• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Conax: M-II vs. softcam

Messages
2
Likes
0
#1
Hi chaps,

Since the people doing the M-II files for Conax seem reluctant to release the keys to the public (for commercial or whatever reasons), wouldn't it be possible to use the M-II file in a softcam decoder? I mean, the M-II SW is in there, and even if they keys are not easily extractable the entire SW obviously works when loaded into an M-II cars and so should be able to work if there is a M-II emulator.

I.e.:
if(possible to extract keys from M-II)
create M-IIextract.exe
else
create M-IIemulate.exe (with a Yankse or S2emu interface)

I have nothing aginst M-II cards as such, it's only that I only have a softcam solution and so have no physical slot for a card...
 

Burnham Beech

Specialist Contributor
Messages
1,006
Likes
34
#2
No, it won't work. The only way to use MII files is with a MII card.

No one can get the codes out until they are released in the Titanium files on the stopstop website.
 
Messages
2
Likes
0
#3
Burnham Beech said:
No, it won't work. The only way to use MII files is with a MII card.

No one can get the codes out until they are released in the Titanium files on the stopstop website.
That's a bit negative, isn't it?

Won't work? Why not - the interface to the card is known and it is well-known (and the processor on the card is known), so with the SW for the card everything is predictable. I.e., for any given input it should only be a matter of just sendning it to an emulator and we should get the appropriate result. And since the speed of a normal computer is way higher than for a smart card, the answer should be ready in time even if the card processor is emulated.

I'm sure there are emulators for the processor already (this is normally made available for SW developers), so with a few interface additions and the SW for M-II.exe...

If this is not possible, please also say why. I can think of a few difficulties, such as the code being encrypted inside the file, but in that case we also have the loader inside the file and can decrypt using that. (In worst case, - but this shouldn't be needed - it should be possible for someone to actually flash an M-II card and then read back the info.)
 

mholali

Regular Member
Messages
32
Likes
0
#5
I think catflap knows what he is talking about. As for me, I am sorry but I do not have the slightest clue. Electronics used to be my best subject as A' level. After that stage I never visited it again. Catflap, keep up the spirit. I will join you soon when I know what I am talking about........I need to revise my stuff
 
Messages
2
Likes
0
#6
The mII files are encrypted and only the programmable part of the Os is known (as part of the encrypted file).. as to my knowlegde.
If you are able to dump the mII cards or make a usable alternative to the cards . its no problem for them to change the os and make you back to the start again.. after all ..it is the selling of the cards that is the reason for the crypting of the files. ....
If you want to do something about it .. find out how to dump the cards.. keep it updated still if they change the os.
Many before you have tried this .. some have succeded for a while.
Good luck anyway..
 

BGonaSTICK

Retired Moderator
Messages
5,145
Likes
0
My Satellite Setup
Dreambox 7000, Skystar2
My Location
Brighton
#7
Shaman is about right I guess. I don't know the internals of the MII, and I know diddly-squat about any other sat-cards or their OS's, about CAM's, Emu's or advanced encryption techniques but logically you could either A) load the card and then try to exploit a weakness in it to extract what you need, or :cool: build a complex software environment/emulator to run on a different processor (x86 say) thus enabling the executable code contained in the MII file (that code which is destined to run on the card (not the loader code) plus all the supporting environmental data also contained therein) to run without first loading it to a card. :eek:

Those two options may look something like :-

A) Break up the exe file into its constituent parts (easy), and pull out the loader and the data to be loaded to the card.

You could either then :-

1) Load the card and try to get all the data back off it, which is next to impossible ('cos smart cards are designed to be written to but not read from) and would take both an age and the more capable of us to acheive. At best you could get it all, and shaft the MII developers, or you could just get the keys. If you could do the latter, you would be fine 'till the next key change, and the next MII file was released.

2) Alternatively, you could break the key encryption in the file and decrypt the keys. The developers would then change the encryption process for the next file, and you'd have to start again. You also have a chance of reverse engineering any encrption/decryption logic in the loader (if present?), but that would end in the same way as above.

At best, I guess you could fathom the essence of the app. code running on the card, plus dump the various memory areas on the chip and that may give you the logic and access to rip keys and key logic from the original cards.

Then you would be laughing, but I don't think that's what you're asking.

