Hello, I own one of the clones of this receiver (Ctech 5000HD+). My aim is to modify firmware, to improve OSD colors and overall appearance. So far, I've managed to extract uncompressed main image from firmware, and found certain bitmap & font entries in it.

I'm just curious, maybe someone already done something similar, or there are any tools available, to simplify such tasks?

Available tools for 1XXX series such as stb2bin and so on of course does not work here.

Stbconvert? possibility to brick the TM6900! Someone has the tools and the knowledge, hard to get by I would guess.

http://www.ftatalk.com/showthread.php?t=275041

This may be interesting for you :)

Apologies if link should not have been posted

This source code may open a few options... Looks like the full source for 6000 series

:respect-048:

On closer inspection, it is for the TM1000, but it may give some clues as to the STB format ;)

Thanks everyone for help.

There's no need for any stbconvert - I've already learned how to extract raw rom image from firmware file. What I need at current stage is entries in table, where images/fonts being stored, and what format is used for them.

While TM1000 files seem to be similar by their extension, internally they are totally different (since different CPU), so no tools from tm1000 can be used.

Anyone removed main chip cooler from receiver?

Which chip this receiver uses?

I's I've seen on internet, it uses STI7101, but while browsing through firmware, I found only mention of STb7109, and after checking the PDF, specs look exactly like receivers one (two usb ports, etc)....

AFAIK the 6900 uses the STI7101, but the 6900+ has a higher spec cpu so it can handle blind scan and ethernet, hence the 7109

Yes, just to mention that blind scan is not main chip feature, it's generally input tuner hardware feature - just need software reading from main chip :)

Achieved some success - traced down certain images in firmware:

http://img200.imageshack.us/img200/7590/crops.th.jpg (http://img200.imageshack.us/i/crops.jpg/)

looks like general uncompressed 24 bit images, with swapped color order.

Size table for most images is already completed. All images are uncompressed 24 bit (3 byte) GRB format. So, theoretically, I can make a new gui right now. Hovever, there are two problems that I haven't solved yet.

1. Where are fonts stored and in what format? seems that unlike bitmaps, fonts files are packed some way.

2. How to create .stb file from modified .bin

>8 >8
2. How to create .stb file from modified .bin
stbconvert is this not working 2 ways: bin to stb, stb to bin? could be still a problem with CRC & checksum?

No one confirmed it working on current .stb files, checks being done only for previous generation receivers. So I don't want to brick my receiver yet :) I have JTAG and I can download main firmware for backup any times, but my receiver is sealed with warranty sticker...