Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Adam Laurie - $atellite Hacking for Fun & Pr0fit!

2,261 views

Published on

Published in: Technology
  • Be the first to comment

Adam Laurie - $atellite Hacking for Fun & Pr0fit!

  1. 1. $atellite Hacking for Fun &  Pr0fit! Adam Laurie adam@algroup.co.uk http://rfidiot.org   
  2. 2. Who Am I? ● Open Source developer / researcher – Bluetooth – RFID – Full Disclosure / White Hat! ● Freelance research / training / lecturing   
  3. 3. Why Now? ● Jim Geovedi & Raditya Iryandi – Hacking a Bird in The Sky ● Old Skewl – Started doing this in late 90s. – So, err... why did it take so long to publish?   
  4. 4. Feed Hunting ● Look for interesting satellite feeds – Scan all satellites – Scan all frequencies – Report on mailing lists / forums   
  5. 5. Poking in the dark   
  6. 6. Poking in the dark   
  7. 7. Poking in the dark   
  8. 8. Poking in the dark   
  9. 9. There must be a better way! ● Visualisation is your friend – Human Brain likes images ● Recognise food ● Recognise danger ● Recognise friends ● Recognise enemies   
  10. 10. Visual Representations   
  11. 11. Visual Representations   
  12. 12. Visual Representations   
  13. 13. Time travel – day 1   
  14. 14. Time travel – day 2   
  15. 15. That was then... ● Proprietary control systems – Undocumented ● Reluctant manufacturers – Special hardware / interface converters ● Motor Control ● Signal Status – to RS232 – Expensive receivers   
  16. 16. This is now... ● Open standards – DVB Cards – Embedded Linux Receivers ● Dreambox – Tuxbox based – GPL source code – Cross compilers – Alternative firmware ● http://www.i­have­a­dreambox.com – http://www.dream­multimedia­tv.de/   
  17. 17. This is now... ● Web Interface – Select programming – Steer dish – Examine feed properties   
  18. 18. Web Interface   
  19. 19. Stream Info   
  20. 20. Stream Info   
  21. 21. Youve got to know how to grab it...   
  22. 22. Stream Info ● dvbsnoop ­ DVB and MPEG stream analyzer – “WireShark for DVB” – Access to raw data from DVB card – Decode known PIDs  http://dvbsnoop.sourceforge.net   
  23. 23. Stream Info   
  24. 24. Stream Info   
  25. 25. Stream Info   
  26. 26. Stream Info   
  27. 27. Stream Info   
  28. 28. Stream Info   
  29. 29. Stream Info   
  30. 30. Stream Info   
  31. 31. Stream Info   
  32. 32. Taking over the Dreambox ● Avoid programming – Analyse config files – Tools to tweak and update – Use existing Web Interface URLS – Use remote tools via IP ● ssh / scp ● dvbsnoop ● tun/tap   
  33. 33. Taking over the Dreambox   
  34. 34. Taking over the Dreambox   
  35. 35. dreaMMap ● python (yay!) script – Grab URL – Read status from returned webpage – Create 3D model   
  36. 36. This is now...   
  37. 37. This is now...   
  38. 38. 3D model capabilities ● Point & Click – Steer to sat/freq – Decode DVB/Audio within model – Read Text / EPG – Pipe datagrams to Wireshark   
  39. 39. Demonstration   
  40. 40.    
  41. 41.    
  42. 42.    
  43. 43.    
  44. 44.    
  45. 45. Equipment List ● Dreambox 7020 – £250 ($350) ● Dish – £50 ­ £200 ● Motor & Mount – £100 ● Total = £550 ($785)   
  46. 46. Questions? http://rfidiot.org adam@algroup.co.uk   

×