:cool: To create an address space in which to emulate the MII card's processor i.e. it's instruction set, plus the card OS on top, and then the C*nax card code on top of that, with access to all the operational run-time data from each of these tiers (which certainly isn't available in the file anyway, nor could you easily supplement this externally), and emulating each of the protected memory areas of the original MII card would be a massive task. I doubt that an emulator exists in the public domain which you can download off the internet. ;)

Then of course you would have to build an API/new SoftCAM from scratch (either to execute in that simulated environment, or on the native host processor with access to the simulated address space), and port both to each platform that you wanted to run it on. Yes it's possible. We've all seen Commodore and Spectrum emulators for the PC (Oooh, hark at me showing me age...) but it's a huge ask when so little is know about the original environment.

Of course the third option is that you could buy a programmer and MII card.

Now I don't mean to be sarcastic, that isn't my intention, but that's about the size of what I think you're proposing. Now I almost certianly have some of the details wrong, and if you undestand this better than me then I'm happy to stand corrected (and indeed would love to hear your ideas) but the scale of what's involved in fabricating the environment to make this happen is too great to contemplate when buying a card is so cheap and easy.

And I'm not trying to sell the card. If I had my way, I'd blow the whole lot wide open and give it to the community with my best wishes.

STICK
 

ruf

Member
Messages
4
Likes
0
#8
catflap said:
Hi chaps,

Since the people doing the M-II files for Conax seem reluctant to release the keys to the public (for commercial or whatever reasons),
I have wondered the same thing. MII team (or whatever PDK team) seem to have commercial benefits from MII manufacturers. Otherwise they would publish the keys. They want to wipe out titanium cards(and others) even though titanium will do the trick as easily as MII-card.

There's no problem doing titanium-c***x file after keys are known, everyone can do it. Is that what they are affraid of ? No-one buying new cards because old is enough. It was the same thing with s**a2 and MR. MR can clear s**a2 as easily as MRev. But in order to get MRev sold, they needed to stop publishing new releases for MR/s**a2.

Well its their business to do whatever they do, but what comes next when new card is in horizon? MII suport drops and this "card selling" method starts in the beginning.
 

BGonaSTICK

Retired Moderator
Messages
5,145
Likes
0
My Satellite Setup
Dreambox 7000, Skystar2
My Location
Brighton
#9
Of course. It's no secret. The various teams issuing new card-types every 6 months or a year is the only way of generating any income for the work they do, and to cover the overheads they have.

If the teams provide good service in terms of supplying new files in a timely manner then fair enough. It's only unfair when you pay for the card and don't get the support.

The MII, like the Tit before it have been good value for money, whereas one or two of the other cards have been a real disappointment. It appears that the community backlash to the introduction of the Knot2 (for S2) card was enough to cause a rethink though.
 

john_graydon

Specialist Contributor
Messages
2,219
Likes
3
My Satellite Setup
Azbox premium HD+,Dusty Dreambox 7000s,& Sky HD.
My Location
Dublin....Ireland
#10
Burnham Beech said:
I don't have the knowledge to answer this question

But if anyone else does, please post below.
Great Discussion and many more like it in the new year.
No Knowledge myself yet but updating my brain each day.
Dont mind paying a few quid for a card and get some value out of it. Titanium was and still is a great card. I bought mine and programmer for €75 a while back and think i got my use out of it. so now move on to M11 And dragon cam. If the people who make these cards make a few bob out of them and give us the k*ys well i dont mind paying for them so long as the cards dont change overnight. There has to be something in it for them. Paid subscribtion to C+ for premier footie is well over €1000 each year, so as I said I dont mind buying a card. I think its great been able to write to the card to decode Channels, Isnt that what it is all about. When i started out last year I had`nt a clue about anything did`nt even know what a LNB was till I joined this forum. Now im installing dreamboxes( Supposed to be the hardest thing to set up) for friends, writing to titanium cards and matrix cams. If these guys dont make a few pound out of it who is going to find K*ys for us. I know some dont. It would kill me to pay Sly for football and then would`nt get sat 3pm kick offs. Havent missed a Chelsea game the last year and dont intend to
miss them this and next year either as long as there is k*y guys around. So Keep up the good work and dont rip us off either.
 

ruf

Member
Messages
4
Likes
0
#11
Of course teams deserve some payoff of the work they do. But teams can then stop talkin nonsense 'bout free satellite. I'm tired of that hypocrite bulls**t.
There's no such thing as long as "key hiding" continues. JKF team can be an example of that. PDK seems to follow.

