Security from Hell

Include DCT cable boxes and Starchoice boxes.

Moderator: justsomeguy

justsomeguy
Junior Member
Posts: 1417
Joined: Wed Jan 28, 2009 4:01 pm

Post by justsomeguy »

he can't make a service call because it's a hacked box.(I think)..is this a test box or is it a legit box? or is it a legit box with open package that was downgraded and then blocked? I need a bit of clarification:confused:...like I said it's from the current programming on the box, NOT because the caco is trying to get into the box~ I know you have one helluva a hard time to find local backups killswitch ...but i'm sure you can fix up the one you currently have...is that backup the same ph as the original guts that are in there? or is it just a ph that will work with your current ph?
live your life like a beer commericial
Killswitch
Junior Member
Posts: 439
Joined: Tue Mar 23, 2010 6:12 am

Post by Killswitch »

Yes, Sir - it's Hacked in the sense that I seized the MOBO and replaced it with a Test board and put it back into the box with all the correct ID's. When they scan the unit, it checks to what was issued. It's a PH8. When I Flash it to correct the Reboot Loop, I Flash it with its original Backup. Very straightforward. Over the course of the 3 1/2 yrs. I've been here, I KNOW 2224's and this shouldn't be happening. At first, I thought it was due to me adding the Block of the Deauth command in the FW Testing zone. Not true - still reboots. I'm smart enuf to make the unit appear with the UID and UPM of the Account Box to blend into the backround. Still reboots. I'm sure that if I Flash it and leave it totally default, it'll still wanna Reboot. Other than that, works perfectly as expected. It probably isn't worth the troubleshoot. I've moved onto bigger/better toys. I'll move it along and let someone else snuggle up to it. They'll be happy when they see HBO come beaming in. Testing to continue .............
liljayballer1010
Junior Member
Posts: 28
Joined: Thu Jan 22, 2009 11:24 am
Contact:

Post by liljayballer1010 »

coyote cojo wrote:Here In mIami everything is still going fine. My DCt700 still runs great with no hiccup.I dont think its a key issue too is your problem.
that's not true, im in ft. lauderdale and I have a dct700 that was working great for quite a while with just basic channels. But now, for some odd reason most of the major local channels like BET, CNN, FOXNEWS, are giving me the "NOT AUTHORIZED" message on the screen. I've tried new updated nvram. Still nothing. only channels like ch 7, ion works.
MrRogers
Junior Member
Posts: 775
Joined: Mon Jan 19, 2009 9:25 pm
Location: 127.0.0.1>localhost

Post by MrRogers »

liljayballer1010 wrote:that's not true, im in ft. lauderdale and I have a dct700 that was working great for quite a while with just basic channels. But now, for some odd reason most of the major local channels like BET, CNN, FOXNEWS, are giving me the "NOT AUTHORIZED" message on the screen. I've tried new updated nvram. Still nothing. only channels like ch 7, ion works.
This seems to be because they are doing key changes, or changing the channel mapping (switching channels to a different number). But I heard through the grape vine that there is ALOT of new stuff happening in Florida and up here in Massachusetts that is renderings test boxes to bite the dust in a manner of speaking.


Now to clarify some things. Comcrap's methodology first off is to make security different between most of the area's throughout the US to throw us ALL off our game, so keep that in mind when you see something happening to your hardware - i.e. "NOT AUTHORIZED, "ONE MOMENT PLEASE", "ETC", it may be isolated to your area - depending on the security engineering in that particular area they implement subtle differences between areas so that no sure fire way would work nationwide for everyone, this is a smart move on their part and a downfall at the same time. But nonetheless, makes complete sense if you view it through the eyes of the provider. I will not go in to details but (we) (most of us who have been around long enough to know this particular ISP) know that they have begun to smarten up and pay attention to making small security changes (a little) at the discretion of that particular area's engineering department and in some key area's, with parts of FL and MA, as well as IL being their prime spots to beef up first (and for good reason), these spots have a track record for having alot of rogue boxes on the network - this is no secret. With that being said, we know first hand when a key change has occurred or if they are playing new tricks with the security changes in the areas because most of the old methods will render your hardware "NOT AUTHORIZED" after a key change has occurred.

Some people in some areas have had some success with just something as simple as re-loading the original NVRAM back to their box and that brings the "NOT AUTHORIZED" channels back, and for some others it does not, it all depends on the area like I said, security protocols are all DOCSIS standard but have small differences, small enough where the security is not too far off from the original protocol but different enough so that one persons methods to get back on are not the same in all areas that supports Comcrap - It also deals with the ISP using another networks hardware - they just do not have the money or manpower to make key changes overnight, for example they may want to use a certain security measure, but the network use to belong to RCN which used a totally different security protocol so the changes do not happen overnight. Important security changes on a nationwide scale will take time, most of the time a minimum of 3 years or more from the time they figure out that there is a security flaw that needs to be patched. And by that time while they are working on patching that a new security flaw is explored by members of the community, so that requires even more time. So you see, they have their work cut out for them on a nationwide scale.

