One thing he says in the video that I have questions about is that the keys in ram aren't needed for FP channels. To get FP signals you need a real DCII receiver. Therefore a simple tuner device can't decrypt them. These were the channels you could get with the genpix and similar devices. If it doesn't change,you could simply set this channel as a constant control word.It happens the same with powervu in 58w. I may be wrong about this because I do use Tsreader most of the time but I believe most DVB-S2 set top boxes can scan in these channels.įor free preview or zero key mode,there is still the question if the ECM packets change or not. However, the newer DCII signals are using DVB-S2 and appear almost the same as regular DvB-s2 signals except for the encryption. I know there are differences in the tables and such, and older DCII even used different modulation methods that DVB receivers couldn't lock. The transport stream is way different,tables and such,and you must,first,be able to scan channels and make a channel list. In the video he talks about this but never says exactly what the key is. It's also in every digicipher ii receivers rom and this guy should have it since he read the rom. Since Fixed key channels can be decrypted by any previously authorized box and the keys are stored in rom, it must mean there's only one key and it's never changed.
On the other hand, a softcam might be useful for channels that are fixed key encrypted. So, even if we had a softcam at this point you would be able to do nothing without the seed keys or the unit ID of an authorized unit. Anyway, it would seem that until there's a way to brute force the 3 seed keys or derive the seed keys from a unit ID, it's not really cracked. Anyway, If i understand it correctly the seeds keys are used to decrypt the EEM95 to get the category key, which then is used to derive the program and working keys. Wonder if there's a relationship between those and the unit ID or if they are randomly generated? You would think there must be so the provider can generate the keys to encrypt the EMM. Without a STB to read those from you'd have to brute force them.
You need the 3 seed keys from a unit with an active subscription.
What he did was extract the keys from ram. From this someone could probably make a softcam emulator but to get keys is going to be the problem. After watching the video, it looks like it's a little more complicated.
0 kommentar(er)
