Very uncertain which series I am !

[juusso]

I have two news for you. One is good, the second is bad. Which one do you prefer to know first?

The good one, is that you can decrypt your firmware using latest SamyGO firmware patcher, i mean, the firmware key is same as for other GAP*/GAS* firmwares

SpoilerShow

Code: Select all

SamyGO Firmware Patcher v0.34 (c) 2010-2011 Erdem U. Altinyurt

                   -=BIG FAT WARNING!=-
            You can brick your TV with this tool!
Authors accept no responsibility about ANY DAMAGE on your devices!
         project home: http://www.SamyGO.tv

Firmware:  T-GAPLBDWWC v1008.4

AES Encrytped CI+ firmware detected.
Processing file appext.img.sec
secret key :  SHWJUH:85a045ae-2296-484c-b457-ede832fcfbe1-646390a3-105e-40aa-85f
6-da3086c70111
Decrypting AES...
Decrypting with  XOR Key :  T-GAPLBDWWC
Crypto package found, using fast XOR engine.

Calculated CRC : 0x2B160950
CRC Validation passed

Bad news is that like other D7/8 series, here is no code to get hospitality hack working. rc.local attached. Currently no idea how to get root on your TV. You should check trough exlink the TDM and maybe you find some "memory read/memory write" to be able patch kernel in memory.

[lambda79]

Thx about your feedback,
considering the good news and the fact i can modify my firmware using SamyGO.py, i should now flash the modified firmware from a USB stick to the TV?
and this way at least having a working telnet access?

[juusso]

you can`t modify your firmware and no way having working telnet. Because here is no way to flash modified firmware back to tv.

[lambda79]

I now have a working Exlink cable (at least its working on a C-series http://paste.debian.net/242018/ but got no output on my D7/8 series ! Is that normal behavior? i mean no serial output even if i set rs232 to debug ? Is that still a security against hacker ? What do you suggest me to do

[lambda79]

OK i did grab older version, so i gonna use the DNS hack to downgrab to 1007.3
Do you think this older firmware give better perspective for hacking? thx you @juuso

[juusso]

I don't think you achieve something with that lower version firmware.

[lambda79]

Do you think soon, you or someone of ixbt forum are going to achieve something with that smartHub-less tv and this firmware?
Is it hopeless?

[juusso]

I think its almost hopeless. you're alone with this model here and on ixbt.

but you can try, maybe I'm wrong

where to get firmware 1007.3 for your tv? we don't have.

[lambda79]

Here is the download link
http://dssceurope.com/?f=firmware/new_l ... 1007.3.zip

I 'd like to try a downgrade from the dns hack you provided to the community at least figuring out if old firmware 1007.3 has serial Exlink unlocked ...

Concerning ixbt it seems there's a lot of skill all around, main issue is i dont manage russian at all...


Thx anyway, uzis

[juusso]

Comparing images of both firmware versions:
rootfs.img are identic
Image (kernels) are identic = exlink console still locked for HEX symbols)

exe.img and appext.img differs, but rc.local is same, means no custom autostart/root, here is no custom start from mtd_rwarea, so hospitality hack will not work.

Conclusion - here is no need to install/downgrade firmware.