I remember as well as a few other members on here remember as well that a certain method of being able to view tv was actually very very simple to do around here, and actually lasted almost 5 years until they caught on to it and it still work, but only until a key change takes place - So we explore other methods, more concrete methods, which we are still unable to figure out as of yet a "fool proof" way of keeping boxes online and from getting hit.

The most important thing to remember is not not give up and to keep testing because each day that passes is another day closer to figuring out ways to bypass their security all together and to learn how their security works so that it may be exploited on every level possible. The ideal method would be to do it without them ever even knowing that a box exists, but that method is obviously far from being discovered - which is why we need to be diligent in continuously testing for new methods and finding out new flaws to see what possibilities we can explore.


@Killswitch- Have you tried re-loading the original data back and allowing it to re-download all the code modules and apps? It is just a shot in the dark, give it a try and let us know.
I JTAGGED your mom.
I was told that there is no such thing as a free lunch, I then learned through personal experience that the best things in life ARE FREE - Me

WE ARE ANONYMOUS, EXPECT US.

All posts/topics that I post in are completely hypothetical in real life and should not be taken seriously.
justsomeguy
Junior Member
Posts: 1417
Joined: Wed Jan 28, 2009 4:01 pm

Post by justsomeguy »

MrRogers wrote:. The ideal method would be to do it without them ever even knowing that a box exists, but that method is obviously far from being discovered .
they don't know that ANY of my box's exist !!;)
live your life like a beer commericial
keja
Junior Member
Posts: 138
Joined: Tue Mar 23, 2010 5:28 pm

Post by keja »

MrRogers wrote:This seems to be because they are doing key changes, or changing the channel mapping (switching channels to a different number). But I heard through the grape vine that there is ALOT of new stuff happening in Florida and up here in Massachusetts that is renderings test boxes to bite the dust in a manner of speaking.


Now to clarify some things. Comcrap's methodology first off is to make security different between most of the area's throughout the US to throw us ALL off our game, so keep that in mind when you see something happening to your hardware - i.e. "NOT AUTHORIZED, "ONE MOMENT PLEASE", "ETC", it may be isolated to your area - depending on the security engineering in that particular area they implement subtle differences between areas so that no sure fire way would work nationwide for everyone, this is a smart move on their part and a downfall at the same time. But nonetheless, makes complete sense if you view it through the eyes of the provider. I will not go in to details but (we) (most of us who have been around long enough to know this particular ISP) know that they have begun to smarten up and pay attention to making small security changes (a little) at the discretion of that particular area's engineering department and in some key area's, with parts of FL and MA, as well as IL being their prime spots to beef up first (and for good reason), these spots have a track record for having alot of rogue boxes on the network - this is no secret. With that being said, we know first hand when a key change has occurred or if they are playing new tricks with the security changes in the areas because most of the old methods will render your hardware "NOT AUTHORIZED" after a key change has occurred.

Some people in some areas have had some success with just something as simple as re-loading the original NVRAM back to their box and that brings the "NOT AUTHORIZED" channels back, and for some others it does not, it all depends on the area like I said, security protocols are all DOCSIS standard but have small differences, small enough where the security is not too far off from the original protocol but different enough so that one persons methods to get back on are not the same in all areas that supports Comcrap - It also deals with the ISP using another networks hardware - they just do not have the money or manpower to make key changes overnight, for example they may want to use a certain security measure, but the network use to belong to RCN which used a totally different security protocol so the changes do not happen overnight. Important security changes on a nationwide scale will take time, most of the time a minimum of 3 years or more from the time they figure out that there is a security flaw that needs to be patched. And by that time while they are working on patching that a new security flaw is explored by members of the community, so that requires even more time. So you see, they have their work cut out for them on a nationwide scale.

I remember as well as a few other members on here remember as well that a certain method of being able to view tv was actually very very simple to do around here, and actually lasted almost 5 years until they caught on to it and it still work, but only until a key change takes place - So we explore other methods, more concrete methods, which we are still unable to figure out as of yet a "fool proof" way of keeping boxes online and from getting hit.

The most important thing to remember is not not give up and to keep testing because each day that passes is another day closer to figuring out ways to bypass their security all together and to learn how their security works so that it may be exploited on every level possible. The ideal method would be to do it without them ever even knowing that a box exists, but that method is obviously far from being discovered - which is why we need to be diligent in continuously testing for new methods and finding out new flaws to see what possibilities we can explore.


