kanber_kav
12-06-2009, 09:32 PM
Help me...
I would be a cccam how to login? source code please...
OpenxCAS and cccam login source?
snakie
13-06-2009, 04:56 AM
Difficult to find information for what you ask, some people who already know something dont share it.
Only way for now is to reverse it.
Dig Deep
13-06-2009, 08:32 AM
Not that much freedom in the Sat community :redface:
kanber_kav
13-06-2009, 09:21 AM
dvbn.**** forum
_silencer
This code is from my logger, so for a client you do not need to initialize the server encrypt states.
The encryption looks like some costume RC4 encryption, it can use any length as encryption key and every encryption/decryption changes the internal encryption state (on the fly changes). The encryption key exchange is done really bad, so a man in the middle attack is possible and the hacker could launch an easy attack on it to get the password. So CCcam looks flawed in it security. That is the reason why I am not giving the encryption code away this time (I do not want people to start hacking CCcam servers).
I got all my information by using IDA Pro and Hex rays... just run a virtual machine and use the ida linux debugging server. You should be able to reverse engineer the encryption your self... just remember if you ever release it what impact it could have.
This should give you a nice start at it:
Code:
bool check_connect_checksum( uchar* data, int length )
{
bool valid( false );
if ( length == 16 )
{
uchar sum1( data[0] + data[4] + data[8] );
uchar sum2( data[1] + data[5] + data[9] );
uchar sum3( data[2] + data[6] + data[10] );
uchar sum4( data[3] + data[7] + data[11] );
valid = ( ( sum1 == data[12] )
&& ( sum2 == data[13] )
&& ( sum3 == data[14] )
&& ( sum4 == data[15] ) );
}
return valid;
}
void cccam_xor( uchar* data, int length )
{
if ( data == 0 )
return;
if ( length >= 16 )
{
const char* cccam( "CCcam" );
uchar index( 0 );
do
{
*(data + 8) = index * (*data);
if ( index <= 5 )
*data ^= cccam[index];
++index;
++data;
}
while( index < 8 );
}
}
/* Special handelig of first packets untill sucessfull login */
switch ( server_packet_count_ )
{
/* Connection checksum, first packet of communication */
case 0:
{
bool valid( check_connect_checksum(data, length ) );
/* Connection packet should be 16 bytes in length */
if ( valid )
{
log_ << "Checksum of connection packet is valid.";
/* Xor with CCcam */
cccam_xor( data, length );
/* Calculate SHA1 hash, used as encryption key */
boost::scoped_array<uchar> hash( new uchar[20] );
SHA1_CTX ctx;
sha1_init( &ctx );
sha1_update( &ctx, data, length );
sha1_final( &ctx, hash.get() );
/* Notify used encryption key */
log_ << "Using this encryption key:";
log_.print_raw( hash.get(), 20 );
/* Temporary buffer for server crypt state */
boost::scoped_array<uchar> do_not_overwrite( new uchar[20] );
/* Initialize decryption state, hash is decryption key */
cccam_init_crypt( &server_encrypt_state_, hash.get(), 20 );
cccam_decrypt( &server_encrypt_state_, data, do_not_overwrite.get(), 16 );
cccam_init_crypt( &client_decrypt_state_, hash.get(), 20 );
cccam_decrypt( &client_decrypt_state_, data, data, 16 );
/* Initialize encryption state */
cccam_init_crypt( &server_decrypt_state_, data, 16 );
cccam_encrypt( &server_decrypt_state_, hash.get(), do_not_overwrite.get(), 20 );
cccam_init_crypt( &client_encrypt_state_, data, 16 );
cccam_encrypt( &client_encrypt_state_, hash.get(), hash.get(), 20 );
/* This is our connection response */
boost::scoped_array<uchar> response( new uchar[20] );
cccam_encrypt( &client_encrypt_state_, hash.get(), response.get(), 20 );
/* Notify what client should repond */
log_ << "Client should reply with this message:";
log_.print_raw( response.get(), 20 );
}
else
{
log_ << "Checksum of connection packet is not valid!";
}
break;
}
}
goran
13-06-2009, 12:44 PM
K_K, m8: you need to talk to Mower or The_Ripper, as he is known on this forum [he is a VIP, like you - send him a PM].
On the other hand, there is an Mbox forum as a part of the EX-YU forum group, where he is the Administrator, as mower. He is the coder behind the Mbox and he is doing the CCcam for AZbox HD, too.
He might appreciate some help. Well, I hope... And I may well be talking for all of us here!!!
I really hope you guys find a way to join forces, with other good coders of good will!
But will you, or anybody else, for that matter, be trusted - is another matter...
Good luck!!!
Teşekkürler for your efforts, once again!!!:respect-048:
goran
13-06-2009, 10:23 PM
@ All: here is the online English-Turkish and vice versa translator...
http://www.stars21.com/translator/english_to_turkish.html:respect-048:
Powered by vBulletin® Version 4.2.5 Copyright © 2024 vBulletin Solutions Inc. All rights reserved.