2. #! /usr/bin/whoami
• Application Security Engineer at Bugcrowd Inc.
• One of the goons of ROOTCON – the premiere hacking conference in
the Philippines
• Former Senior Security Consultant at Hewlett-Packard Enterprise
(Fortify on Demand)
• Acknowledged and rewarded by Facebook, Adobe, Yahoo,
Microsoft, Mozilla, etc. for his responsible disclosures
• Contributed auxiliary and exploit modules to the Metasploit
Framework e.g. Zemra, w3tw0rk, Phoenix Exploit Kit exploits
• nullcon virgin :)
3. #! disclaimer
• Some memes and images may have explicit meaning in them but
hope you don’t get angry with me ;)
• Topic is limited to shooting TV sat transponders + the hardware risks
• The views and opinions expressed are not from my employers
4. #! credits
• Inspired by Adam Laurie’s talk entitled “Satellite Hacking for Fun and
Profit” at Black Hat DC 2009
• Inspired by “Hacking a Bird in the Sky: The Revenge of Angry Birds”
by Jim Geovedi, Raditya Iryandi, and Raoul Chiesa
• My father for the equipments and hardware
• lyngsat.com - a good resource for beaming all those transponders
• Filsat and PhilDISH - satellite association groups / forums in the
Philippines
6. #! why do we shoot?
• Free Radio and TV
• It’s a geek thing
• It’s a hobby
• for fun and profit
• Card Sharing (illegal stuff)
• You can watch free Pr0n
• …wait I didn’t add that one ^
7. #! you can watch free……
• Reference: http://rintosingkep.blogspot.com/2013/04/zamjari-tv-channel-khusus-dewasa-di.html
8. #! previous slide explanation
• Just a fact that such thing exists and just for educational purposes
(some are FTA, some have keys)
• Not to promote p0rnography (seriously) - don’t ask me how
10. #! satellite hobbyist hardcore pack
• Satellite receiver
• C (4 - 8 GHz)/ Ku (12 - 18 GHz) Band satellite dish
• Ant Cables / TV Cables
• Monitor / TV
• Smart Cards
• Internet connection
• Routers
• Satellite Finder (Digital / Analog)
• Umbrella (it’s freakin hot setting up the dish)
• LNB (Ku / C band)
• PCI DVB-S2 Digital Satellite Tuner Card for PC
11. #! PCI DVB-S2 Digital Satellite Tuner Card
for PC (Sample)
12. #! sat frequencies and bands
• reference:
http://www.inetdaemon.com/tutorials/satellite/communications/frequency-bands/
13. #! sat frequencies and bands
• reference:
http://www.esa.int/spaceinimages/Images/2013/11/Satellite_frequency_bands
22. #! if there is a shell or web interface, there
is a way
23. #! access me
• Dreambox -> root : dreambox
• Some Linux-based satellite receivers have telnet access (try
bruteforcing root : root)
• Most Linux-based satellite receivers which have Enigma2 firmware
have FTP
• Try the Web UI
• Most don’t have HTTPS :)
• Card sharing credentials / info are stored in plaintext
• dvbsnoop - DVB / MPEG stream analyzer program
(http://dvbsnoop.sourceforge.net/ or opkg update && opkg install
dvbsnoop)
25. #! getting the CCcam information of a box
• https://github.com/shipcod3/cccam-info
26. #! How do I crack a pay-per-view
• How Do I Crack Satellite and Cable Pay TV -
https://www.youtube.com/watch?v=lhbSD1Jba0Q
• Search for Alternative Channels from other Satellite TV’s that are
free (satellite feed hunting)
• Card Sharing (Illegal)
• Watch Streaming videos (yeah but we wan’t a better one right)
• and ……
27. #! Manny Pacquiao Pay-Per-View for free
last year
• CAID: 2600
Palapa D (113.0°E)
Channel: TVONE
3786 H 5632 (MPEG2/$)
SID: 0001
Provid: null
Even CW: 00 22 66 88 33 55 77 FF
ODD CW: 00 22 66 88 33 55 77 FF