@Killswitch- Have you tried re-loading the original data back and allowing it to re-download all the code modules and apps? It is just a shot in the dark, give it a try and let us know.
Very good post.
CAPONE
Junior Member
Posts: 5011
Joined: Sat Dec 27, 2008 3:25 pm

Post by CAPONE »

justsomeguy wrote:they don't know that ANY of my box's exist !!;)
They don't even know that YOU exist........... LMFAO
"If you give a man a fish you feed him for a day. If you teach a man to fish you feed him for a lifetime."
Killswitch
Junior Member
Posts: 439
Joined: Tue Mar 23, 2010 6:12 am

Post by Killswitch »

Yea, he's transparent. A Chamelion. Blends into the backround like a champ. He might begin to understand a little better if Comcast were North of the border. They take names and kick ass.
justsomeguy
Junior Member
Posts: 1417
Joined: Wed Jan 28, 2009 4:01 pm

Post by justsomeguy »

CAPONE wrote:They don't even know that YOU exist........... LMFAO
you KNOW it buddy!
Killswitch wrote:Yea, he's transparent. A Chamelion. Blends into the backround like a champ. He might begin to understand a little better if Comcast were North of the border. They take names and kick ass.
lol.....comcrap might be the big fish, but man i'm tellin ya....shaw has one of the tightest security systems out of ANY provider ! do searchs anywhere and read up...buddy they got a very good force behind them~ but apparently NOT good enough :eek:
live your life like a beer commericial
MrRogers
Junior Member
Posts: 775
Joined: Mon Jan 19, 2009 9:25 pm
Location: 127.0.0.1>localhost

Post by MrRogers »

They know that I exist man, I got a story for you guys... When I first moved in and called to get basic basic cable (mind you the line was ALREADY CONNECTED and active) and I was calling to just get basic because I feel they deserve some sort of payment, even if it is the $10/month. I called and they had me all setup to get service, etc. And then 3 days after setting up this appt. they decided to come out and CUT MY LINE FROM THE POLE and make it 5 feet short so that it would be impossible to connect it back at the tap, they even went through the trouble of putting terminators on all the open taps to make sure I wouldn't get service ROFLMAO!!, LOL! This was all at the discretion of the "regional head of network security" for the east coast. So I asked for a reason why my line was cut and I was told that I would be contacted the same day, which was a lie... So I took measures in to my own hands, I really hate it when people lie to me so this was my vengeance :)

But then I broke out my tools and played cable man and hooked myself up with 2 lines instead of just the one that was coming in.

Now I know what you guys are thinking, if you already had an active line then why call to get service if the line was already there and they would have never came to cut it. So you see the moral of this story is I tried to do right by them and they ended up screwing with the wrong person, again...

So I removed ALL the terminators from the tap and ran 2 x RG11 lines with quad shielding to my house instead of their basic RG6 with dual shield, and in some cases they use to use RG56.. So in the end they really did screw themselves - Would they really be that naive to think that I wouldn't have access to the same equipment and tools that they use?! I mean seriously!

The only REAL way to stop me is to remove the tap all together, which I am sure my neighbors would not like haha. What I love the most about this is the anonymity and the fact that they (the caco) have no probable cause or evidence that I did anything as stated above. All the hardware in my house I purchased online with the understanding that it was purchased by a vendor that had legal rights to resell equipment - Cable modems are allowed to be purchased in stores but cable boxes are a different story.
I JTAGGED your mom.
I was told that there is no such thing as a free lunch, I then learned through personal experience that the best things in life ARE FREE - Me

WE ARE ANONYMOUS, EXPECT US.

All posts/topics that I post in are completely hypothetical in real life and should not be taken seriously.
Killswitch
Junior Member
Posts: 439
Joined: Tue Mar 23, 2010 6:12 am

Post by Killswitch »

Yes, Sir - these fine folks operate a Government Franchise. My God, let's all get down on hands/knees and pay our respects. Their staff should be glorified along with the Father, Son and Holy Ghost. Hence the title Security from Hell. These people are making ROI (return on investment) that goes beyond words. If I were you, I would go in suit/tie to the nearest Corporate Office and insist on a file being created and go with the flow. Conclusion : Security goes beyond good business for Comcast and, if you were to tell them that they're about to lose business for the way that they carry themselves, the Corporate bitch will have a big smile on his face and KNOW that CONTROL supercedes better business practice. I tell those fools that I am a FIOS Install Tech. Many of them become chuckley. If I were to tell them how I've beaten them over the years, they would lose that smile and become very serious. It's a game. Everybody here knows it.
Post Reply

Who is online

Users browsing this forum: No registered users and 11 guests