Don't get me wrong, they all have my respect for giving those keys. Even if giving them late. But if it were in my knowledge, I would put a step by step manual how to unscramble keys. Well the c***x side might then know how to make hacking more difficult but anyway....
 

haggard

Regular Member
Messages
467
Likes
0
My Satellite Setup
7000S - 300GB Maxtor
1GB USB -
Syslink wifi bridge from DB to Syslink wifi router to Apple Extreme streaming relay to Apple G5, 2 xG4.
Elgato into G4 17 in for Apple DVB-T captures.
Panasonic 42 HD ready
My Location
NW England
#12
ruf said:
I have wondered the same thing. MII team (or whatever PDK team) seem to have commercial benefits from MII manufacturers. Otherwise they would publish the keys. They want to wipe out titanium cards(and others) even though titanium will do the trick as easily as MII-card.
snip
The text of encl read me file that comes with PDK's M-II file reads like a 100% link between the M-II card makers and the M-II file producers:
>We are still kicking ass.......
>M-II is still ready to support Conax
>so dont talk rubbish about our cards.
>We at least give out files for FREE.
 

BGonaSTICK

Retired Moderator
Messages
5,145
Likes
0
My Satellite Setup
Dreambox 7000, Skystar2
My Location
Brighton
#13
Yep. The 'file guys' in question either crack or buy the required code/keys, then they commision the cards to be manufactured, and distribute the files to load onto it. That's the way it works.
 

john_graydon

Specialist Contributor
Messages
2,219
Likes
3
My Satellite Setup
Azbox premium HD+,Dusty Dreambox 7000s,& Sky HD.
My Location
Dublin....Ireland
#14
BGonaSTICK said:
Yep. The 'file guys' in question either crack or buy the required code/keys, then they commision the cards to be manufactured, and distribute the files to load onto it. That's the way it works.

Read you report on the M11 being useless last night and said to myself just my luck as my card was in the post. Maybe this was a ploy to highlight the m11 card so sales would rocket when the new files came out last night. We shall wait an see.
 

haggard

Regular Member
Messages
467
Likes
0
My Satellite Setup
7000S - 300GB Maxtor
1GB USB -
Syslink wifi bridge from DB to Syslink wifi router to Apple Extreme streaming relay to Apple G5, 2 xG4.
Elgato into G4 17 in for Apple DVB-T captures.
Panasonic 42 HD ready
My Location
NW England
#15
john_graydon said:
Read you report on the M11 being useless last night and said to myself just my luck as my card was in the post. Maybe this was a ploy to highlight the m11 card so sales would rocket when the new files came out last night. We shall wait an see.
The last 2 days was a test of nerves for those thinking of buying a card and those who had just bought.
When the new file didnt come out in an hour it looked like something was up.
Then an official card owner on another forum said his real card took an unprecedented 4 hours to update - that's 4 times longer than typical M-II. So something was clearly up.
My suspicions were that the provider had been updating cards in blocks shifted in time and mapping this to M-II updates. Eventually they nailed the master key.
All through that, the experts close to M-II were saying - don't panic, it's like thinking the moon won't come back. They were right.
I jot down or make mental note of handles of clear experts on this and other forums, so when they say something, its like a bibliocal prophet speaking. We have our share of them here!
All it means is, read read before wailing.
 

BGonaSTICK

Retired Moderator
Messages
5,145
Likes
0
My Satellite Setup
Dreambox 7000, Skystar2
My Location
Brighton
#16
We were just reporting what was being posted elsewhere. Better to be safe than sorry for potential buyers. It was a stunning story, and it proved to be just that although as you say, there was more to it than a key change. :)
 

gypsy40

ASBO Club Member - Persona non grata
Messages
16
Likes
0
#17
i've read an i've read & i still dont understand, all i do understand is it costs me £30 everytime i wnat my cam an card reprogrammed every mth or so, so to me i take the view i may as well pay my sky subscription as i aint into football or sports i just wanna watch the movies on kiosk,multivision,cinema,ticket,tv1000 & tequila ok the mature content is good as well but mostly i purchased a humax 54ooz & a matrix cam & titanium card with motorised dish for £500 then it cost me £100 to have it installed to watch the movies for the kids, an now its costing me £30 a time to have it reprogrammed every few mths, alot of expence dont you tink someones getting their pockets lined somewere, i thought all this was about beating the system & getting it for free, I aint received out for free yet its cost me an arm an a leg an several severe headaches when they go down especially with the wife an kids, wot a waste of money my wifes says & yes i now tend to aggree with her, so all you newbies out their beware & avoid or u will be ripped off it aint as simple as it seems & no one seems to help they are all sarcastic cos they know an we dont simple as beware dont buy the crap stick to sky at least it dont go down on ya & if it does you get an engineer out to you free of charge with no rip off charges to reprogramme