code: Select all

/sbin/mountnfs &
from your exe's rc.local

extract exe.img

Code: Select all

mkdir tt 
mount -o loop,noatime,nodiratime  T-PRLAUS/image/exe.img tt
cp -a tt T-PRLAUS/dimage/exe
umount tt && rm -rf tt
inspect T-PRLAUS/dimage/exe/rc.local with some editor, cat, more or less.
you will see the line

Code: Select all

#/mtd_exe/memalloc &
and that's the line what you have to edit with a hexeditor in your exe.img

recalculate the crc for the hexedited exe.img and edit it in T-PRLAUS/image/validinfo.txt

update your tv with your hacked firmware.

but please look first there is an ethernet port on tv or not :lol:

arris

ps: new toolchain needed, once more.
T-PRLAUS/dimage/boot/rfs.ko
busybox: ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, for GNU/Linux 2.4.17, stripped
vermagic: 2.6.10_mvl401-mt53xx-926ejs preempt ARMv5 gcc-3.4
Top

Post Reply

Return to “[B] General”